Create user accounts
Add user accounts and assign roles
- While logged in into the Nexus portal, click on the Identity Accounts menu item in the Settings section
- Click on the Create User Account button on the upper-right side of the panel
- Enter the required information and assign the user account to one or more roles, depending on the permissions you want to grant.
Permissions, roles and accounts
Nexus offers a standard user account management model, allowing the system administrator to authorize user accounts for specific tasks they can carry out in the system. Such model is based on the following concepts:
- Permissions: these are the low-level granular permissions offered in the system, such as the creation, view, update and deletion of different entities.
- Roles: every role gathers a set of the above mentioned permissions. A classic example of this is the Administrator role, which usually has the broader set of permissions amongst the users of a platform.
- Accounts: a user account can be assigned to one or multiple roles. For instance, a user account could be assigned the role of Assistance Issuer that provides access to support features, as well as the Operator role, which provides access to operational features.
All user accounts will be able to access their own details, including roles and therefore permissions assigned to them. However, only a user account assigned to a role that includes user management permissions will be able to modify these values for all the other users of the platform.
Available roles
By default, an Administrator account is automatically created in your new Nexus instance. This role includes the broadest set of permissions, including the whitelisting of addresses and user and service account management.
The system provides a set of default roles which you can assign to new user accounts.
IMPORTANT
The _Administrator_ role has the broadest set of permissions, although the most sensitive settings are still under the control of Quantoz. We suggest assigning this role to a few trusted user accounts in your organization, to avoid potential losses or fraud.
Main roles
The following table lists the default roles and a summary of the operations they are allowed to perform on Nexus. For a more detailed list of the permissions assigned to a role, you can click on the Identity Accounts menu item in the Settings section and then navigate to the Roles section.
| Role | Description |
|---|---|
| Administrator | Full read and write access to the portal, minus the Whitelisting, Users and API Clients roles listed in the table below. |
| Auditor | Full read-only access to the portal, including reporting features. |
| Compliance | Full read and write access to customers, accounts, transactions, trust levels and compliance settings. |
| Operator | Full read and write access to the customers, accounts and transactions features except the manual buy/funding, trust levels and compliance settings. |
| Support | Read-only view to the customers, accounts and transactions parts of the portal. |
| Trader | Read and write permissions on the execution of trades and transfers in the traderoom. |
| Treasurer | Read-only view to the traderoom, balances and finances parts of the portal. |
Feature-driven roles
On top of these main roles, we created the following feature-driven ones to allow more flexibility in the assignment of permissions to specific users.
| Role | Description |
|---|---|
| API Clients | Manage keys/secrets for API connection with Nexus. |
| Manual buy/funding | Allows the execution of manual buy transactions and funding payments. |
| Users | Manage users and assigns roles to them. |
| Whitelisting | Creation and whitelisting of external crypto-addresses (related to transfers and customer accounts addresses). |
WARNING
The Users feature-driven role can also change the permissions of the aforementioned roles and create new ones. Therefore it is advised to assign this one in consultation with your security officer.
NOTE
The user accounts and roles you assign should reflect the reality of your organization. Keep in mind that the correct assignment of roles is key for secure operational activities.