Users - Products

Introduction

Products are sets of rules and permissions that can be assigned to group-sets, groups, and individual users. The products determine what a user can do when he is logged in. A typical product setting is to give a user the rights to publish advertisements or make payment from a certain account.

Products are 'accumulative', all permissions are combined in a single 'active' product (which can be viewed from the user profile page). If there are duplicated permissions the least restricted permissions is applied.
The permissions for administrators are usually defined in the admin group (permissions tab), however, it is also possible to create admin products (just like member and broker products). For systems with many admin groups that need to share the same permissions, it can be useful to create admin products and aggregated them to the admin group (in the permissions tab > Shared products). This will avoid duplicate permissions and keep the permission structure organized.

Business rules

Product types
There are three types of products:

Administrator product (in group - permissions, and it is also possible to create an admin product)
Broker product
Member product

Member and broker products can be assigned to (non administrator users):

Group sets
User groups
Individual users

A diagram with the product related entities can be found at this page Architecture - Logical design

Combining products

Multiple products can be added to a group, group set or individual user.
The group of the user determines the user's role. Member groups can only have member products assigned. Broker groups can have both broker and member products assigned.
When a user has more than one products it has the (accumulative) permissions of both products. When a product is more specific in general the broadest option is taken. E.g. when one product allows the user to have 10 images and the other 20 images, the user is allowed to have 20 images.

The combined (active) product for a group or group set can be viewed at the product tab in the group and group set pages, and also at the user management page (User management - Products).

Creating & assigning products
A product can be assigned to a user in three ways.

Adding a product to the group of the user (a user always belong to a group)
Assigning a product to a group set (group sets contain groups)
Assigning a product to an individual user (at the user management page - Products)

It is advised to use group and group set products as much as possible, and individual products only for specific cases.

Account creation & assigning
System accounts are never 'assigned' to users, that is, administrators do not 'have' system accounts, but can be given access to system accounts. System accounts are directly created (in the database) when the system account type is created in Cyclos. 'Member' accounts are different. When an admin creates a member account (in System - Account configuration - Account types) this is just serves as type (or 'template'). The next step is to select an account in a member product, and finally, to assign that product to a group set, group or individual member. The actual member account is created (in the database) only at a later moment, when the account will have a transfer or credit limit, but members with a product account will already own that account. A member product can only have 1 account and it is not possible to change the account in a product after it has been created. In cases where members need to have various accounts, a specific product will need to be created for each account.
It is best practice to minimize the settings in the products that have the accounts, and put other product settings as much as possible in a main (shared) product (to avoid the duplication of settings and permissions).

Unassigning products
When a product is unassigned from a person/group/groupset, the person or group may not have access anymore to certain Cyclos features. There are two ways to unassign a product from a user:

When the product is directly unassigned
When the user is put in another group that has different product(s) assigned (see Users#Group_change).

Products must be unassigned at the level they were assigned. This means you cannot unassign a product on an individual level, if that product is assigned to the group the member belongs to. Unassigning a product does not always result in users losing accounts, because a user could have another product assigned with the same account (this is considered bad configuration, but it some rare cases it could be useful). However, generally when a product with an account is unassigned the user(s) will lose the account. A product cannot be unassigned from a user when the accounts has a non-zero balance, except that the account type has configured a transfer type to dispose balances.

When an account is removed because of product unassinging, or when a member is placed in an other group (that does not have the account) the following internal actions happen:

if the user is logged in he will be disconnected
all user's webshop orders with the currency associated with the account with any pending status will be set to OrderStatus.CANCELED. This involves other rules for the Order which apply when a Order is canceled, but this is the task of the OrderService.cancelOrder method. The actions of this method are:
- return reserved amount buyer
- return reserved articles to stock for seller
- notify both seller and buyer with the following message: "The order <order number> was cancelled. Contact the administrator for more information."
delete all user's webshop orders which are still in a shopping cart, but which haven't been processed yet (In future, we will give orders like this a specific status which hasn't yet been designed at this moment)
- buyer will not be notified for lost shopping cart orders
cancel all scheduled payments to the account being lost
notify other involved users in the latter.

- Currency loss: If, because of the account loss, the user also has no longer access to the currency of this account:

set all ads which refer via their price to this currency to status DISABLED
disable all user's delivery methods referring to the currency

- Broker role loss: when moving the user from a broker group to a member group:

remove all brokerings
notify relevant users of this.

In case of any broker roles involved in the old product set:

update broker commissions

- Loss of card types:
All cards of the type should be canceled.

Notifications

Users are not notified users about changes in their product, because these are considered configurational.

Products search

Fields	Type	Rules
Filter by Types	Multi selection	Allows admin to filter by: Administrator, Member, Broker.
Filter by groups	Single selection	Allows the admin to show only the products that are assigned to a certain group or groupset. Show all groups that are visible to the admin Uses the default widget in which groups and groupsets can be selected Default value "all"
User account	Single selection	Allows admin to filter by: "User account type". This search is only useful when more than one products with the same account exist.
Product name	Text	Allows the admin to search on a product with a specific name.
Individual assigned products only	Boolean	When selected only individually assigned products are showed. Only visible in "Advanced" mode
Advanced search	Action button	Shows advanced search filters. Displayed on the left Show only while is in "Simple search" mode
Simple search	Action button	Shows only the simple search filters. Displayed on the left Show only while is in "Advanced search" mode
New	Multi action button	Create a new product or the selected type. Possible values are: Administrator, Member or Broker Displayed on the left (first item)

Search result (list *) * Automatically shows all products, sorted by type (administrator, member, broker) and then sorted by name alphabetically.

Fields	Type	Rules
Name	Text	The product name.
Type	Text	The product type (administrator, member, broker).
User account	Text	Shows the assigned user account (if any)
Product row	Row	On click, show the "Product Details page"
Delete	Icon (trash bin)	Removes the product. It will ask for a confirmation and removes the product.

