Several different functions/profiles (roles) generally exist in a company. An accountant, for instance, does not perform the same operations as a payment encoder or a technical integrator. Logically, you want to grant only the necessary access rights for each individual who uses your account, and on top of that, track which user has performed which operations.

The User Manager option allows you to assign a specific profile to each user and to give him the access rights he needs to fulfil his function. The User Manager is an additional service available for all products.

With the User Manager you can:

  • Configure several users under one account
  • Manage the profile and access rights of each user
  • Avoid critical mistakes by payment encoders
  • Trace the actions of each user (e.g. number of transactions per day)
  • Limit users to see only their transactions
  • Easily manage access rights for temporary staff
You can access the User Manager in your PostFinance account menu by selecting “Configuration" > "Users".

1. Number of users

The number of available users depends on the subscription you choose:

  • PostFinance Basic / PostFinance Professional: Up to 5 users
  • PostFinance Professional +: Up to 20 users

In case you are using the PostFinance Professional + package and would like to set up more than 20 users please contact our customer care Merchanthelp.

The number of available users depends on the exact User Manager option that you select. User Managers are available for up to 5, 10, 20, 50, 100 or 200 users.

2. User profiles

The main user profiles supported by the User Manager are:

  • Viewer
  • Encoder
  • Super-encoder
  • Super-encoder without refund
  • Admin without user manager
  • Admin
  • Helpdesk admin

2.1 Admin

An Admin user has full access rights.

Each time an account is created, a default user is automatically generated as well (the UserID of this default user is identical to the PSPID); this default user has an Admin profile. You can of course also create other Admin users.

An Admin user is the only user who has the permissions to change the account configuration.

2.2 Admin without user manager

The Admin without user manager has the same access rights as the Admin, except he does not have access to the User Manager option.

2.3 Encoder

An Encoder can submit a new payment via the “New transaction” link in the account menu or via DirectLink.

2.4 Fraud analyst

A Fraud analyst can edit blacklists/whitelists, review the scoring of transactions, and dispute transactions.

Note: For this user profile to function properly, you have to tick "Fraud detection" in the user's access rights.

2.5 Fraud manager

A Fraud manager can edit all relevant fraud detection configuration pages, edit blacklists/whitelists, review and dispute transactions, etc.

Note: For this user profile to function properly, you have to tick "Fraud detection" in the user's access rights.

2.6 Fraud viewer

A Fraud viewer can view various Fraud detection configuration pages, but not edit anything.

Note: For this user profile to function properly, you have to tick "Fraud detection" in the user's access rights.

2.7 Helpdesk-admin

The Helpdesk admin only has access to the "User Management" page in the account.

Fore more information, go to User permissions overview for the various profiles.

2.8 Super-encoder

A Super-encoder can not only submit new transactions, but also perform maintenance operations on existing transactions. He can also upload payment files and download transaction reports.

2.9 Super-encoder without refund

The Super-encoder without refund has the same access rights as the Super-encoder, except he is not able to perform refunds or cancel authorisations. This profile allows you to grant permission to perform data captures only, but not to perform refunds or delete payments.

2.10 Viewer

The viewer profile is an ideal profile for an accountant. A Viewer can display or query transaction statuses and reports, but cannot change or submit anything. This is a read-only access profile.

3. User types

There are two types of users:

  • back-office user (= ADM user)
  • applicative user (= API user)

3.1 Back-office user (ADM user)

A back-office user (ADM user) is a user who has access to the PostFinance account via the website.

A back-office user has to change his password every 90 days. He will be notified in a timely matter, with the possibility to directly change his password. However, at any given time the user can change his password via "Configuration" > "Password" in the top menu of the back office.

3.2 API user

An Application Program Interface (API) user is a user specifically designed to be used by an application to make automatic requests to the payment platform (automatic file upload/download, direct payment requests, etc.). PostFinance always creates these users in the format API<identifier chosen by merchant> (without the special characters <>).

