All The Things About Permission in Magento 2 You Should Know


In Magento 2, the access levels of the admin are determined based on their own roles and permissions straightly. In the very first step of setting your Magento 2 store, the system sends admin a set of login credentials for the Administrator role which is fully provided permissions. Nevertheless, for other people who work on your site, admin is totally able to restrict the level of permissions on a “need to know” basis. For instance, if you are a Designer of the Magento 2 store, the admin completely can allow you to access to only the Design tools. So, for the areas with customers and order information, you are not able to reach.

Besides, you also can further limit the ability of Admin access to only a specific site or set of sites and their associated data. In case you have more than one brands or business units with particular stores running in the same Magento 2 installation, it is free to not only provide Admin access to each of your business units but also hide and protect their data from other Admin users without any struggling.

In addition to these, if an Admin user’s access is restricted to specific websites or stores or both of them, the websites and stores in which admin users are not authorized will either not be visible to them or shown as inactive at all. And only the sales and other data which is enabled for permitted websites and stores is displayed.


In short, here is all the detailed information of Permissions in Magento 2 we want to share you. Hope that this article can bring you as much as impossible necessary knowledge of Permissions and even help you in set up your Magento 2 store greatly. If you find it helpful for yourself, please Like, Share and Subscribe to keep updating for our more coming articles!


Things to Know About Magento Marketplace

Magento Marketplace is a kind of application store which is built-up by Magento platform founders. Magento Marketplace offers businessmen a fundamental selection of solutions from thousands Magento providers in the world as well as provides qualified developers the tools, platform and prime location to build a wealthy business.

To visit Magento Marketplace

Go to Magento Marketplace for visiting

To find Magento partners featured on Marketplace

In the Magento Marketplace Admin homepage, take a look at sidebar and click on Find Partners & Extensions. There will be lists of Magento partners. For more details of each partner, please click on Learn More button under its name and only in a jiffy, all the essential information of selected partner will be displayed on the screen clearly.
To learn more, see the Magento Marketplace User Guide. For extension installation instructions, see Component Manager in this guide, or the Marketplace Quick Tour.

To install extensions

Finding and choosing for a necessary extension for your Magento 2 store to install is not difficult at all when you are in Magento Marketplace. Magento Marketplace aggregates and provides you thousands outstanding Magento extensions from thousands prestigious Magento providers in all around the world. You just need to consider which is the best suitable one for your Magento 2 store and then Magento providers will help you complete the rest parts of installing extension progress.
In addition to these, installing an extension is a process with requiring three steps which should take place during your working hours. Before the extension is installed, the maintenance mode, checked for readiness and backed up are all on for your store getting ready. After the extension is installed, it must be the configuration time for your store following the developers’s instructions.
For more details of step-by-step installation instructions, see the Marketplace User Guide

Intergration in Magento 2

This article guides you to create a new location of OAuth credentials and redirect URL for third-party integrations. Also, you are provided the knowledge of how to identify the available API resources which are necessary for the intergration as well.


Onboarding Workflow

  1. Give permission for intergration: Go to the system/integration screen, looking for the related integration and authorize.
  2. Verify and establish login: When getting the notification, accept the access requested. If you are redirected to a third-party, create a new account or log in to that system with your available account. After registration, please return to the integration page.
  3. Receive confirmation of authorized intergration: The system sends you the notification which the intergration has been successfully authorized. After that, you are no longer need to make calls to access or requests tokens.

To Add a New Intergration

  1. Open the Admin homepage. Then tap System on the sidebar. Next, under Extensions, choose intergration.
  2. Complete the following intergration Information

a. Fill in the Name of the intergration and the Email address.

b. In Call Back URL field, enter the address where OAuth registration information can be sent when using OAuth for token exchange. For recommendation, we think using https:// will be the most suitable one.

c. In Identity Link URL, enter the link used to redirect the users to a third party account with these Magento 2 intergration references.

intergration3. In the board on the left, choose API. Next, do the following:

a. In Resource Access field, choose one of the two options: All or Custom.

b.  Mark the checkbox of each custom access resource which is needed.


4. When complete, click on Save button to finish.

To Change The API Guest Access Security Setting

In Magento 2 default, an anonymous guest is not allowed to access to CMS, catalog and other store resources. In order to change the default setting, do the following:

  1. Open the Admin Homepage. Then, on the sidebar, click on Stores symbol. Next, under Settings, choose Configuration.
  2. In the board on the left under Services, click on Magento Web API.
  3. Expand the Web API Security Setting section.intergration
  4. In Allow Anonymous Guest Access, choose “Yes”.
  5. When complete, tap Save Config button to finish.