Member product

Fields	Type	Rules
Basic
Type		This is a shared field. Click on the link the fields column to jump to the explanation.
Name		This is a shared field. Click on the link the fields column to jump to the explanation.
Internal name		This is a shared field. Click on the link the fields column to jump to the explanation.
Description		This is a shared field. Click on the link the fields column to jump to the explanation.
Product is used by groups		This is a shared field. Click on the link the fields column to jump to the explanation.
Product applied to channels		This is a shared field. Click on the link the fields column to jump to the explanation.
Product applied to identification methods		This is a shared field. Click on the link the fields column to jump to the explanation.
Accessibility and visibility of groups and users
Accessible user groups		This is a shared field. Click on the link the fields column to jump to the explanation.
Specific accessible user groups		This is a shared field. Click on the link the fields column to jump to the explanation.
Search users on groups	Single selection	Allows the users to see groupsets and or groups in the users profile and in the users search. Hiden if "Accessible user groups" value is "None" Options: None Own group Own group set Specific groups All accessible groups
Groups allowed on search	Multi selection	Here you can define the users of the groups that can be searched for. Selecting groups with this setting does not mean that the groups names will be available as search filters. This can be set in with the setting further below (Group field and filter visibility) Only visible when "Search users on groups" value is "Specific groups" Required
View user profile on groups	Single selection	Hidden if "Accessible user groups" value is "None" Required Options: None Own group Own group set Specific groups All accessible groups
Groups for view profile	Multi selection	Only visible if "View user profile on groups" value is "Specific groups" Options: all available groups
View user directory (map) on groups		This is a shared field. Click on the link the fields column to jump to the explanation.
Groups for user directory (map)		This is a shared field. Click on the link the fields column to jump to the explanation.
Profile fields of other users		This is a shared field. Click on the link the fields column to jump to the explanation. Available permissons (in rows from left to right): Visible User filter User list User keywords Map filter Map result Advertisement filter Advertisement keyword
Profile fields in simple users search		This is a shared field. Click on the link the fields column to jump to the explanation.
Group (field and filter) visibility	Single selection	In many systems the groups and groups sets are internal and end-users do not know if their existence. In some systems groups and group sets are being showed to end-users in the profile of other users and as search filters. A typical use case is that users can search in other cities, region's or countries. Hide when "Accessible user groups" value is "None" Options: None Group set only Group and group set
Group filter default	Single selection	Here the default group filter can be set. For example it is possible to set that search filter will be default have the own group (e.g. community, city or region) selected, and if users want to search outside their group they can use the filter. Hide when "Group (field and filter) visibility" value is "None" Options: None Own group Own group set Specific groups All accessible groups
Default groups on filter	Multi selection	Required Only visible if "Group filter default" value is "Specific groups"
General
My profile fields		This is a shared field. Click on the link the fields column to jump to the explanation.
My privacy settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Records		This is a shared field. Click on the link the fields column to jump to the explanation.
Default quick access		This is a shared field. Click on the link the fields column to jump to the explanation.
Agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
View / manage agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
Passwords		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage my channels access		This is a shared field. Click on the link the fields column to jump to the explanation.
My authorized applications		This is a shared field. Click on the link the fields column to jump to the explanation.
My identity provider links		This is a shared field. Click on the link the fields column to jump to the explanation.
Enable quick access settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Contacts list		This is a shared field. Click on the link the fields column to jump to the explanation.
Contact fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Invite users		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum invitation recipients		This is a shared field. Click on the link the fields column to jump to the explanation.
User registration	Multi selection	Options: all available groups
Notification settings		This is a shared field. Click on the link the fields column to jump to the explanation.
My access clients		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum addresses		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum mobile phones		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum landline phones		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum profile images		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum content images	Integer	Many features in Cyclos have the possiblity to add images (e.g. profile images, advertisement images). It is possible to allow users to upload generic images, that can be linked in other entities with the rich text editor (e.g. in a profile field or advertisement description). Only available in classic front-end
Maximum additional contact information	Integer	User can be given permissions to add addtional contact information to their profile. A typical use case is a business profile that additional contacts for accounting, marketing, support etc.
Contact information fields	Multi selection	Only visible if "Maximum additional contact information" is greater than zero Options: All available Additional contact/Contact information fields
Operators	Radio buttons	Users can be given to create manage operators. Operators do have their own profile, and can be given permissions to access the main user entities such as accounts, advertisements etc. Options: Enable Manage operators Manage groups
Maximum operators	Integer	Only visible if "Operators" is enabled Required
Operator profile fields	Dropdown table	This table shows with all possible permissions the user can have over it's own operator profile fields. The permissions are displayed in columns, and the operator profile fields are displayed as rows. Only visible if "Operators" is enabled Permissions: Enabled At registration Visible Editable Operator list
Individual documents	Boolean	Documents can be uploaded and managed for specific users (e.g. copy of passport)
View shared documents with categories	Multi selection	Shared documents are typically organization wide documents that can be made available for users. Options: all available document categories
Custom operations	Drop-down table	Custom operations can be created and assigned to users. This table shows with all possible permissions the user can have over it's custom operations. The permissions are displayed in columns, and the custom operations are displayed as rows. Permissions: Enabled Run self Run others
Wizards	Dropdown table	This table shows with all possible permissions the user can have over it's user wizards. The permissions are displayed in columns, and the wizards user wizards are displayed as rows. Permissions: Enabled Run
My tokens	Dropdown table	This table shows with all possible permissions the user can have over it's identification methods (token, profile field, access client). The permissions are displayed in columns, and the token identification methods are displayed as rows. Permissions: Enabled Active Block Unblock Cancel Personalize (Forced true and read only for NFC tag token type)
Activate tokens for other users	Multi selection	This allows a user with the mobile app in POS mode to activate NFC tokens Options: All available NFC tag token types
Show member's brokers	Single selection	Options: None Main broker only All brokers
Show activation date in profile	Boolean
Accounts - The account type selected under "User account" can only be changed when the product is created. In this way accounts can only be created and deleted when assigning and deleting products from users or groups. If it would be allowed a change in the product could trigger all accounts of a certain type to be deleted and new accounts to be created.
User account Accounts -	Single selection	The account type which users with this product will have. Shows all user account types of the system and an option disabled (selected by default). This field cannot be changed after the product has been created. In other words after the product has been saved for the first time it is not possible anymore to change the value of this field. See Account types. After the product is saved this will be a read only text field (displaying disabled or the name of the account). No permissions are granted, only when the account accessibility is enabled.
The permissions of this section are only related to the "User account" selected above: (this whole section is hidden when no user account is selected)
Account visibility (general)	Single selection	Options: Always visible Only when the negative balance limit is grater than zero Only if transactions on account Never visible
Account visibility (personal setting)	Single selection	Only visible if "Account visibility (general)" value is not "Never visible" Options: Not used (cannot hide) Configurable by user (default: visible) Configurable by user (default: hidden)
Show account to other users (in profile)	Single selection	If this option is selected the account balance and transaction information will be visible in the users profile. This is mostly used by LETS groups aiming for transparency. The account information will only be shown publicly for this account and thus not for other accounts the user has access too. Make sure this functionality doesn't create security breaches. This permission only counts for the account selected under "User account". Only a check box is shown without label. See Users. Options Hidden Show balance only Show activity only Show balance and activity
Payment filters	Multi selection	Here you can set which payment filters will be available for the member when viewing his account information. Only visible if "Account visibility (general)" value is not "Never visible" Shows all payment filters for the account selected under "User account". See Payment filters.
Initial credit	Currency amount	When set the user will receive an initial credit payment on the selected account. Wrapped. See Account type business rules.
Initial credit transfer type	Single selection	The transfer type used to transfer the initial credit from the system account to the user account. Only visible and required if "Initial credit" is set. Shows all generated transfers types from any system account (using the same currency) to the "User account" selected above (generated transfer types are always enabled). See Account type business rules.
Default negative balance limit	Negative currency amount	When set, the account cannot go negative (when doing payments). The default negative amount is set here, per user the value can be changed individually (credit limit). Wrapped (if not specified the default value is zero and the account cannot go negative by default). See Account balance limits.
Max personalized negative balance limit	Negative currency amount	This option is the max balance limit that admins can give to individual persons
Default positive balance limit	Single selection	When set, the account cannot go more positive until the amount specified. The default value is set here, per user the value can be changed (debit limit). Wrapped (if not specified the default value is unlimited and the account can theoretically go to infinity.) See Account balance limits. Options: Amount, and Unlimited (default) When the selected option is Amount allow to set a currency amount
Default max amount per payment	Single selection	Options: Amount, and Define in payment type (default) When the selected option is 'Amount' allow to set a default amount, which will overrule the payment type default amount
Default max amount per day	Single selection	Options: Amount, and Define in payment type (default) When the selected option is 'Amount' allow to set a default amount, which will overrule the payment type default amount TODO? correct?
Default max amount per week	Single selection	Options: Amount, and Define in payment type (default) When the selected option is 'Amount' allow to set a default amount, which will overrule the payment type default amount
Default max amount per month	Single selection	Options: Amount, and Define in payment type (default) When the selected option is 'Amount' allow to set a default amount, which will overrule the payment type default amount
