Solidgate Hub equips merchants with tools for managing user roles and permissions, helping them maintain control over access to business data and operations.
Located in the account settings, the User management section allows administrators to manage access across the Hub and help handle access and issues related to it. They can invite users and assign predefined or custom roles to control what sections users can access and what actions they can take. Additionally, administrators can adjust roles and permissions as organizational needs evolve, reset passwords and two-factor authentication (2FA), and delete, block, or unblock users, ensuring security and control.
Roles and access
By assigning appropriate roles to team members, you can manage operations, protect sensitive data, and make sure each user has the permissions they need. The Hub supports two types of roles:
- Predefined roles are system-defined with fixed permissions, designed for common team functions. You can view them but not edit them.
- Custom roles are fully configurable roles you create to match your internal structure, with any combination of permissions.
Predefined roles can be combined, allowing users to hold multiple roles if needed:
- Merchant admin has the most comprehensive access, with permissions for all features, including payments, billing, risk management, account settings, user management, and more.
- Team lead has access similar to Merchant admin but with some limitations. For example, they cannot view analytics, modify products, or reset user passwords or 2FA. However, they can invite, delete, block, and unblock users.
- Manager has significant access to operational features like order management, subscriptions, and product details. However, they have more limited access to financial analytics and advanced settings.
- Analyst has access focused on analytical features, like payment analytics and risk analytics, and can view operational details.
- Support tier 1, 2, and 3 roles have leveled access, with tier 3 having the most. For example, the Support tier 3 role can manage orders and subscriptions.
- Dispute support role includes Support tier 3 access, Alert manager rights, and control over the list of rejected and allowed transactions.
- Developer has specific access to technical features like API logs and channel details.
- Alert manager role is focused on alert-related features and some risk management aspects.
- Finance manager has access to financial features, reconciliation, and some analytical tools.
- Authorized signatory is a limited role with access primarily to legal entities, questionnaires, and document signing.
The table below shows permissions for each predefined role. Use it to make sure each team member has the access they need.
| Section | Merchant admin | Team lead | Manager | Analyst | Support tier 1 | Support tier 2 | Support tier 3 | Dispute support | Developer | Alert manager | Finance manager | Authorized signatory |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Home | ||||||||||||
| Dashboard | ✓ | - | - | ✓ | - | - | - | - | - | - | ✓ | - |
| Payments | ||||||||||||
| Orders | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | - | - | - | - |
| Order actions | ✓ | ✓ | ✓ | ✓ | - | - | ✓ | ✓ | - | - | - | - |
| Disputes | ✓ | - | - | - | - | ✓ | ✓ | ✓ | - | ✓ | - | - |
| APM dispute actions | ✓ | - | - | - | - | ✓ | ✓ | ✓ | - | - | - | - |
| Representment | ✓ | - | - | - | - | ✓ | ✓ | ✓ | - | - | - | - |
| Representment actions | ✓ | - | - | - | - | ✓ | ✓ | ✓ | - | - | - | - |
| Fraud notifications | ✓ | - | - | - | - | - | ✓ | ✓ | - | ✓ | - | - |
| Payment links | ✓ | - | - | - | - | - | - | - | - | - | - | - |
| Section analytics | ✓ | - | - | ✓ | - | - | - | - | - | - | ✓ | - |
| Orchestration | ||||||||||||
| Available connectors | ✓ | - | - | - | - | - | - | - | - | - | - | - |
| Connector accounts | ✓ | - | - | - | - | - | - | - | - | - | - | - |
| Routing configurations | ✓ | - | - | - | - | - | - | - | - | - | - | - |
| Orchestration analytics | ✓ | - | - | - | - | - | - | - | - | - | - | - |
| Billing | ||||||||||||
| Products | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | - | - | - | - |
| Product actions | ✓ | - | - | ✓ | - | - | - | - | - | - | - | - |
| Subscriptions | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | - | - | - | - |
| Subscription actions | ✓ | ✓ | ✓ | ✓ | - | ✓ | ✓ | ✓ | - | - | - | - |
| Coupons | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | - | - | - | - |
| Coupon actions | ✓ | ✓ | ✓ | ✓ | - | ✓ | ✓ | ✓ | - | - | - | - |
| Invoices | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | - | - | - | - |
| Section analytics | ✓ | - | - | ✓ | - | - | - | - | - | - | ✓ | - |
| Billing settings | ✓ | - | - | ✓ | - | - | - | - | - | - | - | - |
| Fraud prevention | ||||||||||||
| List | ✓ | - | - | ✓ | - | - | - | ✓ | - | - | - | - |
| List actions | ✓ | - | - | ✓ | - | - | - | ✓ | - | - | - | - |
| Antifraud list rules | ✓ | - | - | - | - | ✓ | ✓ | - | - | - | - | - |
| Rules | ✓ | - | - | ✓ | - | - | - | - | - | - | - | - |
| Alert list | ✓ | - | ✓ | - | - | ✓ | ✓ | - | - | ✓ | - | - |
| Finances | ||||||||||||
| Settlements | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Monthly reports | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Report actions | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Developers | ||||||||||||
| Channels | ✓ | - | - | - | - | - | - | - | ✓ | - | - | - |
| Apple Pay domains | ✓ | - | - | - | - | - | - | - | ✓ | - | - | - |
| Apple Pay domain actions | ✓ | - | - | - | - | - | - | - | ✓ | - | - | - |
| API logs | ✓ | - | - | - | - | - | - | - | ✓ | - | - | - |
