Identity & Access Management

Make sure the right people can only do the right things

Control exactly who can see, edit, approve, and delete across your entire business. When you hire someone new, set their permissions in minutes. When someone leaves, revoke access instantly. Every action is logged so you always know who did what.

Granular
Staff Controls
Bank-Grade
Login Security
Real-Time
Activity Tracking
Minutes
Setup Time
Key Features

What you can do

A detailed look at the capabilities included in this module.

User Management

  • User Profiles
    Create, update, and deactivate user accounts with complete profile information including contact details and department assignment.
  • Bulk Operations
    Import and manage users in bulk with CSV support, making it easy to onboard entire teams at once.
  • User Status Tracking
    Monitor active, inactive, and locked accounts with full audit history of status changes.

Authentication

  • JWT-Based Authentication
    Secure token-based authentication using industry-standard JSON Web Tokens for stateless, scalable access control.
  • Refresh Tokens
    Automatic token renewal with configurable expiry windows so users stay signed in without compromising security.
  • Multi-Device Support
    Users can authenticate from multiple devices simultaneously with independent session tracking for each.

Password Security

  • Complexity Requirements
    Enforce minimum length, character variety, and custom complexity rules to meet your organization's security policy.
  • Password Expiry
    Set configurable expiry periods with advance notification emails so users reset passwords before lockout.
  • Password History
    Prevent password reuse by tracking previous passwords and rejecting repeats within a configurable window.
  • Account Lockout
    Automatically lock accounts after repeated failed login attempts with configurable thresholds and cool-down periods.

Session Management

  • Device Tracking
    See every active session with device type, browser, IP address, and last-activity timestamp.
  • Remote Revocation
    Administrators can instantly terminate any session from the dashboard — ideal for lost devices or off-boarded staff.
  • Session Expiry
    Configurable idle and absolute timeout policies ensure stale sessions are cleaned up automatically.

Roles & Permissions

  • 250+ Granular Permissions
    Fine-grained permission set covering every API endpoint and UI action across all OpsmatiQ modules.
  • Custom Roles
    Create unlimited custom roles by combining permissions — from read-only auditors to full admin access.
  • Role Assignment
    Assign multiple roles per user and change assignments instantly without disrupting active sessions.

Groups

  • Department Groups
    Organize users into departments for streamlined role assignment and access-policy inheritance.
  • Team Groups
    Create cross-functional teams that span departments, each with their own shared permissions.

Security-Trimmed Navigation

  • Permission-Based Menu Filtering
    The navigation menu is dynamically filtered based on each user's permissions — users only see what they can access.
  • Tenant-Configurable Menu
    Administrators can reorder, rename, disable, or restructure menu items per tenant without code changes.

What OpsmatiQ automates

These happen automatically — no manual intervention needed.

  • Staff only see menu items they have permission to use — no confusion, no mistakes.
  • Expired sessions are cleaned up automatically — no manual purging required.
  • Password expiry reminders are sent before the deadline so nobody gets locked out.
  • Every login, logout, and permission change is logged for full accountability.
  • New staff members can be onboarded in bulk via CSV — entire teams set up at once.

Connected to other modules

Data flows seamlessly between modules — no manual handoffs.

  • Every module checks permissions through the centralized authorization engine before allowing any action.
  • Audit logs from Identity & Access are available to the Accounting module for compliance reporting.
  • User and role information flows into Catalog and Sales for ownership and approval workflows.

Related modules

These modules work closely together to power your business workflows.

Catalog Management

Set up your products, prices, and tax rates once — use them everywhere.

Learn more

Accounting & Finance

Books that update themselves. File VAT in hours, not days.

Learn more

See Identity & Access Management in action

Book a personalized demo to explore this module with your own data.

Book a DemoView Pricing