Default max amount per year	Single selection	Options: Amount, and Define in payment type (default) When the selected option is 'Amount' allow to set a default amount, which will overrule the payment type default amount
System payments	Multi selection	Here can be selected which payments the user will be allowed to make to the system (a system account). Only visible if Account visibility (general) value is not Never visible Shows all transfer types from the account selected under "user account" to all system accounts which are enabled. Shows all enabled transfer types (alphabetically) and then all disabled in grey striket trough. See Do payment. Only visible if Account visibility (general) value is not Never visible
User payments	Multi selection	Here can be selected which payments the user will be allowed to make to other users (with member accounts) Only visible if Account visibility (general) value is not Never visible Shows all transfer types from the account selected under "User account" to all other user accounts which are enabled for direct payments. Shows all enabled transfer types (alphabetically) and then all disabled in grey striket trough. See Do payment.
Self payments	Multi selection	Here can be selected which payments the user is allowed to make to transfer money from the account selected under "user account" to other accounts he might own. A typical 'self payment' is from a current account to a savings account (from the same user). Only visible if Account visibility (general) value is not Never visible Shows all transfer types from the account selected under "User account" to all other user accounts which are enabled for self payments. Shows all enabled transfer types (alphabetically) and then all disabled in grey striket trough. See Do payment.
External user payments	Multi selection	Payments to non Cyclos users that will receive a temporary account and will be notified with an email and/or SMS. Options: All available payment transfers type from User account to other member account Only visible if Account visibility (general) value is not Never visible
Receive payments (POS)	Multi selection	Initiate receive payments from other Cyclos users Options: All available payment transfers type from other member account to User account with Pay at POS channel enabled Only visible if Account visibility (general) value is not Never visible
Receive payments (tickets)	Multi selection	Initiate receive payments from other Cyclos users with ticket mechanism Options: All available payment transfers type from other member account to User account with Ticket channel enabled Only visible if Account visibility (general) value is not Never visible
Make payments (tickets)	Multi selection	Make payments with ticket mechanism Options: All available payment transfers type from User account to other members with Ticket channel enabled Only visible if Account visibility (general) value is not Never visible
Chargeback of payments	Multi selection	Options: All available payment transfers type from other members with to User account with a positive value set in Max chargeback time Only visible if Account visibility (general) value is not Never visible
Request payments from system	Multi selection	Payment requests from administrators (system account) to users (member account) Options: All available payment transfers type from system account to User account Only visible if Account visibility (general) value is not Never visible
Request payments from users	Multi selection	Request payment from user to user Options: All available payment transfers type from other users to User account Only visible if Account visibility (general) value is not Never visible
Receive payment requests	Multi selection	Allow receiving payment requests Options: All available payment transfers type from User account
Charge account fees	Multi selection	Here can be selected which account fees should be charged on the account selected under "User account". Be aware when a user has two member products enabling the same user account and only in one product the account fee is enabled, the account field will still run. The rule is when an account fee is enabled in one of the users product it will run. Show all account fees possible for the account selected under "user account". Shows all enabled account fees (alphabetically) and then all disabled in grey striket trough. See Account fees.
The permissions of this section are related to all accounts (even in other currencies) the user has access to:
Visible transaction fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Visible voucher fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage tickets	Check boxes	Allowed permissions: View, and Cancel
Payment requests	Check boxes	Allowed permissions: View, Accept, Cancel, and Change expiration
Scheduled payments	Check boxes	Gives the user the permission to view, cancel, block, unblock or pay now scheduled payments. See Scheduled payments. Options: View / Cancel / Block / Unblock / Pay now / Process installment / Settle installment
Payment authorization	Check boxes	The view permission allows the user to see the payments that have the authorization status pending/canceled/denied ("processed" is visible for everyone) in the account information. The cancel permission allows the user to cancel payments done from his account that are waiting for authorization, to cancel a payment the user must also have the permission to do the payment with that transfer type. Finally the authorize permissions allows the member to accept or deny a payment of whom he is the authorizer, this can be the case when "receiver" or "payer" is selected in the transfer authorization. Options: View / Cancel / Authorize/Deny See Authorize payments. See Account information. You can only select authorize and cancel if you have the view permission. Note: This permissions does not affect the payment authorizations done by operators. Those permissions are handled by the 'manage operators' permissions.
External user payments	Check boxes	Payments to external (non Cyclos) users Allowed permissions: View, and Cancel
Batch payments	Boolean	Allow batch (bulk) payments to multiple users using file upload
Transfer status flows		This is a shared field. Click on the link the fields column to jump to the explanation.
Run transfer custom operations		This is a shared field. Click on the link the fields column to jump to the explanation.
Run custom web services		This is a shared field. Click on the link the fields column to jump to the explanation.
Vouchers	Dropdown table	This table shows with all possible permissions the user can have over it's Voucher configurations. The permissions are displayed in columns, and the Vouchers configurations are displayed as rows. Permissions: Enabled View vouchers Buy Send Send batch Refund View transactions Redeem Top-up
Allow operator to receive / make payments	Boolean	Allow operators to make / receive payments on behalf of the user
Advertisements
View advertisements	Boolean	Allows the member to see advertisements of other users. See Marketplace_-_Advertisements. Permission only works for member visible to the member.
View web shop	Boolean	Allows the member to see web shop advertisements of other users. See Marketplace_-_Advertisements. Permission only works for member visible to the member.
Advertisement interests	Boolean	Allow members to get a notification if new ads are published that match criteria specified by the user. Only visible when "View advertisements" or "View web shop" is selected. See Marketplace_-_Interests.
Advertisement favorites	Boolean	Allows users to mark an advertisement as 'favorite' and go to a list (search filter) to show all advertisements marked as favorite. Only visible if "View advertisements" or "View web shop" is true
Enable advertisements	Boolean
Publish advertisements	Boolean	Allows the member to publish advertisements. See Marketplace_-_Advertisements.
Enable ad questions	Boolean	Allow users to post questions at the bottom of the advertisement, and allow the owner of the advertisement to respond to these questions. Only visible if "Publish advertisements" is true
Ads require authorization	Boolean	Advertisements needs to be authorized by a broker or administrator first (manage ads permissions) Only visible if "Enable advertisements" is true
Enable web shop ads	Boolean	The web shop advertisements permissions gives to user to manage an internal web shop with shopping cart, stock management, delivery methods etc.
Publish web shop ads	Boolean	Allows the member to publish web shop advertisements. Only visible if "Enable web shop ads" is selected See Marketplace_-_Advertisements.
Enable web shop questions	Boolean	Allows people that can view the advertisements to post questions Only visible if "Publish web shop ads" is true
Web shop ads require authorization	Boolean	After creating the advertisements will need to be authorized by a broker or administrator first Only visible if "Enable web shop ads" is true
View ads in other currencies	Multi selection	This setting allows users to view ads of currencies that they do not have. Options: all the currencies available except the selected in "User account"
Maximum advertisements	Integer	Determines the maximum of advertisements a user can publish. Only visible when "View advertisements" or "View web shop" is selected. See Marketplace_-_Advertisements.
Max. categories per ad		The maximum categories that the ad can be placed in by the publisher Only visible if "View advertisements" or "View web shop" is true
Max. addresses per ad	Integer	Only visible if "View advertisements" or "View web shop" is true
Maximum description size (characters)	Integer	Determines the maximum amount of characters the ad description may have. Only visible when "View advertisements" or "View web shop" is selected. See Marketplace_-_Advertisements.
Max. images per ad	Integer	Determines the maximum amount of images each advertisement may have. Only visible when "View advertisements" or "View web shop" is selected. See Marketplace_-_Advertisements.
Default publication time	Time interval	Determines the default publication period an advertisement will have. Only visible when "View advertisements" or "View web shop" is selected. The default advertisement publication time must be lower then the maximum advertisement publication time. When date of an advertisement exceeds the publication time the advertisement is put automatically in 'expired' status. See Marketplace_-_Advertisements.
Maximum publication time	Time interval	Determines the maximum publication period an advertisement may have. Only visible when "View advertisements" or "View web shop" is selected. See Marketplace_-_Advertisements.
Ad fields	Dropdown table	Ad custom fields to advertisements (e.g. option: offer, want) Only visible if "Enable advertisements" or "Enable web shop ads" or "View advertisements" or "View web shop" is true Permission: Enable View Manage
Messages & Notifications
Messages	Check boxes	Gives the member the permission to view his messages and send them to other users or the system. See Messages. Permission only works for member visible to the member. Options: View Send to user (Hide if "Maximum message recipients" is zero)
Maximum message recipients		This is a shared field. Click on the link the fields column to jump to the explanation. Only visible if "Messages" allow "View" and "Send to User"
Send messages to administration with categories	Multi selection	Message categories the user may use to send messages to the administration. Administrators can be given permissions to see/respond to messages with specific categories (e.g. support, accounting). Visible only if "Messages View" is enabled. Shows all message categories. See Messages.
Forward internal messages as email	Single selection	Allows the user to forward internal messages to his email. Option: Disable / Enable / Enable and default. Only visible if under "Messages" the option "View" is selected. See Messages.
Maximum SMS per month		This is a shared field. Click on the link the fields column to jump to the explanation.
Notifications	Dropdown table	Here can be set which notifications a user is allowed to receive. Also can be set if the user is allowed to receive the message trough email and SMS. Finally also if they will receive the notification by default trough email or SMS. See Notifications settings (member). Permissions: Enabled Email Default by email Sms Default by sms
Personal references	Check boxes	Gives members the permission to "Receive", "View" (other users) and "Give" references. References are expressions of content or discontent. Options: Receive / View / Give. This permission only works for member visible to the member. The option "Give" can only be selected when "View" (of other users) is selected.
Payment feedbacks	Check boxes	Gives members the permission to "Receive", "View of other users" and "Give" payment feedback. Payment feedback allows members to give feedback on a payment (transfer), for instance on the quality of the delivered service. This permission only works for member visible to the member. Options: Receive / View / Give. The option "Give" can only be selected when "View" (of other users) is selected. See Payment feedback.

