Account Management
The Account Management module handles account types, permissions, and hierarchies within PulseCRM.
Overview
This module provides:
- Multi-tenant architecture with account-level isolation
- Account type management
- Permission hierarchies
- Account relationships
Core Components
Account Types
The system supports various account types:
- Internal accounts
- ISO accounts
- Agent accounts
- Merchant accounts
- Service provider accounts
Key Tables
accounts
Primary table for account information:
- id: Primary key
- name: Account name
- type: Account type reference
- status: Account status
- created_at: Creation timestamp
- updated_at: Last update timestamp
accountTypes
Defines different types of accounts:
- id: Primary key
- name: Type name
- permissions: Default permissions
- features: Available features
- hierarchy_level: Position in account hierarchy
accountsOnUsers
Maps relationships between accounts and users:
- account_id: Reference to accounts
- user_id: Reference to users
- role: User's role in account
- is_primary: Primary account flag
- permissions: Account-specific permissions
Features
Multi-tenant Architecture
- Account-level data isolation
- Hierarchical data access
- Cross-account permissions
- Tenant-specific configurations
Permission Management
- Account-level permissions
- Role-based access control
- Permission inheritance
- Custom permission sets
Account Hierarchy
- Parent-child relationships
- Permission propagation
- Resource sharing rules
- Access control inheritance
Account Administration
- Account creation and setup
- User assignment
- Permission configuration
- Account status management
API Endpoints
List Accounts
GET /api/accounts
Query Parameters:
type: Filter by account typestatus: Filter by account statusparent: Filter by parent account
Create Account
POST /api/accounts
Request body:
{
"name": "string",
"type": "string",
"parent_id": "string",
"settings": {
"features": ["string"],
"permissions": ["string"]
}
}
Get Account Details
GET /api/accounts/{accountId}
Returns comprehensive account information including:
- Basic details
- User associations
- Permission sets
- Feature access
Update Account
PUT /api/accounts/{accountId}
Update account information:
{
"name": "string",
"status": "string",
"settings": {
"features": ["string"],
"permissions": ["string"]
}
}
Account Types
Internal Account
- Full system access
- Administrative capabilities
- System configuration access
- Global data access
ISO Account
- Merchant management
- Agent management
- Processing oversight
- Revenue tracking
Agent Account
- Lead management
- Application processing
- Merchant support
- Limited data access
Merchant Account
- Transaction processing
- Statement access
- Support tickets
- Equipment management
Service Provider Account
- Integration access
- API management
- Service configuration
- Support tools
Best Practices
-
Account Setup
- Define clear hierarchy
- Configure appropriate permissions
- Document relationships
- Verify access controls
-
Permission Management
- Follow least privilege principle
- Regular permission audits
- Document permission changes
- Monitor access patterns
-
Data Isolation
- Verify tenant boundaries
- Implement access controls
- Monitor data access
- Regular security reviews
-
Account Administration
- Regular status reviews
- Update documentation
- Monitor usage patterns
- Maintain audit trails
Integration Points
User Management
- User-account associations
- Role assignments
- Permission mapping
- Access control
API & Integration
- Account-based API keys
- Integration permissions
- Access tokens
- Rate limiting
Merchant Management
- Account hierarchies
- Processing relationships
- Revenue sharing
- Support access
Security Considerations
-
Access Control
- Role-based permissions
- Account isolation
- Audit logging
- Session management
-
Data Protection
- Encryption at rest
- Secure transmission
- Access logging
- Data retention
-
Compliance
- Regulatory requirements
- Industry standards
- Audit requirements
- Documentation