Creating a User

A user is anyone who accesses and uses Mambu via the UI or the API. Each user has a user account that stores the access credentials, the details of the person using the system, the role, and the permissions.

A list of users can be found at Administration > Access > Users.

Permissions for managing users

The following permissions are required for you to be able to perform the relevant management actions on users:

• Create Users (CREATE_USER)
• Edit Users (EDIT_USER)
• View User Details (VIEW_USER_DETAILS)
• Delete Users (DELETE_USER)

Creating a user

To create a user:

1. Either go to the top bar and select Create > User, or on the main menu, got to Administration > Access > Users and select Create New User.
2. In the Create A New User dialog, enter all the necessary information. For more details on the fields in the various sections of the form, see below.
3. Select Save User.

General section

User Rights section

Type

Under the User Rights section, you can select an optional user Type. There are three options for types: Administrator, Teller and Credit Officer. A user that has one of these types has special characteristics that will be described below.

Administrators

Administrator users (admins) have all permissions and can perform any action in Mambu. Only admins can create or edit other admins. Selecting the Administrator checkbox removes the Permissions section from the Creating a New User form.

Admins have all the permissions of the credit officer and teller user types.

Admins also have additional access permissions in Mambu that are not available to non-admin users and which cannot be assigned as granular permissions. For example, admins have access to the usage rights settings of saved custom views. For more information, see User types and saved custom views.

Regular users (non-admins) can be granted certain admin rights by either assigning a role or assigning granular permissions under the Permissions section.

Credit Officers

Credit officers have the option of having clients and groups assigned to them, this relationship allows for better reporting and client management.

Tellers

Tellers have access to the teller module. Special tellering permissions give them access to the different actions available on this module, for example opening or closing tills, posting transactions on a till, and adding and removing cash from a till.

Access Rights

Under the User Rights section you can select the Access Rights. There are two different access rights types Mambu and API.

Mambu

The Mambu access type is for regular Mambu UI users. Mambu access allows the user to log in to Mambu via the regular web user interface, using their login credentials.

API

The API access type is for basic authentication access to Mambu API endpoints. API access allows the user to authenticate and interact with Mambu using Mambu's APIs.

Most of the time such an user is not an actual person, but a piece of software that makes calls to Mambu APIs. We recommend creating user accounts for such cases to provide a more clear transaction audit trail.

Like other user types, API users also require the necessary user permissions necessary to perform any desired action. Transactions posted by API users are kept in the logs in the same way as user actions from regular users.

All API users must use basic authentication. For more information on basic authentication and API keys at Mambu, see Authentication in our API Reference.

Permissions

A user in Mambu may be assigned permissions either directly or through a role. However, a single user cannot be assigned permissions in both ways.

If you do assign a role to a user, you may assign granular permissions to them. Note that some permissions are provided by roles that cannot be assigned directly to users.

To assign granular permissions to a user:

1. Select Permissions.
2. Check the boxes next to the permissions that you wish to assign to the user.
3. Select Save User.

For more information, see Understanding Users, Roles, and Permissions and Permissions.

Permissions for managing users

The following permissions are required for a user to be able to perform the relevant management actions on a user account:

• View User Details (VIEW_USER_DETAILS)
• Create User (CREATE_USER)
• Edit User (EDIT_USER)
• Delete User (DELETE_USER)

If these permissions are not assigned to a user, that user will not be able to see the Users tab under Administration > Access and the Users option under the Create menu in the top bar.

User Access

Under the User Access section you can enter the information the new user will need to login to Mambu.

Username (required)

Usernames must be unique and they cannot be changed.

Email

The email address is required for using the "Forgot your password?" link in the login screen. The password recovery email will be sent to this address.

Password (required)

When you create your password, the system will show you how safe it is. The minimum number of characters for your password is defined in Administration > Access > Preferences.

The password must contain at least one digit and one letter.

Two Factor Authentication

For additional security, two factor authentication can be enabled for users. Only Administrator users can setup two factor authentication for other users. To enable two factor authentication for a user select the Two Factor Authentication checkbox under User Access. Then, ensure that you add a mobile phone number in the Contact section.

When this setting is enabled, users will be sent an SMS on their registered mobile number, which they will need to enter in the Mambu login screen in addition to their password.

An SMS gateway needs to be defined to be able to use two factor authentication. For more information, see SMS Gateway Setup.

Mambu Display Language

This setting configures the language used to display menus and options in Mambu for the user. The default language selected is English.

For more information on how to edit the Mambu display language and how it affects the language settings for your clients, communications, and more, see Language Settings.

Contact

Under the Contact section you can enter your mobile phone number and home phone number.

Assigned To

Users can be associated with a specific branch, allowing access to that branch and its clients and information.

The Branch field defines the branch to which the user belongs. To assign the user to a branch, choose the branch from the list.

Access Rights

The Access Rights section determines which branches a user can access.

If the Can access all branches check box is selected then the user has access to all branches.

If the Can access all branches check box is not selected then you can select individual branches that the user will have access to. In order to select an individual branch select the branch from the Branch dropdown. The branch will then appear in the Branch access area. If the user is assigned to a branch, the assigned branch will appear pre-selected in the Branch access area.

If your user is a Credit Officer then you will have an additional Can access other credit officers clients check box. This option gives the new user access to all clients and accounts assigned to:

• the other credit officers in their assigned branch.
• credit officers who are not assigned to any branch.

Transactions Limits

For any user who doesn't have Administrator permissions, you can set maximum amounts on transactions.

There are six different transaction types that you can set a limit to: Loan Approval, Loan Disbursement, Fee Application, Entry of Deposits, Withdrawals and Repayments.

To set a limit on transactions a user can perform:

1. Under Transaction Limits, select Add Limit.
2. Choose the transaction type from the dropdown menu.
3. Enter the limit amount for that transaction.

Custom fields

If you need to capture additional information about the users, you can create Custom Fields under Administration and add them to the users' profiles when creating a new user. For more information, see Custom Fields.

Other users

There are a couple users that our team creates in order to assist you with onboarding and support cases. For more information on the the Mambu Delivery user, see Mambu Delivery users while onboarding and about the Mambu Support user, see Granting access to your account with the Mambu Support user.