Broker product

Fields	Type	Rules
Basic
Type		This is a shared field. Click on the link the fields column to jump to the explanation.
Name		This is a shared field. Click on the link the fields column to jump to the explanation.
Internal name		This is a shared field. Click on the link the fields column to jump to the explanation.
Description		This is a shared field. Click on the link the fields column to jump to the explanation.
Product is used by groups		This is a shared field. Click on the link the fields column to jump to the explanation.
Product applied to channels		This is a shared field. Click on the link the fields column to jump to the explanation.
Product applied to identification methods		This is a shared field. Click on the link the fields column to jump to the explanation.
General
My profile fields		This is a shared field. Click on the link the fields column to jump to the explanation.
My privacy settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Records		This is a shared field. Click on the link the fields column to jump to the explanation.
Default quick access		This is a shared field. Click on the link the fields column to jump to the explanation.
Agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
View / manage agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
Passwords		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage my channels access		This is a shared field. Click on the link the fields column to jump to the explanation.
My authorized applications		This is a shared field. Click on the link the fields column to jump to the explanation.
My identity provider links		This is a shared field. Click on the link the fields column to jump to the explanation.
Enable quick access settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Contacts list		This is a shared field. Click on the link the fields column to jump to the explanation.
Contact fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Invite users		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum invitation recipients		This is a shared field. Click on the link the fields column to jump to the explanation.
Notification settings		This is a shared field. Click on the link the fields column to jump to the explanation.
My access clients		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum addresses		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum mobile phones		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum landline phones		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum profile images		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum content images	Integer	Maximum number of personal content images that a broker can upload.
Operators	Radio buttons	A broker can have operators like members, and give also broker permissions to the operator (group) Options: Enable Manage operators Manage groups
Maximum operators	Integer	Only visible if "Operators" is enabled Required
Operator profile fields	Dropdown table	This table shows with all possible permissions the user can have over it's own operator profile fields. The permissions are displayed in columns, and the operator profile fields are displayed as rows. Only visible if "Operators" is enabled Permissions: Enabled At registration Visible Editable Operator list
Messages
Messages	Check boxes	Gives the member the permission to view his messages and send them to other users or the system. See Messages. Options: View Send to broker's members (mailing to all members)
Maximum message recipients		This is a shared field. Click on the link the fields column to jump to the explanation. Only visible if "Messages" allow "View" and "Send to broker's members" If it is visible, the value must be greater than 0
Maximum SMS per month		This is a shared field. Click on the link the fields column to jump to the explanation.
Notifications	Dropdown table	Here can be set which notifications a user is allowed to receive. Also can be set if the user is allowed to receive the message trough email and SMS. Finally also if they will receive the notification by default trough email or SMS. Shows Component: Notifications configuration. See Notifications settings (member). Permissions: Enabled Email Default by email Sms Default by sms
User management
See configuration and permission of accessible users		This is a shared field. Click on the link the fields column to jump to the explanation.
User registration	Multi selection	Defines in which groups brokers can create new users. Shows all user groups available in the system. See Brokering.
Profile fields of other users		This is a shared field. Click on the link the fields column to jump to the explanation. Available permissions (in rows from left to right): Visible Editable User filter User list User keywords Advertisement filter Advertisement keyword Record filter Record keywords
Profile fields in simple users search		This is a shared field. Click on the link the fields column to jump to the explanation.
View hidden user profile fields		This is a shared field. Click on the link the fields column to jump to the explanation.
View privacy-controlled profile fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Group (field and filter) visibility	Single selection	Options: None Group set only Group
User privacy settings		This is a shared field. Click on the link the fields column to jump to the explanation.
User operators		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage blocked users		This is a shared field. Click on the link the fields column to jump to the explanation.
Disabled users		This is a shared field. Click on the link the fields column to jump to the explanation.
Removed users		This is a shared field. Click on the link the fields column to jump to the explanation.
Purged users		This is a shared field. Click on the link the fields column to jump to the explanation.
User brokers		This is a shared field. Click on the link the fields column to jump to the explanation.
Pending users		This is a shared field. Click on the link the fields column to jump to the explanation. Enable only when "User registration" has one or more group selected
Manage additional contact information		This is a shared field. Click on the link the fields column to jump to the explanation.
Connected users		This is a shared field. Click on the link the fields column to jump to the explanation.
Passwords		This is a shared field. Click on the link the fields column to jump to the explanation.
User channels access		This is a shared field. Click on the link the fields column to jump to the explanation.
User authorized applications		This is a shared field. Click on the link the fields column to jump to the explanation.
User identity provider links		This is a shared field. Click on the link the fields column to jump to the explanation.
Contacts list		This is a shared field. Click on the link the fields column to jump to the explanation.
User contact fields		This is a shared field. Click on the link the fields column to jump to the explanation.
View user agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
User custom images		This is a shared field. Click on the link the fields column to jump to the explanation.
Quick access settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Bulk actions		This is a shared field. Click on the link the fields column to jump to the explanation.
Run custom operations over users		This is a shared field. Click on the link the fields column to jump to the explanation.
Run wizards over users		This is a shared field. Click on the link the fields column to jump to the explanation.
Mailings		This is a shared field. Click on the link the fields column to jump to the explanation.
User tokens		This is a shared field. Click on the link the fields column to jump to the explanation.
Access clients		This is a shared field. Click on the link the fields column to jump to the explanation.
Trusted devices		This is a shared field. Click on the link the fields column to jump to the explanation.
Device PINs		This is a shared field. Click on the link the fields column to jump to the explanation.
User accounts
Access user accounts		This is a shared field. Click on the link the fields column to jump to the explanation.
User accounts visibility		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to user		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to system		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to self		This is a shared field. Click on the link the fields column to jump to the explanation.
External payments		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to external user	Multi selection
Chargeback of payments to user		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage tickets		This is a shared field. Click on the link the fields column to jump to the explanation.
Create tickets		This is a shared field. Click on the link the fields column to jump to the explanation.
Payment requests		This is a shared field. Click on the link the fields column to jump to the explanation.
Request payments from system		This is a shared field. Click on the link the fields column to jump to the explanation.
Request payments from users		This is a shared field. Click on the link the fields column to jump to the explanation.
User payment filters		This is a shared field. Click on the link the fields column to jump to the explanation.
Scheduled payments		This is a shared field. Click on the link the fields column to jump to the explanation.
Cancel authorization as user		This is a shared field. Click on the link the fields column to jump to the explanation.
User batch payments		This is a shared field. Click on the link the fields column to jump to the explanation.
Account balance limits		This is a shared field. Click on the link the fields column to jump to the explanation.
Payment limits		This is a shared field. Click on the link the fields column to jump to the explanation.
Include account balance and number in export users		This is a shared field. Click on the link the fields column to jump to the explanation.
Authorize payments as broker	Booleans	Permissions: View / Authorize/Deny
Visible transaction fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Visible voucher fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Transfer status flows		This is a shared field. Click on the link the fields column to jump to the explanation.
Run transfer custom operations		This is a shared field. Click on the link the fields column to jump to the explanation.
]]Run custom web services		This is a shared field. Click on the link the fields column to jump to the explanation.
Vouchers		This is a shared field. Click on the link the fields column to jump to the explanation.
User batch vouchers sending	Radio buttons	Options: None / view / Manage
User data
Advertisements
Web shop		This is a shared field. Click on the link the fields column to jump to the explanation.
The above view permissions will show advertisements / webshop of all members, not only the broker's managed members.
Pending ads		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop settings		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop purchases		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop sales		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop pending ads		This is a shared field. Click on the link the fields column to jump to the explanation.
Ad fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Ad interests		This is a shared field. Click on the link the fields column to jump to the explanation.
Advertisement favorites		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage references		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage payment feedbacks		This is a shared field. Click on the link the fields column to jump to the explanation.
User notification settings		This is a shared field. Click on the link the fields column to jump to the explanation.
User records		This is a shared field. Click on the link the fields column to jump to the explanation.
Individual documents		This is a shared field. Click on the link the fields column to jump to the explanation.
View shared documents with categories		This is a shared field. Click on the link the fields column to jump to the explanation.

Administrator product

Important The admin permissions can be defined in two places: directly in the admin group (permissions tab) and it is also possible to create admin products (just like member and broker products). Usually all admin permissions are defined in the admin group (permissions tab). For systems with many admin groups that need to share the same permissions, it can be useful to create admin products and aggregated them to the admin group (in the permissions tab > Shared products). This will avoid duplicate permissions and keep the permissions structure manageable.

