Roles, Permissions & Admin Users
As your platform grows you'll want to bring in staff — support agents, billing managers, content editors — without giving everyone full control. WhatsMine's admin role-based access control (RBAC) lets you grant exactly the access each person needs.
Admin Users
Location: Admin → Admins (/admin/admins)
These are your internal staff accounts (separate from your customers). Each admin user has one or more roles, which determine what they can see and do.
📸 Screenshot: The Admin Users list with roles and status.
Adding an admin user
- Click New Admin.
- Enter their name, email and a password.
- Set their status (active/inactive).
- Assign one or more roles.
Managing admin users
- Edit details and roles.
- Toggle status to activate/deactivate without deleting.
- Delete an account.
Safety rails
You can't delete your own account, deactivate yourself, or remove the last Super Admin — so you can never lock yourself out.
Roles & Permissions
Location: Admin → Roles & Permissions (/admin/roles-permissions)
📸 Screenshot: The Roles & Permissions screen with roles on one tab and permissions on the other.
Built-in roles
| Role | Access |
|---|---|
| Super Admin | Everything. The highest level. |
| Admin | Broad management access (configurable). |
| Support | Limited, support-focused access. |
These system roles cover most needs out of the box.
Creating a custom role
- Click New Role.
- Give it a name, a key and a description.
- Tick the permissions it should have.
- Save, then assign it to admin users.
Each role shows how many permissions it has and how many admins use it.
Permissions
Permissions are the granular building blocks (organised by category). Examples:
| Category | Sample permissions |
|---|---|
| Clients | view_clients, create_clients, update_clients, delete_clients |
| Plans & billing | view_plans, create_plans, update_plans, delete_plans |
| Subscriptions | view_subscriptions, manage_subscriptions |
| Payments | view_payment_gateways, manage_payment_gateways |
view_email_settings, manage_email_settings | |
| Languages | view_languages, manage_languages |
| Currencies | view_currencies, manage_currencies |
| Settings | view_settings, manage_settings (covers landing page, CMS, queue, cron, support, AI dashboard) |
| Integrations | manage_integrations |
| Admin team | view_admins, create_admins, update_admins, delete_admins, view_admin_roles, manage_admin_roles |
You can also create new permissions if you extend the platform with custom modules.
How access is enforced
When an admin logs in, the sidebar and every action are filtered to their permissions. If they lack a permission, the section simply doesn't appear and the action is blocked. This keeps your platform secure and your staff focused.
Principle of least privilege
Give each staff member the minimum permissions they need. For example, a billing manager might get the plans/subscriptions/payments permissions but not settings or admin-team management.
➡️ Next: store your service credentials in Integrations.