Your Admin account

Last update: Mon Jul 10 2023 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

Beginner
Intermediate
Admin
Leader
User

The primary Admin account was initially set up during the installation, and might contain initial placeholder information or sample data information. The designated owner of this account can personalize the user name and password and update the first name, last name, and email address at any time. This account, a super user with all permissions by default, typically creates the Admin user accounts needed for the business.

See Create a user for information on adding or editing users.
See Permissions and User Roles for information about Admin and user roles.

NOTE

Adobe Commerce merchants who have an Adobe ID and want a streamlined login to Adobe Commerce and Adobe Business products can integrate Commerce Admin authentication with the Adobe IMS authentication workflow. After this integration is enabled for your Commerce store, each Admin user must use their Adobe credentials — not their Commerce account credentials — to log in. See Integrating Adobe Commerce with Adobe IMS overview.

The Commerce Admin is protected by multiple layers of security measures to prevent unauthorized access to your store, order, and customer data. The first time you sign in to the Admin, you are required to enter your username and password and to set up two-factor authentication (2FA).

Depending on the configuration of your store, there may be a CAPTCHA challenge to resolve, such as entering a series of keyboard characters, solving a puzzle, or clicking a series of images with a common theme. These tests are designed to identify you as a human, rather than an automated bot.

For additional security, you can determine which parts of the Admin each user has permission to access, and also limit the number of login attempts. By default, after six attempts the account is locked, and the user must wait a few minutes before trying again. Locked accounts can also be reset from the Admin.

NOTE

The first time you sign in to the Admin, you are prompted to Allow admin usage data collection. See Usage data collection for more information.

w-400

Step 1: Set up two-factor authentication

Before you can sign in to the Admin of your store, you must have a two-factor authentication solution set up and ready to use. To learn more about the authentication process used by each solution, see Using Two-Factor Authentication. By default, Commerce supports Google Authenticator.

Ask your Commerce system administrator which 2FA solutions are supported for the store. Then, complete the setup of your preferred 2FA solution according to the provider’s instructions.

Enter the Admin URL that was specified during the Commerce installation.

The default Admin URL looks something like https://www.yourdomain.com/your-custom-admin-domain.

note note
NOTE
Although this documentation uses `admin` as the base URL in most examples, it is recommended that you choose a unique and hard-to-guess custom URL for the Admin of your store.

You can add a bookmark for the page or save a shortcut on your desktop for easy access.

Enter your Admin Username and Password.
(Optional) If a CAPTCHA is enabled for your store, follow the onscreen instructions to resolve the challenge.

To learn more, see CAPTCHA and reCAPTCHA.
Click Sign in.

If it is the first time you have signed in to the Admin from the account, you should receive an email with a link to configuration instructions.

Step 3: Complete the 2FA configuration

The following example shows how to pair your Admin account with Google Authenticator.

When the QR code appears, use one of the following methods to capture the code and pair Google Authenticator with your Admin account.

img-md
w-400

Capture QR Code using a smart phone

On your smart phone, launch Google Authenticator. Tap the plus sign (+) in the upper-right corner of the app. Then at the bottom of the screen, tap Scan Barcode and take a picture of the QR code.
Capture QR Code from browser

If Google Authenticator is installed as an extension in your browser, click the Authenticator icon in the toolbar and capture the page.
Manually enter QR code

Copy the string of text below the QR code. Launch Google Authenticator with either your smart phone or browser, and click the plus sign (+). Then, choose Manual Entry. Under Account, enter the email address that is associated with your Admin account and paste the QR code string into the Key field.

To sign in to the Admin with two-factor authentication, enter the six-digit code generated by Google Authenticator into the Authenticator code field, and then click Confirm.

img-md
w-400

Reset your password

Reuse of the last four passwords assigned to the account is not allowed.

Enter the Email Address that is associated with the Admin account.

img-md
w-400

Click Retrieve Password.

If an account is associated with the email address, an email is sent to reset your password.

note note
NOTE
An Admin password must be seven or more characters long and include both letters and numbers. See Configuring Admin Security for information about password options.

Sign out of the Admin

In the upper-right corner, click the Account ( ) icon.

Click Sign Out.

img-md
w-700 modal-image

The Sign In page displays a message that you are logged out. Sign out of the Admin whenever you leave your computer unattended.

Edit account information

Click the Account ( ) icon.

Click Account Setting.

img-md
w-700 modal-image

Make necessary changes to your account information.

If you change your login credentials, ensure you store them in a secure location.
Enter your current account password.
Click Save Account.

Allow multiple Admin logins

The Admin provides access to manage the orders, customers, products, shipping, and payments functionalities. The default configuration is set to disallow multiple logins for an Admin user account as a security best practice. However, you can change this setting to allow Admin users to be logged in from multiple devices to accommodate your business workflows.