Fields	Type	Rules
Basic
Type		This is a shared field. Click on the link the fields column to jump to the explanation.
Name		This is a shared field. Click on the link the fields column to jump to the explanation.
Internal name		This is a shared field. Click on the link the fields column to jump to the explanation.
Description		This is a shared field. Click on the link the fields column to jump to the explanation.
Product is used by groups		This is a shared field. Click on the link the fields column to jump to the explanation.
Product applied to channels		This is a shared field. Click on the link the fields column to jump to the explanation.
Product applied to identification methods		This is a shared field. Click on the link the fields column to jump to the explanation.
General
My profile fields		This is a shared field. Click on the link the fields column to jump to the explanation.
My privacy settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Records		This is a shared field. Click on the link the fields column to jump to the explanation.
Default quick access		This is a shared field. Click on the link the fields column to jump to the explanation.
Agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
View / manage agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
Passwords		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage my channels access		This is a shared field. Click on the link the fields column to jump to the explanation.
My authorized applications		This is a shared field. Click on the link the fields column to jump to the explanation.
My identity provider links		This is a shared field. Click on the link the fields column to jump to the explanation.
Enable quick access settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Contacts list		This is a shared field. Click on the link the fields column to jump to the explanation.
Contact fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Invite users		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum invitation recipients		This is a shared field. Click on the link the fields column to jump to the explanation.
Notification settings		This is a shared field. Click on the link the fields column to jump to the explanation.
My access clients		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum addresses		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum mobile phones		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum landline phones		This is a shared field. Click on the link the fields column to jump to the explanation.
Maximum profile images		This is a shared field. Click on the link the fields column to jump to the explanation.
Configuration
System configuration	Radio buttons	The System configuration permissions apply to all the permissions in menu: System - System configuration, but also other system specific permissions such as the under the menu: Systems - Tools, and system related logs in the Reports menu. The following options can be selected None: When this option selected, and no option in the 'Manage specific configurations' drop down (directly below) is selected the admin with this permissions cannot view and make any changes to the system configuration. View: When this option selected, the admin with this permissions can view all configurations in the network. Additionally the admins can be given permissions to manage specific configurations with the option 'Manage specific configurations' (drop down directly below). Manage: Administrators with this permission can manage (view/edit) all configurations in the system.
Manage specific configurations	Multi selection	Gives the admins the permission to view and manage specific configurations selected. Through this permission local administrators can manage their specific configurations. All system configurations are listed. See Configurations. Only visible if "System configuration" value (directly above) is not "Manage"
Account configuration	Radio buttons	Gives the admin the permission to view/manage the account configuration. The account configuration is used to create currencies, accounts, transactions, fees, payment filters, etc. Options: None / View / Manage. See Currencies See Account types See Account fees. See Payment filters See Transfer types See Transfer fees See Transfer authorization See Transfer custom fields Options: None / View / Manage
User configuration	Radio buttons	Gives the admin the permission to view/manage user configurations. The user configuration manage permission is an important permission in Cyclos, because it allows admins to manage products and assign products to groups. Also this permission allows the admin to control almost all fields and rules concerning users (see list below). See Custom fields See User records See Agreements See Groups See Credential types See Products The available options are None / View / Manage, explained in detail directly below. 'None' means that the admin cannot view or make changes to any user configuration. However when 'none' is selected admins can be giving permissions to view/manage specific user products in the option 'Product management' (explained further below). The 'View' permissions give the admin permission to view all user configurations and user products in the network. As with the option 'none', view permission also allows to additionally manage specific user products. The manage permissions give the admin permission to view and manage all user configurations and user products in the network.
Accessible groups	Radio buttons	The 'accessible groups' option allows admins of this group to view and manage specific permissions (explained in next option: 'Product management') for their accessible groups (the groups that are selected in the section 'User management - Accessible user groups'. The available options are None / View / Manage, explained in detail directly below. If 'None' is selected the admin cannot view or manage user products, unless they are selected specifically in the option below (Product management) The 'View' permissions give the admin permission to view all user products in the network, and additionally view/manage user products if selected in the option below (Product management) If 'Manage' is selected the admin of this group can view/manage all user products in the network
Product management	Dropdown table	This option will show up when 'none' or 'view' is selected in the option 'User configuration'. With this option an admin can be given permissions to view / manage specific user products. Note:: The permissions will be applied only to the user groups selected in the section 'User management - Accessible user groups'.
Advertisement configuration	Radio buttons	With this option admin can be given permissions to manage the advertisement configuration. Be aware that this does not mean actual advertisement management (e.g. edit or remove advertisements) but the configuration, for example creating advertisement categories and advertisement fields.
System
System records	Drop-down table	Gives the administrator permissions to manage (create,view, update) system records. System records can shown under any admin menu (defined in the record type, option: Main menu) Options. all available system record types Permissions: View (record type and record fields) Create (record type and record fields) Edit (record type and record fields) Remove (only record type) Note: This permission is to manage system records, which is considered an operational task. In order to manage system records system record types need to be created first (record types can be seen as templates / blueprints for records). For this system configuration permission is required.
View system alerts	Boolean	Gives the admin the permission to view/manage system alerts. System alerts are generated when important events happened in the system. See System alerts.
Error logs	Radio buttons	Gives the admin the permission to view/manage error logs for problem resolving. Options: None / View / Manage. See Error logs.
View configuration logs	Boolean	Gives the admin the permission to view/manage configuration logs. These logs are generated when any of the configuration entities (e.g. product, group, channel) is created/changed/deleted.
View user logs	Boolean	Gives the admin the permission to view/manage user logs. These logs are generated when any of the user entities (e.g. profile, address, user record) is created/changed/deleted. The user logs (of a specific user) can also been seen from the user management page (in the user profile).
View access log	Boolean	Gives the admin the permission to view/manage user logs. These logs are generated when a user authenticates at Cyclos via any channel.
System reports	Radio buttons	Gives the admin the permission to view/manage the system reports, (re)run system tasks, and download a system report in PDF format Options: None / View / Manage
View SMS messages	Boolean	Show all SMS messages sent and received by Cyclos
Run system custom operations	Multi selection	Allows the admin to run a custom operation with the system scope (not related to a specific user) Options: All available custom operations with system scope
Run system wizards	Multi selection	Allows the admin to run wizards with the system scope (not related to a specific user) Options: All available system wizards
Message categories	Radio buttons	Allows the admin to manage message categories, that can be selected by users that send messages to the system. Options: None / View / Manage
System image categories	Radio buttons	Gives the admin the permission to view/manage system image categories. System images are images uploaded by an administrator to use in the rich text editor. They are grouped by category. Options: None / View / Manage. See System image categories.
Document categories	Radio buttons	Gives the admin the permission to view/manage document categories. Administrators can create shared documents for users to read, these shared documents need to belong to a category. Options: None / View / Manage. See Document categories.
Imports	Multi selections	Allows admins to import user related entities by importing a file. Options: Users / Advertisements / Records / References / Transfers / Payments / Tokens
OpenID Connect clients	Radio buttons	Allows admins to manage OpenID Connect clients. Options: None / View / Manage
Accounts
Authorization roles	Dropdown table	Sets the roles an admin can have to authorize payments that need to be authorized by those roles. Visible trough the "Authorize payments" page, or "View authorizations" page. Shows a list of all authorization roles in the system as rows. Permissions, as columns: View / Manage See Authorize payments.
Visible transaction fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Visible voucher fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Transfer status flows		This is a shared field. Click on the link the fields column to jump to the explanation.
Run transfer custom operations		This is a shared field. Click on the link the fields column to jump to the explanation.
Run custom web services		This is a shared field. Click on the link the fields column to jump to the explanation.
Voucher types	Radio buttons	This gives admins permissions to create new voucher types, that serve together with voucher configurations as the 'template' for vouchers. Options: None / View / Manage
Accessible voucher configurations	Multi selection	This gives admins permissions to manage voucher configurations. Options: all available voucher configurations Only visible if "Voucher types" value is View or Manage
Vouchers	Dropdown table	The permissions in this table give admins the permissions to operational tasks concerning vouchers. Permissions: View / Generate / Buy / Send / Refund / Redeem / Top-up / Cancel / Change expiration / Notification settings / Change PIN
User batch vouchers sending	Radio buttons	Gives the permissions to send multiple vouchers in one operation. Options: None / View / Manage
View archived accounts	Boolean	Gives the permissions retrieve transaction data from the archive Archiving only works when enabled in the cyclos.properties file
System accounts
System accounts	Multi selection	This permission gives the admin the right to view the account summary and information of the selected system accounts. When a system account is selected, more permission can be granted over this system account. Shows all system accounts available in the system. See Account information.
System to system payments	Multi selection	Gives the admin the permission to make transfers between system accounts using the selected transfer types. Shows all the system to system payment transfer types related to the account selected in the field "System accounts". Shows all enabled transfer types (alphabetically) and then all disabled greyed out.
System to user payments	Multi selection	Gives the admin the permission to make transfers from a system account to a user account using the selected transfer types. Shows all the system to user payment transfer types where the from account is selected in the field "System accounts".
Chargeback of payments to system	Multi selection	Gives the admin the permission to chargeback payments of the selected transfer types made to the system. Shows all the payment transfer types that can be used to make payments to the system account. Shows all enabled transfer types (alphabetically) to the system account selected in the field "System accounts" See Account_information#Page:_Transfer_details.
System payment filters	Multi selection	Select the (predefined) payment filter that the admin can use for filtering payments Options: All available payment filters defined in the accounts type selected on "System accounts"
System payment requests	Booleans	Gives the administrator permissions to manage payment request send to system accounts Permissions: View / Accept / Cancel / Change expiration The admininistrator must have permissions to perform those payments
Request payments from users	Multi selection	Gives the administrator permissions to request payments from users.
System external payments	Booleans	Gives the administrator permissions to view or cancel payments requests to external users Permissions: View / Cancel See also option directly below
System to external user payments	Multi selection	Gives the administrator permissions to request payments from external users (users without a Cyclos account, by SMS and/or email) Options: All available payment transfer types from the accounts selected in "System accounts" to a user account
