Overview
User access in the OneStock platform is managed across three platforms: Store App, Order Management Center (OMC aka backoffice), and API. Users can be granted access to one or more of these platforms.
Users can be managed from the Order Management Center or from the Store App:
From the Order Management Center you are able to create, edit and delete users across the whole of OneStock. You will be able to gran access to Store App, Order Management Center and API as well.
From the Store App, you can only manager Store App users with individual access to the store you are logged at.
Management from the Order Management Center
| Panel | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
The “Users” page is only accessible to |
Access is granted per site and application. Rights per application depend on the role that is assigned to the user. Details about rights are detailed per application:
If a Store App user does not have an email for login credentials, a new user account with an email login must be generated to provide access to the OMC.
Multiple Site access
A user can have access to multiple sites. To grant access to a new site, you need to be logged in with a user who already has access to one of the existing sites the user is authorized to access. Simply click on the "assign site" button and provide access to the new site.
Store App Access
Store app access details are provided in the following table.
Store App Roles
| Info |
|---|
Green = Full access (write) Blue = limited access (read only) Red = No access |
Rank | Store App role | API Key | Can access the store app | Can create & manage users in store |
0 | Vendor manager |
|
|
|
1 | Vendor |
|
|
|
Access to all stock locations or some
Access can be granted to all stock locations or to a specific list.
Order Management Center (OMC) Access
OMC access details are provided in the following table.
Order Management Center Roles
| Info |
|---|
Green = Full access (write) Blue = limited access (read only) Red = No access |
Rank | Backoffice roles | API Key | Analytics | BI suite | Orders | Stock | Buffers | Items | Stock locations | Orchestration
| Workflows | Delivery
| Users | Configuration |
0 | Client Admin |
|
|
|
|
|
|
|
|
|
|
|
|
|
1 | Client Headquarters |
|
|
|
|
|
|
|
|
|
|
|
|
|
3 | Client Retail Director |
|
|
|
|
|
|
|
|
|
|
|
|
|
4 | Client Customer Services |
|
|
|
|
|
|
|
|
|
|
|
|
|
5 | Client Customer Services Configuration Manager |
|
|
|
|
|
|
|
|
|
|
|
|
|
6 | Client Configuration Manager |
|
|
|
|
|
|
|
|
|
|
|
|
|
7 | Client Viewer |
|
|
|
|
|
|
|
|
|
|
|
|
|
8 | Client Viewer Limited |
|
|
|
|
|
|
|
|
|
|
|
|
|
9 | Client Customer Service Analytics |
|
|
|
|
|
|
|
|
|
|
|
|
|
10 | Client Analytics Viewer |
|
|
|
|
|
|
|
|
|
|
|
|
|
Access to all sales channels or some
Access can be granted to all sales channels (default) or limited to a list of sales channels.
Impact of Sales Channel Limitations:
Orders Page: Only displays orders from accessible sales channels.
Analytics: Only displays data for accessible sales channels.
Stock Page: Only shows stock queries for accessible sales channels.
API Access
API Roles
| Info |
|---|
Green = Full access (write) Blue = limited access (read only) Red = No access |
Rank | Backoffice roles | API Key | All public routes in the API Portal |
0 | API User |
|
|
API access is divided into two common use cases:
External Systems: Interact with OneStock through API.
Recommendation: Create a user with basic authentication.
Human Users: Interact with OneStock through API.
Recommendation: Assign both Order Management Center access and API access. Authentication can be either basic or SSO.
Security
Users can be configured with:
Basic Authentication: User passwords stored in OneStock.
Single Sign-On (SSO): A more secure option allowing authentication policies to be managed through a dedicated Identity Provider. Learn more about SSO here.
Accessing API as an SSO User
If you are a user with both access to the Order Management Center and API, and you authetication is setup to SSO, you can easily communicate with OneStock through API thanks to a long duration token. You will just have to pass the long duration token in your API calls in the token field.
Generating a long duration token
Generate a long-duration token from your information page in the OMC.
The token is displayed only once; store it securely.
Ensure the user has both OMC access and API access for this feature to be accessible.
Disable
a user users on the fly and enable them back when you see fitIf you are working with an integrator that requires access only at specific moment, you can simply disable his user and enable it when he should be able tousers
Easily disable or enable a user’s access to OneStock as needed.
This feature is ideal when working with external integrators who require access only at specific times. You can disable their user account and re-enable it when they need access again.
Important: disabling Disabling a user will revoke revokes all access to OneStock as a whole. Once disabled, the user will no longer be able to access , including the OMC, SA, and API (he . The user will be logged out on the spot)immediately upon disabling.
Constraints
User Login Modification: Cannot be modified after creation; it persists throughout the user lifecycle.
Email Requirement: A user must have an email as their login to be granted rights to access the OMC. If a Store App user lacks an email login, a new user must be created.
Multi-Site User Modification: In a multi-site scenario, if you want to modify the list of sales channels or stock locations for a user with access to multiple sites, you need to be logged into the specific site you want to modify. For example, to make changes for Site Fashion Market, you must be in Fashion Market in the OMC. You cannot make this modification from another site, even if you have access to both sites.