| Reports & Exports | ||||||||||||
| Reports | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | - | - | ✓ | - |
| Finance reports | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Exports | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | - | - | ✓ | - |
| Taxes | ||||||||||||
| Locations | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Location actions | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Tax settings | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Tax settings actions | ✓ | - | - | - | - | - | - | - | - | - | ✓ | - |
| Account settings | ||||||||||||
| Profile | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| User management | ✓ | ✓ | - | - | - | - | - | - | - | - | - | - |
| User invite | ✓ | ✓ | - | - | - | - | - | - | - | - | - | - |
| User reset access | ✓ | - | - | - | - | - | - | - | - | - | - | - |
| Agreements | - | - | - | - | - | - | - | - | - | - | - | ✓ |
| Questionnaires | ✓ | - | - | - | - | - | - | - | - | - | - | ✓ |
| Legal entities | ✓ | - | - | - | - | - | - | - | - | - | - | ✓ |
| Audit log | ✓ | - | - | - | - | - | - | - | - | - | - | - |
Custom roles
Custom roles let you define exactly which operations each team member can perform. Unlike predefined roles, they are fully configurable. You select permissions by section, assign a name, and add a description.
Custom role management is available to Merchant admin users by default. You can grant this access to any role through a custom role.
Create custom role
- Go to Account settings > Roles.
- Click on New role.
- Enter a Name and optionally a Description.
- Expand each permission section and select the operations to include.
- Click on Create to save the role.
After creating a role, you can assign it to users in the User management section in Account settings. Custom roles can be combined with predefined roles, giving each user the exact set of permissions they need to perform their duties.
Edit custom role
- Go to Account settings > Roles.
- Find the role in the Custom roles table and click on it.
- Click on the Edit icon to change the name, description, or permissions as needed.
- Click on Update to apply.
Duplicate custom role
- Go to Account settings > Roles.
- Find the role in the Custom roles table.
- In the Actions column, click on the three-dot menu and select Duplicate.
The copy appears in the list as Copy of [role name] with the same permissions. - Click on the duplicated role to rename it or adjust permissions.
Delete custom role
- Go to Account settings > Roles.
- Find the role in the Custom roles table.
- In the Actions column, click on the three-dot menu and select Delete.
- Click on Delete to confirm.
Audit log
Audit log records actions performed by users within Hub and provides a single source of truth for activity tracking. It captures who performed an action, what happened, where it occurred, and when, including data changes.
This supports security monitoring, analysis of user activity, and compliance requirements.
- Go to Account settings > Audit log.
- Find the required User in the list.
- Optionally, use filters to narrow the results.
- Click on Apply, and see the data update instantly.
Each audit log entry includes user role, user email, IP address, object ID, object type, action description, and timestamp. Logs become available within five seconds after an action, providing near-real-time visibility into activity.
Use the audit log to identify changes made to entities, track actions by role, review entity change history, and analyze login activity.
Handle access
Solidgate Hub applies several security measures to protect accounts, including role-based access management, automatic lockouts, mandatory two-factor authentication (2FA), and Google sign-in.
Account lockout
After multiple failed login attempts, the account locks automatically for 30 minutes.
To restore access:
- If you remember your password, wait 30 minutes for automatic unblocking or ask a Team lead or Merchant admin to unblock the account in the User management section.
- If you have issues with your password or 2FA, ask a Team lead or Merchant admin to reset your password or 2FA in the User management section.
- If the standard methods do not work, contact us to restore account access.
2FA
2FA is required for all roles by default. To avoid sign-in issues, confirm that your authenticator app is set up correctly and that your device time is synchronized.
Common 2FA issues and solutions:
- Invalid verification codes
Verify that you are using the correct authenticator app and that your device time is set automatically. Turn on the automatic date and time in your device settings, then try again. - Lost or broken authenticator device
Ask the Merchant admin to reset 2FA. After the reset, set up 2FA again on your new device. - Moving 2FA to a new device
Ask the Merchant admin to reset 2FA, then complete the setup on the new device. - Errors during 2FA setup
First, ask the Merchant admin to reset 2FA, then try setting up 2FA again. If the issue continues, contact us to restore account access.
Google sign-in
Solidgate Hub supports Google sign-in to simplify the login process. You can sign in using your Google account instead of entering your email and password. To use this option, first link your Google account.
- Go to Profile > Personal.
- Click on Link your Google account.
- Follow the instructions to link your Google account.
Once linked, you can select Sign in with Google on the Hub sign-in page to access your account without entering credentials. If you lose access to your Google account, you can still sign in with your password or contact the Merchant admin to reset your Google sign-in.