System scheduled payments	Multiple select	Gives the admin permissions to manage system scheduled payments. Payments can be scheduled from a system account to another system account or to a user. The admin only has this permission when the system account making the scheduled payment is enabled in one of the admins products. Permissions: View / Cancel / Block / Unblock / Modify / Process installment / Settle installment See Scheduled payments Enabled only after select one or more accounts in "System accounts"
Cancel system payments authorization	Boolean	This permission allows the admin to cancel a system payment authorization. Enabled only after select one or more accounts in "System accounts" See Authorize payments.
Account fee charges	Radio buttons	This allows you to view or manage account fees which can be done in the admin menu: Banking - System accounts - Accounts fees. Options: None / View / Charge. Note: Be aware that this permissions is for all account fees in the system. So the permission should be handled with caution.
User management
Accessible user groups		This is a shared field. Click on the link the fields column to jump to the explanation.
Specific accessible user groups		This are the groups None: Admins with this permissions can neither view or manage any users in the network Specific groups: Allows choosing which groups are accessible All groups: All user groups are accessible Note: This is a crucial permission, because many other admin permissions depend on it. For any admin operation concerning other users, the admin needs to have accessibility permissions of the group the users belong to.
View user directory (map) on groups		This is a shared field. Click on the link the fields column to jump to the explanation. Accessible options: None: This product don't affect the accessible groups Specific groups: Allows choosing which groups are accessible All groups: All user groups are accessible
Groups for user directory (map)		This is a shared field. Click on the link the fields column to jump to the explanation.
Accessible administrator groups	Radio buttons	Options: None / Specific groups / All groups
Specific accessible administrator groups	Multi selection	Options: all available administrator groups Only visible if "Accessible administrator groups" value is "Specific groups"
Profile fields of other users		This is a shared field. Click on the link the fields column to jump to the explanation.
Profile fields in simple users search		This is a shared field. Click on the link the fields column to jump to the explanation.
View privacy-controlled profile fields		This is a shared field. Click on the link the fields column to jump to the explanation.
View hidden user profile fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Change group	Radio button	Gives permissions to view / change the group of a user belongs Options: None / View / Manage Applies for users of accessible groups View permissions gives also allows to see the history of group changes of the user
Add / remove individual products	Multi selection	Gives admins the permission to add or remove products to individual users. Shows all member and broker products in the list. See Manage user's products.
See configuration and permission of accessible users	Link to configuration and product permissions is shown at the profile management page
User registration	Boolean	The user register permission gives the admin the permission to register users and changing profile fields, custom fields, phones, addresses and profile images. See Users.
View user alerts	Boolean	Gives the admin the permission to view user alerts. User alerts are generated when important or suspicious events happened on a certain user. See: User alerts.
User privacy settings		This is a shared field. Click on the link the fields column to jump to the explanation.
User operators		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage blocked users		Administrators with this permission can unblock/block users (from the user profile - management section).
Disabled users		This is a shared field. Click on the link the fields column to jump to the explanation.
Removed users		This is a shared field. Click on the link the fields column to jump to the explanation.
Purged users		This is a shared field. Click on the link the fields column to jump to the explanation.
User brokers		This is a shared field. Click on the link the fields column to jump to the explanation.
Pending users		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage additional contact information		This is a shared field. Click on the link the fields column to jump to the explanation.
Connected users		This is a shared field. Click on the link the fields column to jump to the explanation.
Login users via web services	Multi selection	Options: all available identification methods
Passwords		This is a shared field. Click on the link the fields column to jump to the explanation.
User channels access		This is a shared field. Click on the link the fields column to jump to the explanation.
User authorized applications		This is a shared field. Click on the link the fields column to jump to the explanation.
User identity provider links		This is a shared field. Click on the link the fields column to jump to the explanation.
Contacts list		This is a shared field. Click on the link the fields column to jump to the explanation.
User contact fields		This is a shared field. Click on the link the fields column to jump to the explanation.
View user agreements		This is a shared field. Click on the link the fields column to jump to the explanation.
User custom images		This is a shared field. Click on the link the fields column to jump to the explanation.
Quick access settings		This is a shared field. Click on the link the fields column to jump to the explanation.
Bulk actions		This is a shared field. Click on the link the fields column to jump to the explanation.
Run custom operations over users		This is a shared field. Click on the link the fields column to jump to the explanation.
Run wizards over users		This is a shared field. Click on the link the fields column to jump to the explanation.
Mailings		This is a shared field. Click on the link the fields column to jump to the explanation.
User tokens		This is a shared field. Click on the link the fields column to jump to the explanation.
Access clients		This is a shared field. Click on the link the fields column to jump to the explanation.
Trusted devices		This is a shared field. Click on the link the fields column to jump to the explanation.
Device PINs		This is a shared field. Click on the link the fields column to jump to the explanation.
User accounts
Access user accounts		This is a shared field. Click on the link the fields column to jump to the explanation.
User accounts visibility		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to user		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to system		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to self		This is a shared field. Click on the link the fields column to jump to the explanation.
External payments		This is a shared field. Click on the link the fields column to jump to the explanation.
Payments as user to external user		This is a shared field. Click on the link the fields column to jump to the explanation.
Chargeback of payments to user		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage tickets		This is a shared field. Click on the link the fields column to jump to the explanation.
Create tickets		This is a shared field. Click on the link the fields column to jump to the explanation.
Payment requests		This is a shared field. Click on the link the fields column to jump to the explanation.
Request payments from system		This is a shared field. Click on the link the fields column to jump to the explanation.
Request payments from users		This is a shared field. Click on the link the fields column to jump to the explanation.
User payment filters		This is a shared field. Click on the link the fields column to jump to the explanation.
Scheduled payments		This is a shared field. Click on the link the fields column to jump to the explanation.
Cancel authorization as user		This is a shared field. Click on the link the fields column to jump to the explanation.
User batch payments		This is a shared field. Click on the link the fields column to jump to the explanation.
Account balance limits		This is a shared field. Click on the link the fields column to jump to the explanation.
Payment limits		This is a shared field. Click on the link the fields column to jump to the explanation.
Include account balance and number in export users		This is a shared field. Click on the link the fields column to jump to the explanation.
User data
Advertisements		This is a shared field. Click on the link the fields column to jump to the explanation.
Web shop		This is a shared field. Click on the link the fields column to jump to the explanation.
Pending ads		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop settings		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop purchases		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop sales		This is a shared field. Click on the link the fields column to jump to the explanation.
User webshop pending ads		This is a shared field. Click on the link the fields column to jump to the explanation.
Ad fields		This is a shared field. Click on the link the fields column to jump to the explanation.
Ad interests		This is a shared field. Click on the link the fields column to jump to the explanation.
Advertisement favorites		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage references		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage payment feedbacks		This is a shared field. Click on the link the fields column to jump to the explanation.
User notification settings		This is a shared field. Click on the link the fields column to jump to the explanation.
User records		This is a shared field. Click on the link the fields column to jump to the explanation.
Individual documents		This is a shared field. Click on the link the fields column to jump to the explanation.
View shared documents with categories		This is a shared field. Click on the link the fields column to jump to the explanation.
Manage shared documents with categories	Multi selection	Options: all document categories selected on "View shared documents with categories"
Messages
View messages sent to system with categories	Multi selection	Allows the admin to view messages send to the system of the selected categories. Shows all the message categories of the system.
Manage messages sent to system with categories	Multi selection	Allows the admin to manage messages (delete and mark messages as read / unread) sent to the system within the selected categories. Shows all the message categories selected in the field "View messages sent to system with categories".
Send messages from system with categories	Multi selection	Allows the admin to send messages from the system within the selected categories. Shows all the message categories selected in the field "View messages sent to system with categories".
Send messages to groups	Boolean	Gives the admin the permission to send messages to the all groups he can manage. Only enable if "Send messages from system with categories" has one or more message categories selected
Maximum message recipients		This is a shared field. Click on the link the fields column to jump to the explanation. Only enable if "Send messages from system with categories" has one or more message categories selected
Maximum SMS per month		This is a shared field. Click on the link the fields column to jump to the explanation.
Notifications
Notifications	Boolean	This setting enables notifications for the admin
The following default settings will be applied only for new administrators This section is only visible if "Notifications" value is true
Forward internal messages to email address	Multi selection	Options: all available message categories
Notification configuration table	Table	TODO (see list below, some items in upper case) Rows for enable notification type : Application errors (Boolean to enable) Ad pending for authorization (Boolean to enable) NETWORK_CREATED Payments (Multi selection allow to enable for each payment transfer type) Payments pending by authorization (Multi selection allow to enable for each payment transfer type which require authrization) External payment could not be delivered (Multi selection allow to enable for each payment transfer type to a user account) External payment expired (Multi selection to enable, for each payment transfer type to a user account) GENERATED_VOUCHERS_ABOUT_TO_EXPIRE Generated vouchers expiration (Multi selection allow to enable for each voucher configuration) Voucher buying about to expire (Multi selection allow to enable for each voucher configuration) New registered users (Multi selection allow to enable for each user group) USER_IMPORT_REGISTRATION User alerts (Multi selection allow to enable for each user alert type) System alerts (Multi selection allow to enable for each system alert type) Permissions / columns to enable for each row (boolean field): Default by email Default by SMS
Content management
Manage content for configurations	Multi selection	Options: all available configurations The manage specific configurations is only for regular admins Only visible if "System configuration" value is not "Manage"
View system images with categories	Multi selection	Here you can select from which categories the administrator can see all system images. Lists all system image categories. The order is determined in the categories page. See System images.
Manage system images with categories	Multi selection	Here you can select from which categories the administrator can manage all system images. Lists all system image categories. Only the categories where the admin has the view permission ("View system images with categories") over can be selected. The order is determined in the categories page. See System images.
Application & Data translation	Multi selection	All fields in the application can be translated. The admin can custumize the translation keys for the selected languages. Show all languages available application translation languages in the system. See Application translation.
Voucher templates	Radio buttons	Options: None / View / Manage