Even though for an API user the various user profiles are available, we strongly recommend you to configure this user with the "Admin" profile. If you want to limit the rights for maintenance of transactions (refunds, cancellations etc.), you can still change the user profile to "Encoder".

If you are not sure, we recommend you to choose the "Admin" profile, otherwise go to User profiles for more information.

The password of an API user does not have to be changed on a regular basis. This is more convenient when the password has to be hard coded into your application. However, we recommend you to change the password from time to time.

To change an API user's password:

  1. Select the “Users” link in your account menu
  2. Use the "Change password" button for the applicable API user. You will be redirected to a page where you can change the password. Also, at the creation of a new API user you will have to configure the password on this page.

For security reasons, an API user is not granted access to the account administration module, i.e. the user cannot log on to the back office.

4. User management

On the User Management page, you can:

  • create new users
  • manage users’ passwords
  • deactivate users that are no longer active in the company
  • edit user details

The permitted number of users is displayed on the "User Management" menu page. Once the permitted number of users has been reached, the “New User” button will be disabled.

4.1 Create a new user

You can create a new user by clicking the “New User” button on the User Management page. The form that is displayed must be completed in order to submit a new user.

4.1.1 Pre-initialised details

The form contains three pre-initialised data fields:

  • REFID: name of entity the UserID is linked to (e.g. for a merchant his PSPID).
  • User Type: type of entity the UserID is linked to (e.g. for a merchant: “PSPID”).
  • User created by: the UserID of the user creating this new user / his user type / his REFID.

4.1.2 User details

The user details that need to be completed are:

  • USERID: the UserID (username) for the new user (min. 3 and max. 20 characters long, no spaces or special characters).
  • User’s name: the new user’s full name.
  • Email address: the new user’s email address (if in future a new password is triggered for this user, it will be sent to this email address).

4.1.3 Time zone

With the creation of a user, automatically the time zone of the PSPID is applied. Afterwards, the user can configure the time zone of his choice.

The time zone that the user chooses is applicable for all the back-office pages where the time is relevant. This way the user can also view and download transactions and files/reports in his own preferred time zone.

Moreover the time can automatically be adjusted to daylight saving changes, by selecting the same option.

4.1.4 Profile

See User profiles.

4.1.5 Scope limited to user

This can only be configured for the following profiles:

  • Encoder
  • Super-encoder
  • Super-encoder without refund

If enabled, Encoders will only be able to see and access transactions they have entered/initiated themselves. They will not be able to see/access any transactions entered by other users.

If enabled, the Super-encoders will only be able to see, access and perform maintenance operations on transactions they have entered/initiated themselves except for maintenance operations that are submitted via file upload. They will not be able to see/access/perform maintenance operations on any transactions that other users have entered.

4.1.6 Special user for API

If you want to create an applicative user (API user), you have to enable this option. The user you create will only be permitted application access and not back-office access via the website. You should create this user in the same format as PostFinance: API<identifier chosen by merchant> (without the special characters <>).

4.1.7 Access rights

The Reconciliation, Fraud detection, Payment methods and Technical information access rights can be enabled with their respective checkboxes.

These options can only be configured for the following profiles:

  • Viewer
  • Admin
  • Admin without user management

You can submit the user settings you entered by clicking the “Create” button. If any of the information has been incorrectly filled out, an error message will be displayed. Instead of the newly created user being sent his first password by email, a screen will be displayed showing the password our system created for him. This password can then be communicated to the new user.

4.2 Password management

You can send a new password to a specific user by clicking the “Send new password” button. The new password will be sent to the email address configured in the user’s details.

You cannot assign a new password to the user you logged on with yourself, or to the account’s default user.

If the account’s default user has lost his password, he can only request a new password via the “Lost your password?” link on the login page. On the next page, he should complete the PSPID and click the “Submit” button. An email containing a new password will be sent to the account's administrative e-mail address.

For API users there is no “Send new password” button. To change an API user's password, you have to use the "Change password" button. You will be redirected to a page where you can change the password manually.