If you find it helpful for you, please Like, Share and Subscribe to keep updating for our next blogs!

All The Things About Customer Groups in Magento 2

In Magento 2, there are three default customer groups including General, Not Logged In and Wholesale. Generally, customer groups are set to specific discounts and tax class. Then, in this article, we would like to guide you to create customer group, edit customer group, assign a customer to a different group and delete a customer group. Let’s take your attendance below!

To Create Customer Groups

  1. Open the Admin homepage, then choose Stores on the sidebar. Next, under Other Settings, click on Customer Groups.
  2. Click on Add New Customer Group button. Then, do the following:

a. In Group Name field, enter a unique name with less than 32 characters to define the group.

b. In Tax Class field, select one which is applied to the group.

c. Tap Save Customer Group button to finish.

To Edit Customer Groups

  1. Open the Admin homepage. Then, on the sidebar, choose Stores. Next, choose Customer Groups under Other Settings.
  2. Open the record with edit mode.
  3. Make change if it is necessary.
  4. When complete, tap Save Customer Group button to finish.

To Assign a Customer to a Different Group

  1. Open the Admin homepage. Next, choose Customers on the sidebar. Then, choose All Customers.
  2. Find the customer you want in the grid of list and mark the checkbox in the first column. Next, do the following:
  1. Choose Assign a Customer Group for Actions control.
  2. Set Group control for the new group.
  3. When ready to confirm, tap Ok.

To Delete Customer Groups

  1. Open the Admin Homepage. Then, choose Stores on the Admin sidebar. Next, under Other Settings, choose Customer Groups.
  2. Open the document in edit mode.
  3. In the button bar, choose Delete Customer Group.
  4. To confirm, tap OK.
  5. When complete, tap Save Customer Group button to finish.

In short, here are all the details about Customer Groups in Magento 2 we want to share with you. If you find it helpful for you, please Like, Share and Subscribe to keep updating for our next blogs!

An Easy Way to Configure Customer Password Options in Magento 2

In Magento 2, when you request to reset password, there will be a email sent to you for your notification including the lifetime of the password recovery link. It requires your new password have to meets the compulsory level of security. And you know, all of them, email template, lifetime of the password revovery link and, level of security are able to configure in customer password options from the backend. Moreover, admin can give customers permission to change their own password or set to only store owners can do so.

To Configure Customer Password Options

  1. Open the Admin homepage, then choose Stores on the sidebar. Next, under Settings, tap Configuration.
  2. In the board on the left, choose Customer Configuration under Customers. Next, expend the Password Options sector.
  3. Password Reset Protection Type field offers you 4 methods of managing password reset requests:
  • By IP and Email: The password can be reset online after receiving response about reset notification from Admin account.
  • By IP: The password can be rest online without any confirmation.
  • By Email: The password only can be reset after responding to an email notification sent form Admin account.
  • None: Only the admin can reset the password.
  1. In order to limit the number of reset password times per hour, do the following:

a. In Max Number of Password Reset Requests field, set the maximum number of password reset requests which is allowed to be sent per hour.

b. In Min Time Between Password Reset Requests field, set the minimum number of minutes which must transpire between requests.

  1. In order to configure the password reset email notification, do the following:

a. In Forgot Email Template, choose template used for the email sent to customers who have forgotten their passwords.

b. In Remind Email Template field, choose the template which is used when a password hint is sent to customers.

c. In Reset Password Template fieldchoose template used when customeres change their passwords.

d. In Password Template Email Sender field, set the store contact which appears as the sender of password-related notifications.

  1. To complete the password reset security options left

a. In Recovery Link Expiration Period (hours) field, set the number of hours for valid recovery link.

b. In Number of Required Charater Classes filed, set the number of differnet character types required for a password based on 4 character classes: Lowercase, Uppercase, Numeric, Special Characters.

c. In Maximum Login Failures to Lockout Account field, leave the number of failed login attempts until the Admin account is looked. If you want unlimited attempts, leave zero.

d. In Minimum Password Length field, leave the minimum number of characters which can be used in a password.

e. In Lockout Time (minutes) field, leave the number of minutes an Admin account is locked caused of too many failed attempts to log in.

  1. Tap Save Config to finish.

We have presented  a way to Configure Customer Password Options in Magento 2. We hope that this article can show you useful information to select the appropriate extension for your online shop. If you find it helpful for you, please Like, Share and Subscribe to keep updating for our next blogs!