Common for all products

Fields	Type	Rules
Basic
Type	Text (read only)	The type of the product: Member, Broker or Administrator.
Name	Text	The product name. Required Must be unique
Internal name	Text	Required Must be unique
Description	Text area	The description of the product.
Product is used by groups	Multi selection	When the product is used for many groups and the logged user has permission to see the group this is a Link to it
Product applied to channels	Multi selection	Here you can limit the product to a specific channel Shows all available channels
Product applied to identification methods	Multi selection	Here you can limit the product to a specific identification method Shows all available Identification methods
Accessible user groups	Single selection	Determines which other users are accessible to others. Various other permissions depend on the accessibility. Options: None: This product don't affect the accessible groups Own group: The group of the user is accessible Own group set: The group and the group set (if any) of the user are accessible Specific groups: Allows choosing which groups are accessible All groups: All user groups are accessible
Specific accessible user groups	Multi selection	Determines which specific user groups are accessible. Only visible when "Specific groups" value is selected on "Accessible user groups" Required
View user directory (map) on groups	Single selection	This is a specific permission that allows searching users in a map Hidden if "Accessible user groups" value is none Options: None: This product don't affect the accessible groups Own group: The group of the user is accessible Own group set: The group and the group set (if any) of the user are accessible Specific groups: Allows choosing which groups are accessible All groups: All user groups are accessible
Groups for user directory (map)	Multi selection	Allows defining specific groups for the user map search (see option directly above) Only visible when "Specific groups" value is selected on "View user directory (map) on groups" Required Options: All available groups
Profile fields of other users	Dropdown table	Permission to show profile fields of other users. Be aware that accessibility permissions for that group is required. This table allow to select all possible permissions concerning the other users profile fields displayed in columns, and the custom fields displayed as rows. Available permissions (in rows from left to right): Visible (available for all users) Editable (only available if it is manage user) User filter (available for all users) User list (available for all users) User keywords (available for all users) Map filter (only available if it is not a broker) Map result (only available if it is not a broker) Advertisement filter (available for all users) Advertisement keyword (available for all users) Record filter (only available if it is manage user) Record keywords (only available if it is manage user)
Profile fields in simple users search	Multi selection	This option is complementary for the above option. You can define what profile fields will be shown as filters in the simple user search, instead of the search filters that appear under the 'advanced' button. Options: All field marked as "User filter" or "Map filter" in "Profile fields of other users"
My profile fields	Dropdown table	This table allow to select all possible permissions concerning the users profile fields displayed in columns, and the custom fields displayed as rows. Available permissions (in rows from left to right): Enabled At registration (can only be marked if Enable is checked) Visible (can only be marked if Enable is checked) Editable (can only be marked if Visible is checked) Manage privacy (can only be marked if Visible is checked and if it is not a built in profile field)
My privacy settings	Radio button	Gives the permission to hide/view profile fields Options: None View Manage
Records	Dropdown table	This table allow to select all possible permissions concerning the users record types fields displayed in columns, and the record types fields displayed as rows. Available permissions (in rows from left to right): Enabled View create Edit Remove
Default quick access	Multi selection	The quick access icons/operations that will show up by default Shows all available quick access operations
Agreements	Multi selection	The agreements which should be accepted for using this product, the user is asked to accept the agreement when logging in. Shows all agreements listed in the system. See Agreements wiki page.
View / manage agreements	Boolean	This will give the permissions to view agreements, or to change the optional agreements. This permission is applied interdependently from the agreements permission directly above. If the view/manage option is is not selected the agreements (selected in the above option) will still work.
Passwords	Dropdown table	This table shows with all possible permissions the user can have over it's own passwords. The permissions are displayed in columns, and the password types are displayed as rows. Permissions: (in columns from left to right): Change Unblock Disable or activate At registration
Manage my channels access	Boolean	Whether the user can change / manage his own channels access See User channels wiki page
My authorized applications	Boolean	With this permissions a list of authorized application will show up. Those applications are configured third party applications connecting to Cyclos. Before an authorized application can be enabled a OAuth2 / OpenID Connect needs to be configured first. Authorized applications are activated outside Cyclos. Information can be found at the OpenID_Connect OAuth2 wiki page
My identity provider links	Boolean	This will show the available identify providers that allows the user to log in to Cyclos (e.g. Facebook or Google). There will also an option for the user to connect/disconnect to the identity provider.
Enable quick access settings	Boolean	This will give the permissions to change the quick access options that will appear in the home page
Contacts list	Boolean	Allows the user to have use the contacts list feature
Contact fields	Dropdown table	This table shows with all possible permissions the user can have over it's own contact fields. The permissions are displayed in columns, and the contact fields are displayed as rows. Only visible when "Contacts list" value is true Permissions (in columns from left to right): Enable View Manage
Invite users	Boolean	This will give the user permissions to send an invitation email to non cyclos users.
Maximum invitation recipients	Integer	The maximum of persons that can be invited in a single action. Required Only visible when "Invite users" value is true
Notification settings	Boolean	This permission will give the user permissions to see and edit the notification settings.
My access clients	Dropdown table	TODO This table shows with all possible permissions the user can have over it's access clients (e.g. a mobile POS device or third party access application). The permissions are displayed in columns, and the access clients are displayed as rows. Permissions: Enable View Manage Block Unblock Activate Unassign
Maximum addresses	Integer	The maximum addresses a user can have. See Address.
Maximum mobile phones	Integer	The maximum number of mobile phones the user can have in Cyclos. See Phone.
Maximum landline phones	Integer	The maximum number of landline phones the user can have in Cyclos. See Phone.
Maximum profile images	Integer	The maximum number of profile images an user is allowed to have. See Manage user profile images.
Visible transaction fields	Multi selection	Determines which payment custom fields will be visible by users with this product Shows all transaction custom fields in the system See Banking - Transaction fields.
Visible voucher fields	Multi selection	Determines which voucher custom fields will be visible by users with this product Shows all available voucher custom fields in the system See Banking - Transaction fields.
Transfer status flows	Dropdown table	This table shows with all possible permissions the user can have over it's transfer status flows. The permissions are displayed in columns, and the transfer status flows are displayed as rows. Permissions: Visible Editable
Run transfer custom operations	Multi selection	Options: all available custom operations with scope 'transfer'
Run custom web services	Multi selection	Options: All available custom web services which allow "Run as" "Registered user"
Maximum message recipients	Integer	The max amount of recipients a user can send in a single message to messages to multiple users.
Maximum SMS per month	Integer	The is the maximum of outbound SMS messages (to the user) When a user reaches the last SMS a final SMS will be sent with an explanation that the max outbound SMS per month has been reached.

