OwnPay does not allow self-registration — every staff member who needs access to the admin dashboard must be explicitly invited and created by the super-administrator or a user with theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/own-pay/OwnPay-Documentation/llms.txt
Use this file to discover all available pages before exploring further.
manage_staff permission. This design ensures that access to sensitive payment data is always deliberate and auditable. Each staff account is scoped to specific brands, carries a defined role, and can be suspended or deleted at any time without affecting transaction records.
There is no public sign-up page for staff. If a team member tries to access the admin dashboard without an existing account, they will see a login screen with no self-registration option. An administrator must create their account first and provide them with credentials.
Navigating to Staff
In the OwnPay admin dashboard, expand the PEOPLE section in the left sidebar and click Staff. The staff directory opens, showing all team members configured under the active brand.Staff Directory Overview
The staff table displays key details for each team member at a glance:| Column | Description |
|---|---|
| Name | Display name of the staff member. |
| Login email address used for authentication. | |
| Role | Assigned role (e.g. Owner, Manager, Support). |
| 2FA | Two-Factor Authentication status — ON or OFF. |
| Last Login | Timestamp of the most recent successful login. |
| Status | Account state — active or suspended. |
| Actions | Edit opens the full staff profile to update details, reset password, or change role. |
Inviting a New Staff Member
Click + Add Staff
On the Staff page, click the + Add Staff button in the header to open the creation panel.
Enter the staff member's name and email
Fill in their Name (e.g.
Sarah Chen) and Email (e.g. sarah.chen@yourcompany.com). The email becomes their login username and the address where initial credentials are shared.Set a strong initial password
Enter a temporary Password of at least 8 characters, including numbers. Communicate this password to the staff member securely and ask them to change it on first login.
Assign a role
Open the Role dropdown and select the appropriate role for this staff member (e.g.
Owner, Finance Manager, or a custom role you have defined). The role determines the default set of permissions the user inherits.Fine-tune individual permissions (optional)
If the selected role grants more access than needed, uncheck specific permissions in the Permissions grid to restrict access. Conversely, if the role is slightly too restrictive, check additional permissions to grant those specific capabilities without changing the base role.
Assigning Staff to Specific Brands
A staff member must be explicitly assigned to each brand they need to manage. Without a brand assignment, they will not see transactions, customers, or reports for that storefront — even if their role technically permits it. To assign brand access:- Open the staff member’s Edit form.
- Locate the Brand Access section.
- Check the brands this staff member should be able to manage.
- Click Save.
Standard staff members cannot switch to other brands unless their profile explicitly grants multi-brand access. This isolation prevents accidental cross-brand data exposure in multi-tenant environments.
Staff Roles and Permissions
Staff permissions are resolved in two layers:- Role defaults — The role assigned to the staff member provides a baseline set of permissions (e.g. the
Supportrole might includeview_transactionsandview_customersonly). - Individual overrides — Specific permission checkboxes checked on the staff profile override the role defaults, either granting additional access or restricting it.
Staff Form Fields Reference
| Field | Required | Description |
|---|---|---|
| Name | Yes | Full display name of the staff member. |
| Yes | Login email address. Must be unique across the platform. | |
| Password | Yes | Initial password. Minimum 8 characters, must include numbers. |
| Role | Yes | Base role that defines default permission inheritance. |
| Permissions | No | Individual permission flags that override role defaults. |
Deactivating a Staff Account
To temporarily suspend a staff member’s access without deleting their account:- Open the staff member’s Edit form.
- Change Status from
ActivetoSuspended. - Click Save. The staff member’s session is invalidated immediately and they cannot log in until the status is restored.
Best Practices
One account per person
Never share the Owner account credentials. Create a dedicated account for each team member so actions in the Audit Log are traceable to an individual.
Enforce two-factor authentication
Require all staff to enable 2FA from their account profile settings. Accounts with 2FA disabled are flagged in the staff table for easy identification.
Apply least privilege
Only grant the specific permissions each staff member needs for their role. A support agent handling customer queries rarely needs gateway management or webhook access.
Suspend to revoke access
Suspend an account to immediately revoke dashboard access. Suspended accounts retain their role assignments and activity history and can be reactivated if needed.