# Admins Admins are users who can access the Admin Panel for your tenant. Add one admin per person. Use roles to control what they can see and edit. When your tenant is first set up, you get initial credentials with full permissions. Create additional admins for teammates or service providers. To restrict access, create a role first, then assign it to the admin. See [Roles](https://help.openloyalty.io/main-features/settings/roles). {% hint style="info" %} Admins assigned to a restricted role can only access resources granted by that role. {% endhint %} The Admins list includes active and inactive users (inactive rows are grayed out). You can also see: * Name and surname * Email * Authentication method * Active status * Whether notifications are enabled *** ### 📋 Open the Admins list 1. Go to **Settings → Admins**. 2. Review the table. Use the **Active** column to confirm status. 3. (Optional) Change rows per page using the selector under the table. ![](https://2658975168-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FcNVX03KZzmrGwJihLiEx%2Fuploads%2FK9kvrK7GsEruryb7Ny53%2Fimage.png?alt=media\&token=dc61f5e1-1647-4095-9f45-c9e619df4750) *** ### ➕ Add an admin {% stepper %} {% step %} ### Open the create screen 1. Go to **Settings → Admins**. 2. Click **+ ADD ADMIN**. {% endstep %} {% step %} ### Fill in basic details Complete the required fields: * **Name** (optional) * **Last name** (optional) * **Role** * **Phone number** (optional, if configured) * **Email** (must be unique) * **Password** and **Repeat password** (for Admin Panel login) {% hint style="info" %} Generate a random password for the new admin. Instruct them to use the **Forgot password** feature to access their account without sharing the password. {% endhint %} {% endstep %} {% step %} ### Set status and save 1. Set **Active** to enabled (toggle turns purple). 2. (Optional) Enable **Notifications**. 3. Click **ADD ADMIN**. {% endstep %} {% endstepper %} *** ### 🔑 Admin password (set or reset) Admins use a password to log in to the Admin Panel.

If an admin forgets their password, they can reset it using the password recovery flow.

A recovery link is sent to the email address tied to the account. *** ### 🔐 Permanent user token (API key) A permanent user token (“API key”) lets an admin authenticate API calls. {% hint style="warning" %} The API key does **not** replace the password. Use it for API authentication only. {% endhint %} {% stepper %} {% step %} ### Generate a key 1. Create the admin (if needed). 2. Open the admin details. 3. In **Permanent user token**, click **Generate new key**. 4. Set a key name and expiry date (recommended). 5. Copy the API key and store it safely. {% endstep %} {% endstepper %} {% hint style="warning" %} You can’t view the key again after closing the window. Generate a new one if needed. {% endhint %}

For technical details, see [API Key authentication](https://app.gitbook.com/s/gIv2CyIIYf7vRfuhMKQ6/authentication/access-token-api-key). #### Use the token in requests You can pass the token using headers (recommended) or a query parameter. **Example (header):** ``` curl http://localhost:8181/api/admin \ -X "GET" -H "Accept: application/json" \ -H "Content-type: application/json" \ -H "X-AUTH-TOKEN: customPermanentToken" ``` *** ### ✏️ Manage admins In **Settings → Admins**, open the **⋮** menu on a row: * **Edit** to update details, then click **SAVE SETTINGS**. * **Enable/Disable notifications** to toggle notifications for that admin. To exit **Add Admin** or **Edit Admin**, click **X** in the header.