For added security, you can also activate or deactivate two-factor authentication (2FA). Click here for more information.

4.3 Active / Inactive user management

PCI compliancy and security rules prevent us/you to permanently delete users. However, with an Admin user you can de- /reactivate users anytime via the following path:

  • Configuration > Users
  • Select Deactivate / Activate for the respective user.

Inactive users are no longer allowed to log to our platform and are no longer taken into account for the maximum allowed users.

You can get a full overview on existing users in your PSPID by using the drop down menus “Status”/“Profile” and clicking on SEARCH.


IMPORTANT: Automatic user deactivation after 60 days of inactivity

  • To prevent illicit access to your PSPID, our system will automatically put any user that has not logged on to our platform for more than 60 days to status “inactive”.

  • Please make sure to inform all your users that the Admin user can reactivate their account in case of prolonged inactivity.

  • An admin user will have to contact our customer care team to activate his/her account.

4.4 Edit user details

To change a specific user’s details, you can click the “Edit” button next to that user. In the case of the default account user, only the name and email address can be changed.

4.5 IP address

To protect against unauthorized access to the Back-Office merchant accounts, users can give access to a specific IP address (or list of IP addresses) by registering the address(es) in the IP address field.

Users must log in using their account in order to configure this field. The IP address field is in Login Access under the Configuration > Users tab.

4.5.1 IP address user restrictions

Users will not be able to connect to the Back-Office if the IP address does not exist in the defined range.

However, if the IP address field is left blank then there will be no IP restrictions to the Back-Office.

The IP address of the administrator configuring the IP range must also be included in the defined range. Otherwise, the administrator will receive an error message and the IP address will not be saved.

4.5.2 IP address format and value

A strict IP address format must also be followed:
  • CIDR compliant, for example:
  • Have a maximum length of 512 characters.
  • If you want to register multiple IP addresses, semi-colons must be used to separate them.

5. User login

To log in as a user, you need to use the login form with the following three fields:

  • "UserID"
  • "PSPID (Optional)"
  • "Password"

If the login form with two fields (PSPID and Password) is displayed, you can switch to the login form with three fields by clicking the "Login as user" link below the login form.

6. User tracking for transactions

The payment details of a transaction include an “Encoded by” field. This field contains the UserID/PSPID/User type of the user who encoded the transaction. This field is not visible for users who have been configured with a scope limited to user in their user details.

To display all the transactions encoded by a specific user, select the user from the "Encoded by" drop-down list in the advanced selection criteria for “Financial history” and “View transactions”.

7. User permissions overview

R = read (rights to view), W = write (rights to change/submit), bold = has to be configured in the user details
Viewer Encoder Super-encoder Super-encoder without refund Helpdesk Admin Admin Admin without user manager
Account Contact info languages/URL/currencies R R R R R W R W
Account Subscription/option R W R W
Account Billing info R R
Payment methods R R W R W
Users R W R W
Support R W R W R W R W R W R W R W
Technical information R R W R W
Error logs R R R R R R R
Fraud Detection Module R R W R W
Financial history R R R W R W R W R W
New transaction R W R W R W R W R W
View transactions R R R W R W R W R W
New file R W R W R W R W
View files R W R W R W R W
Electronic reporting R W R W R W R W R W R W R W
Alias Manager R R R R R W R W

7.1 Fraud detection profiles

Note: For these user profiles to function properly, you have to tick the "Fraud detection" checkbox in the user's access rights.

R = read (rights to view), W = write (rights to change/submit)
Fraud analyst Fraud manager Fraud viewer
Fraud detection page R R W R
Fraud detection page: FDMA configuration & risk lists R R W R
Fraud detection page: 3-D Secure configuration R R W R
Fraud detection page: Blacklists/Whitelists R W R W R
Scoring details page R R R
Scoring details page: fill dispute + Blacklists/Whitelists R W R W -
Score details page: review transactions R W R W -