Accessing the Backoffice
How to access the Backoffice
Last updated
Was this helpful?
How to access the Backoffice
Last updated
Was this helpful?
Never share your login information. Users can each have individual credentials.
WHO CAN USE THIS FEATURE?
Operators who possess an active account and appropriate credentials are granted access to all or specific back-office functionalities. Vendors and customers are not authorized to access the back office.
Upon the creation of your Operator account, an official notification email will be dispatched to you. This email will include essential details such as the Back-office URL, providing you with access to the platform.
For enhanced security measures, SCND employs a dynamically generated URL for accessing the back office (e.g., yourdomain.com/randomlygeneratedstring). This URL is established during the initial setup of the platform by configuring the "second_admin_alias" parameter. Subsequently, administrators can modify this string via the "Parameters" interface within the Backoffice: Parameters
Changing the URL access string affects all users. You will have to share the new URL with them, without which they will no longer be able to access the back office.
Upon the initiation of the platform, the inaugural user is endowed with the utmost level of permissions, assuming the role of super-administrator by default. This designation is established during the initial setup process. Detailed instructions for configuring the initial user account can be found in the technical documentation.
Spoofing alert: always confirm that the URL you’re viewing corresponds to the URL of your Backoffice login page before entering your credentials.
When accessing the Back office, a login form is displayed:
As a user, you'll find an account creation notification in your email inbox, corresponding to the email address associated with your Back office account. This notification serves as a confirmation of your recent account setup.
When you first log in, you will be prompted to create your own password. This password will be set by you and will be used for future logins.
To recover your password, click on the “Forgot your password ?” (figure 2) link beneath the login form:
Enter your email address to receive an email containing a link to reset your password:
Do not forget to check your spam if you do not see the email in your main inbox.
Password policy: for security purposes a strong password policy is enforced. Password requirements:
Two-factor authentication (2FA) is a specific type of multi-factor authentication (MFA) that strengthens access security by requiring two methods (also referred to as authentication factors) to verify your identity.
We highly recommend that all Backoffice users activate 2FA authentication
To set up the 2FA for your account, log in into the back office and click on the avatar menu. You will see in the menu the “Two-factor authentication” (figure 4 ).
Once the 2FA is configured you will have 2 steps to login into the back office.
Enter your credentials
Fill in the 2FA 6-digit code generated to be able to login into the back office (figure 6).
You can remove the 2FA authentication on the back office by clicking on the “remove” button (figure 11), in the Two-factor authentication menu.
Please view the Administrator Management page to see how to delete an account.
SBO:
After the initial setup, access to the back office is granted solely to the Super-administrator. Acting as the primary account holder, the Super-administrator assumes the responsibility of and extending for collaboration within the back office environment.
The number of password requests is limited. The rate limit can be viewed and changed through the interface.
Password strength policy can be adjusted through the interface.
You will need to install an on your smartphone to follow this procedure (ex. Google Authenticator).
Scan the QR-code with your (not just a QR code scanner), this will generate a 6-digits code which will be displayed on your device. Enter the code in the “6-digit code” field and click “Add” (figure 5) to enable the two-factor authentication for your account: