User Management

Manage platform users, roles, and admin invitations.

Route

/admin/users

Overview

The Users section provides tools for managing all platform users, from customers to administrators, including role management and admin invitations.

Tabs

Users Tab

Statistics

• Total Users - All registered users
• Admins - Administrator accounts
• Verified Users - Email-verified users

User List

View all users with condensed columns (inline verification icons, split wallet display):

• Name - User's full name
• Email - Email address
• Role - User role (Customer, Shop Manager, Marketing, Admin, Super Admin, Moderator)
• Verified - Email + phone verification icons inline
• Site Credit - Site credit wallet balance (sortable as walletBalance)
• Cash Wallet - Cash wallet balance (sortable as cashWalletBalance)
• Registered - Registration date
• Last Login - Last activity
• Actions - Manage user

Search & Filters

• Search — Matches across name and email, supports multi-word queries (e.g. John Smith)
• Role — Filter by any role
• Status — Active, deactivated, suspended, archived
• Verified — Email verification status
• Date Range — Registration date

Filters

• Role - Filter by user role
• Status - Active, inactive, suspended
• Verified - Email verification status
• Date Range - Registration date

Search

Search users by:

• Name
• Email address
• User ID

Admin Invitations Tab

Manage pending admin invitations:

• Email - Invited email address
• Role - Admin level being offered
• Invited By - Who sent the invitation
• Sent Date - When invitation was sent
• Status - Pending, accepted, expired
• Actions - Resend, revoke

User Roles

The platform uses a role-based access control (RBAC) system. Each admin is assigned one role that grants a permission set. Roles can be changed by a Super Admin, and every role change is audit-logged and requires step-up authentication.

Role Types

• Customer - Regular platform user

  • Can enter competitions
  • Make purchases
  • View own orders
  • Update own profile

• Moderator - Content-only role

  • Pages, media, limited read access

• Shop Manager

  • Competitions (read-only — cannot edit, archive, delete)
  • Orders (read-only — cannot refund or update status)
  • Users (read), wallets (read/write)
  • Winners, fulfilment, withdrawals
  • Can mark a user as ID Verified from the User Details panel (step-up code required)
  • Cannot see revenue or customer spend totals (Card Revenue tile, Customer Spend Report, Revenue Report)
  • Cannot see lifetime spend / profit & loss on a user (Lifetime Value tile stays hidden)
  • Cannot change roles or system settings

• Marketing

  • Pages, media, menus, homepage builder
  • Marketing campaigns (email, push, SMS)
  • Audience segments
  • Cannot see individual customer financials

• Admin - Platform administrator

  • All Shop Manager + Marketing permissions
  • Access most settings
  • Invite other admins (not Super Admins)
  • Cannot change Super Admin roles or access destructive system-level actions

• Super Admin - Full system access

  • All admin permissions
  • Role management (including Super Admin)
  • System configuration
  • Access logs and audits
  • Step-up auth still required for destructive actions

Step-Up Authentication

Certain sensitive actions require a second factor even when you're already logged in:

• Changing another admin's role
• Viewing user bank details (withdrawals)
• Archiving / deleting customer accounts
• Manually adjusting wallet balances

The Step-Up Auth Dialog asks for a code sent to your registered email. Codes expire in 5 minutes and are single-use. Every step-up is logged against your admin account in the audit trail.

User Details

Click a user to view full details:

Account Information

• Full name
• Email address
• Phone number
• Date of birth
• Registration date
• Email verification status
• Account status

A red no-entry icon next to the email address means it's on the block list and won't receive emails. Hover or tap the icon to see why (hard bounce, soft bounce, or spam complaint) and when it was recorded. This explains why a customer says they aren't getting confirmation or marketing emails. Manage the full block list under System Logs.

Order History & Lifetime Value

• All orders placed
• Total amount spent
• Average order value
• First purchase date
• Last purchase date

For customers migrated from a previous platform, the Lifetime Value figure includes their pre-migration spend. A subtitle below the figure surfaces the imported portion explicitly (e.g. "£500.00 imported from previous platform") so the combined number is auditable at a glance. Imported spend is treated as part of lifetime value across the customer spend report and audience segments; it intentionally does not affect the Customer P/L figure, because pre-migration orders have no cost basis on our side.

Competition Entries

• Competitions entered
• Total tickets purchased
• Wins
• Active entries

Account Activity

• Last login
• Login history
• IP addresses
• Device information
• Activity log

User Actions

Edit User Details

1. Click user from list
2. Click "Edit"
3. Update information:
   • Name
   • Email — login email. Editing it changes the address the customer logs in with and (if they're on a marketing list) updates their record in Klaviyo / Resend. Their email-verified status is left as-is, so use this only when correcting a genuine mistake.
   • Phone
   • Role (if authorized)
4. Save changes

Change User Role

1. View user details
2. Click "Change Role"
3. Select new role:
   • Customer
   • Admin
   • Super Admin
4. Confirm change
5. User notified of role change

Note: Only Super Admins can change user roles.

Activate/Deactivate Account

1. View user details
2. Click "Deactivate Account" or "Activate Account"
3. Confirm action
4. User notified of status change

Deactivated accounts:

• Cannot log in
• Cannot place orders
• Retain all data
• Can be reactivated

Suspend Account

1. View user details
2. Click "Suspend"
3. Enter suspension reason
4. Set duration (optional)
5. Confirm suspension

Suspended accounts:

• Temporarily disabled
• User sees suspension message
• Can be unsuspended
• Logs suspension in audit trail

Reset Password

1. View user details
2. Click "Reset Password"
3. Password reset email sent
4. User receives reset link

Archive User (GDPR)

For GDPR "right to be forgotten" requests, use the archival flow instead of a raw delete. Archival is reversible for a grace window and preserves referential integrity on orders, winners, and audit logs.

1. Open the user detail modal
2. Click Archive Customer
3. Complete step-up auth
4. Provide a reason (GDPR request, fraud, duplicate, other)
5. Confirm

When a user is archived:

• Personal data (name, email, phone, address) is replaced with [archived-<userId>] placeholders
• Historical orders and entries are retained for accounting but no longer tied to identifying data
• Login credentials are invalidated — the user cannot sign in
• Entry in the audit trail records who archived, when, and the reason

Archived users appear in the user list when the Archived status filter is applied. A Super Admin can Restore an archive within the grace window (30 days by default) which un-redacts the fields.

Delete User

Hard delete is reserved for duplicates or test accounts with no orders. If any orders exist, the system refuses the delete and prompts you to archive instead.

1. View user details
2. Click "Delete User"
3. Confirm deletion (irreversible)

Note: Deleting users with active entries requires special handling — use archive instead.

Admin Invitations

Sending Invitations

1. Navigate to Admin Invitations tab
2. Click "Invite Admin"
3. Enter email address
4. Select admin level:
   • Admin
   • Super Admin
5. Add personal message (optional)
6. Send invitation

Invitation email includes:

• Invitation link
• Role being offered
• Who invited them
• Expiry date (7 days)

Managing Invitations

Resend Invitation

1. Find invitation in list
2. Click "Resend"
3. New email sent
4. Expiry date extended

Revoke Invitation

1. Find invitation in list
2. Click "Revoke"
3. Confirm revocation
4. Invitation link invalidated

Invitation Status

• Pending - Not yet accepted
• Accepted - User created admin account
• Expired - Invitation expired (7 days)
• Revoked - Invitation cancelled

User Activity Logs

View user activity:

• Login attempts
• Password changes
• Profile updates
• Orders placed
• Competition entries
• Admin actions (if admin)

Export activity logs for:

• Security audits
• Compliance
• Support investigations

Bulk Actions

Export Users

Export a CSV of users matching your current filters:

1. Apply filters in the user list
2. Click Export CSV
3. Download includes columns for name, email, phone, wallet balances, registration date, last login, role, verification status, and tags
4. The export action is recorded in the audit log (who, when, how many rows)

Use cases:

• Marketing lists (after respecting suppressions — consented users only)
• Compliance / subject-access requests
• Data analysis
• Periodic backups

Note: Exports respect archival — archived users are written out with redacted placeholders, not real PII.

Bulk Email

1. Select users or apply filters
2. Click "Send Email"
3. Compose message
4. Send to filtered users

Security Features

Two-Factor Authentication

Monitor 2FA adoption:

• Users with 2FA enabled
• Encourage adoption
• Enforce for admins

Suspicious Activity

Flag suspicious accounts:

• Multiple failed logins
• IP address changes
• Unusual spending patterns
• Account sharing indicators

Password Policy

Enforce password requirements:

• Minimum length
• Complexity rules
• Expiry period (admins)
• Login attempt limits

Tips

• Review new user registrations regularly
• Monitor admin accounts closely
• Use role-based access appropriately
• Keep admin invitations current
• Export user data periodically
• Track suspended accounts
• Audit admin actions
• Encourage 2FA for all admins
• Document role changes
• Respond to user requests promptly