Managing Contacts & Sub-Accounts: Granting Specific Permissions
The Hovixa Client Portal allows you to delegate account management tasks to team members or third-party developers without sharing your primary administrative credentials. By using Sub-Accounts, you can enforce the principle of least privilege, ensuring users only have access to the specific modules—such as Billing or Support—required for their role.
1. Creating a New Contact or Sub-Account
A "Contact" is simply an additional identity for notifications, while a "Sub-Account" is a contact with its own login credentials to the Hovixa portal.
- Log in to the Hovixa Client Portal.
- From the account sidebar or user dropdown, select Contacts/Sub-Accounts.
- Fill in the Personal Information (Name, Email, Phone).
- To allow this user to log in, check the box labeled Activate Sub-Account.
- Specify a secure password for the user.
2. Configuring Granular Permissions
Once the sub-account is activated, you must define their scope of access. You can select individual permissions based on the user's responsibilities:
| Permission Type | Access Granted |
|---|---|
| View & Pay Invoices | Access to billing history, unpaid invoices, and payment methods. Ideal for accounting staff. |
| View & Manage Tickets | Ability to open support tickets and respond to existing ones. Ideal for technical staff. |
| View & Modify Product Passwords | Allows the user to see cPanel/VPS passwords and use Single Sign-On (SSO) links. |
| Manage Domains | Permission to renew domains or modify DNS/Nameservers. |
| View Emails | Allows the user to see a log of all system emails sent to the primary account. |
3. Email Preferences and Notifications
Even if you do not grant login access (Sub-Account), you can use a Contact to redirect specific types of Hovixa notifications:
- General Emails: General announcements and newsletters.
- Product Emails: Welcome emails, service suspension alerts, and resource warnings.
- Domain Emails: Renewal notices and registration confirmations.
- Invoice Emails: New invoices and overdue reminders.
- Support Emails: Notifications when a ticket is opened or replied to.
4. Technical Implementation Details
- Security Isolation: Sub-accounts cannot modify the primary account's profile details or delete the primary administrator.
- 2FA Enforcement: Sub-accounts operate with their own independent Two-Factor Authentication settings. We strongly recommend that all sub-accounts enable 2FA upon their first login.
- Account Ownership: The primary account holder remains the legal owner of all services. Any actions taken by a sub-account (such as cancelling a service) are logged and attributed to that specific user ID.
Management Tip: Regularly audit your Contacts list. When a developer or employee leaves your project, immediately deactivate their sub-account to prevent unauthorized access to your infrastructure.