Common for administrator and broker

Fields	Type	Rules
User management
See configuration and permission of accessible users	Boolean	This gives the permissions to view the configuration and product/permissions from a user profile
View hidden user profile fields	Boolean
View privacy-controlled profile fields	Multi selection
User privacy settings	Radio button	Manage the privacy controlled fields of a user Options: None / View / Manage
User operators	Radio button	Manage the full operators feature of a user (operators and operator groups) Options: None / View / Manage
Manage blocked users	Boolean	Gives the admin/broker the permission to block and unblock users they manage, and also the option in the profile to view the user status history See Users - Users.
Disabled users	Radio button	Allows the admin/broker to view blocked users, as well as block and unblock users. Options: None / View / Manage. See Users - Users.
Removed users	Radio buttons	Allows the admin/broker to view removed users, as well as permanently removed / purged users. Options: None / View / Manage See Users - Users.
Purged users	Radio buttons	Permissions to permanently remove / purge users Options: None / View / Manage.
User brokers	Radio buttons	Gives the admin/broker the permission to view/manage the brokers of their assigned users. The manage permission allows the admin/broker to add new brokers to the user, delete brokers and change the main broker of the user. This is done via the user action: 'User management' > Manage brokers. The view permission allows the admin/broker to enter the 'User management' > Manage brokers, page and view the history of the broker assignments. The view permissions ALSO allows the admin/broker to view the Main broker and possible other brokers of the user directly in the profile. (the broker should always view himself at the profile of its users). Typically a broker won't need manage rights to administer brokers of a user. In some cases it can be required. Be aware that in this case the broker could change himself from a normal broker to a main broker. Options: None / View / Manage. See Brokering.
Pending users	Radio buttons	Allows the admin/broker to view / manage pending users. Brokers can only manage pending users they registered themselves. Admins can manage all pending users of visible groups. Options: None / View / Manage See Users - Users
Manage additional contact information	Boolean	Allows users to create contact information (e.g. commercial department, accounting)
Connected users	Radio buttons	Show connected users. If manage permissions users can be disconnected Options: None / View / Manage
Passwords	Dropdown table	This table shows with all possible permissions the user can have over other users passwords. The permissions are displayed in columns, and the password types are displayed as rows. Permissions (in columns from left to right) Change Disable or activate Unblock Reset
User channels access	Radio buttons	Gives admins/brokers the permission to view/manage the channels access for of users they can manage. Options: None / View / Manage
User authorized applications	Radio buttons	Gives admins/brokers the permission to view/manage the authorized applications for of users they can manage. Options: None / View / Manage
User identity provider links	Radio buttons	Gives admins/brokers the permission to view/manage the identity provider links for of users they can manage. Options: None / View / Manage
Contacts list	Radio buttons	Gives admins/brokers the permission to view/manage the contact list for of users they can manage. Options: None / View / Manage
User contact fields	Dropdown table	Gives admins/brokers the permission to view/manage the contact fields for of users they can manage. Only visible if "Contacts list" value is View or Manage Permissions: View / Manage
View user agreements	Boolean	The view agreement permission allows admins and brokers to see which (registration) agreements a user accepted at which time. See Agreement log.
User custom images	Boolean
Quick access settings	Radio buttons	Options: None / View / Manage
Bulk actions	View, modify and create bulk actions	Options: None / View / Manage
Run custom operations over users	Multi selection	Options: All available user custom operations
Run wizards over users	Multi selection	Options: All available user wizards
Mailings	Radio buttons	Create and send mailings Options: None / View / Manage
User tokens	Dropdown table	Permissions View Create (Read only for NFC Tokens) Activate (Read only for NFC Tokens) Block Unblock Cancel Change dates Personalize (Read only for non NFC Tokens) Initialize (Read only for non NFC Tokens)
Access clients	Dropdown table	Permissions: View Manage Block Unblock Activate Unassign
Trusted devices	Radio buttons	A trusted device is a device with the Cyclos mobile app that has been confirmed via an external channel (email). Permissions: None / View / Manage
Device PINs	Radio buttons	Permissions: None / View / Manage
User accounts
Access user accounts	Multi selection	This permission gives the admin/broker the right to view the account summary and information of the selected accounts of users. When a user account is selected more permissions can be granted over this user account below. The admin must also have the permission to manage this user and the broker must be the broker of this user. List of all user account types in the system. See Account information.
User accounts visibility settings	Radio buttons	In Cyclos it is possible to have hidden accounts, this is handy for users which have a lot of accounts. They can hide for example the accounts which they don't use very often. With the view permission the admin can see the page that shows which accounts are hidden/visible for a certain user. With the manage permission, the admin can even change these settings. Permissions: None / View / Manage
Payments as user to user	Multi selection	Gives the admin/broker the permission to make payments of specific transfer types for a user (he can manage) to other users. Shows all payment transfer types from the user accounts selected in the field "Access user accounts" to other user accounts. Shows all enabled transfer types (alphabetically) and then all disabled in grey striket trough. See Do payment.
Payments as user to system	Multi selection	Gives the admin/broker the permission to make payments of specific transfer types for a user (he can manage) to the system. Shows all payment transfer types from the user accounts selected in the field "Access user accounts" to the system accounts. Shows all enabled transfer types (alphabetically) and then all disabled in grey striket trough. See Do payment.
Payments as user to self	Multi selection	Gives the admin/broker the permission to make payments of specific transfer types for a user (he can manage) to himself (between accounts the user owns). Shows all payment transfer types from the user accounts selected in the field "Access user accounts" that are enabled for self payments. Shows all enabled transfer types (alphabetically) and then all disabled in grey stripped trough. See Do payment.
External payments	Booleans	Permissions: View / Cancel
Payments as user to external user	Multi selection	Gives the permission to send a payment to an external (non Cyclos) user by email (that will contain an invitation to register and receive the payment).
Chargeback of payments to user	Multi selection	Gives the admin/broker the permission to chargeback the selected payment a user (he can manage) made. Shows all payment transfer types from the user accounts selected in the field "Access user accounts". ???? Or is it maybe better "Shows all payment transfer types selected under payment as user to user, payment as user to system and payment as user to self." Shows all enabled transfer types (alphabetically) and then all disabled in grey striket trough. See Account_information#Page:_Transfer_details.
Manage tickets	Booleans	Gives the admin/broker the permission to manage tickets of the user. Tickets are a mechanism that gives more control on payment requests. Permissions: View / Cancel
Create tickets	Multi selection	Gives the admin/broker the permission to create tickets of the user.
Payment requests	Booleans	Permissions: View / Accept / Cancel / Change expiration
Request payments from system	Multi selection	Shows all payment transfer types from a system account to accounts selected in the field "Access user accounts"
Request payments from users	Multi selection	Shows all payment transfer types from other user account to accounts selected in the field "Access user accounts"
User payment filters	Multi	TODO Gives the admin/broker the permission to use the payment filters when viewing a user's account history. Shows all payment filters for the accounts selected under "Access user accounts". See Banking - Transfer filters.
Scheduled payments	Check boxes	Gives the admin or broker the permissions to view, cancel, block, unblock, modify, process installment, or settle installment of scheduled payments made by users he can manage. Payments scheduled from a user account to another user account or to the system. The admin or broker has only this permission when the user account making the scheduled payment is enabled in one of the his products. Permissions: View / Cancel / Block / Unblock / Modify / Process installment / Settle installment See Scheduled payments.
[UPDATED] Cancel authorization as user	Boolean	This permission allows the brokers and administrators to cancel an authorization of the user on behalf of the user (so as if the admin is the user)
User batch payments	Radio buttons	Gives the admin/broker the permission to manage batch payments of a user. Permissions: None / View / Manage
Account balance limits	Radio buttons	Gives brokers and administrators the permission to change the maximal positive and the maximal negative account balance of members they can manage. Permissions: None / View / Manage See Account_balance_limits.
Payment limits	Radio buttons	Permissions: None / View / Manage
Include account balance and number in export users	Boolean
Advertisements	Radio buttons	Permissions: None / View / Manage
Web shop	Radio buttons	Permissions: None / View / Manage
Pending ads	Radio buttons	Gives the permissions to view and authorize advertisements Only visible if "Advertisements" value is View or Manage Permissions: None / View / Manage Note: Advertisements must be set to require authorization in the user product
User webshop settings	Radio buttons	Permissions: None / View / Manage
User webshop purchases	Boolean	Gives admins/brokers the permission to view the purchases of the users they can manage. See Purchases.
User webshop sales	Boolean	Gives admins/brokers the permission to view the sales of the users they can manage. See Sales.
User webshop pending ads	Radio buttons	Gives the permissions to view and authorize webs shop advertisements Only visible if "Web shop" value is View or Manage Permissions: None / View / Manage
Ad fields	Dropdown table	Permissions: View / Manage
Ad interests	Radio buttons	Permissions: None / View / Manage
Advertisement favorites	Boolean	Only visible if "Web shop" or "Advertisements" value is View or Manage
Manage references	Boolean	Gives admins/brokers the permission to manage the references of users he can manage. See References.
Manage payment feedbacks	Boolean	Gives the admins/brokers the permission to manage the payment feedbacks of users they can manage. Payment feedback allows members to give feedback on a payment (transfer), for instance on the quality of the delivered service. See Payment feedback.
User notification settings	Radio buttons	Gives admins/brokers the permission to view/manage the notification settings of users they can manage. Options: None / View / Manage. See Notifications_settings_(member).
User records	Dropdown table	Allows the admin/broker to edit, delete, create, and remove user records of the selected user record types for users they can manage. Shows all user record types. Permissions: View (for each record type fields) Create (for each record type fields) Edit (for each record type fields) Remove (only for record types) See User records.
Individual documents	Radio buttons	Gives the admins/brokers the permission to view/manage individual documents for users that they can manage. Individual documents are created by admins and can be viewed by users the individual documents are assigned to. Options: Non / View / Manage. See Documents.
View shared documents with categories	Multi selection	Here you can select from which categories the administrator can see all shared documents. Lists all shared document categories. See Documents.
Manage shared documents with categories	Multi selection	Here you can select from which categories the administrator can manage all shared documents. Lists all shared document categories. Only the categories where the admin has the view permission over can be selected. See Documents.