Adding and managing users

In this article

User types explained
Adding a new user
Linking a User to their Address Book profile
Duplicating an existing user
Changing a username
Changing a user password
Resetting a user password
Keeping on top of changes
Reporting options for Administrators
Deleting a user

User types explained

Two types of Users can access your admin-facing ChurchSuite account – Administrators and Users.

1. Administrator

An Administrator has full access to all the modules on your ChurchSuite account. There must always be at least one Administrator on your account. There's no limit to the number of administrators or users you can have on your ChurchSuite account. Multi-site customers can also assign Site permissions - perhaps giving admin access to some sites (permitted sites), but not to others. Permitted Sites can be just a single site, any combination of multiple sites, or 'All sites". All sites mean all current sites AND any new sites that may be added in the future.

Module passwords

While Administrators have full access to all modules, you can optionally add a module password to any module as an additional layer of module security, to keep that module's data confidential from any user or administrator unless they know the module password. A good example might be your Giving module, where typically you may prefer this module to only be accessible to authorised finance team members. By adding a module password to the Giving module and sharing it with your finance team users, administrators will be unable to access the Giving module unless they know the module password. See our related support article for further information on adding a module password.

All Administrators uniquely have access to the Administrator area. Through this menu, they can manage Users, User Groups, Modules, Files, your account Profile, Presets, Brands and Integrations on your account. There's also an Administrator Reports section. Only Administrators can add and manage other Users.

2. User

Users can only access selected modules, specified on a user-by-user basis. For each module a user's permissions can be set as None, Use, Write or Manage, as explained below. For multi-site customers, Users are also assigned Sites permissions - perhaps permitting module access to some sites, but not to others. Note that the module permissions apply to each site a user has access to - it's not possible to grant site-specific module access. For example, a user with Address Book "Write" permissions will have "Write" permissions for the Address Book for each permitted site.

Multi-site customers can also assign Site permissions - perhaps giving admin access to some sites (permitted sites), but not to others. Permitted Sites can be just a single site, any combination of multiple sites, or 'All sites". All sites mean all current sites AND any new sites that may be added in the future.

User-specific access to your ChurchSuite Connect applications can also be granted independently of module permissions. For example, you could give users access to the Child Check-In system (one of the Connect applications) without necessarily needing to also give Children module permissions.

Let's explore the four incremental levels of User module access in further detail:

None - the user has no module access and the module is not listed in the user's module bar in ChurchSuite. A user with no permissions for any module will be unable to log into ChurchSuite but will be able to log in to Connect if they have been assigned permissions for one or more Connect applications. For example, a Janitor may have a user account with no module or Connect permissions simply to maintain a Leave Setup and to process leave requests for that user staff member.

Use – broadly speaking this user can use the data within the module, but they cannot make changes - they can't add, duplicate, or import new data to the module, or edit, merge, move or delete existing data. However, those with "use" permissions for a module can perform the following limited activities:

  • compose and send communications, including sending consent requests, My ChurchSuite invitations and password resets, and save a composed message as a Preset
  • export or output data to a CSV file
  • produce reports, including printing and downloading report results
  • assign people to existing Fixed Tags, assign existing Key Dates to people, and add people to existing Flows
  • process people through Flows, including running permitted actions for that Flow. Permitted actions include:
    • Set active - if the person being processed is currently in the 'Pending' section of the module
    • Remove from Flow
    • Modify a person's Flow "Due Date" and "Assigned User"
    • Add to Group - if the User has at least Write permissions for the Small Groups module
    • Add Key Date - if that Key Date is visible to the User
    • Add Tag - if that Tag is visible to the User
    • Remove Tag - if that Tag is visible to the User
    • Move to Stage - within the current Flow
    • Add to Flow - if that Flow is visible to the User
    • Send Email - if that Preset email is visible to the User
    • Send SMS - if that Preset SMS is visible to the User
  • add, pin, unpin, edit and delete Notes they have authored
  • access Event Check-In and the Event Page from an event's 'View' page if they have Calendar module access
  • send event invitations - if they have Calendar module access
  • submit their own leave requests - if they have Calendar module access
  • view the module's settings
  • access their User area where they can fully manage Preset Emails/SMSs visible to the User, and fully manage Files
  • manage certain aspects of their User account, including managing their email signature, user email address, user password, and enable/disable multi-factor authentication.

Write – the user has full module access and can add, duplicate, import, edit, merge, move and delete data within the module, and can view the module's settings.

Manage – the user has Write permissions and is also able to manage and make changes to the module's settings affecting all module users.

Connect – the user can log in and fully use selected Connect applications. They have no module access unless their user permissions explicitly include at least 'use' permission for a module. In this way, key volunteers can make use of your Connect functionality without needing access to any personal or sensitive information in your ChurchSuite modules.

Sites (multi-site customers only) - the user's module permissions above apply to each permitted site. A user can only access the data in a permitted module for permitted sites. A user cannot add, import, edit, duplicate, merge, move or delete data on a non-permitted site. See our related support article on Multi-site functionality for further information about this feature.

Adding a new user

To add a new user account, head to the Administrator area of ChurchSuite. In the Users section, note the option to switch between viewing Active or Archived users. Click Add user.

On the Add user pop up enter a suitable Username. Usernames must be unique, and be between 2-25 characters - letters, numbers, underscores and full stops are accepted. No spaces are permitted. While passwords are always case sensitive, usernames are not. The Username and user Email fields are required. User password reset emails will be sent to the user email address. The user's Email address is also the default "From" address for emails sent by the user through ChurchSuite (and therefore the email address to which replies will be delivered).

Optionally link a User's account to their Contact profile in the Address Book - user-contact linking is explained in further detail later in this article. As you begin to type in the Contact search, ChurchSuite will auto-suggest matching names in the Address Book, or you can type a user's Name.

Multi-site customers can specify which Site/s the user can access. A user has the same module access for each permitted site selected – it's not possible to assign site-specific module access. All users, including Administrators, must have at least one site selected, otherwise, they will not be able to log in to ChurchSuite. All sites mean all current sites AND any new sites that may be added in the future. When assigning user site permissions, bear in mind that the user will only be able to assign people in your ChurchSuite modules to one of their permitted sites; so, a Site A-only user will only be able to assign new Address Book contacts to Site B; and only an All sites user can assign people to All sites.

Select the user TypeAdministrator or User. See the previous section for an explanation of the different types of users.

If selecting User, set each module permission level by dragging the permission sliders.

Continuing down the pop-up, optionally select Connect applications the user is permitted to access. Selected applications will turn from grey to blue.

Each user's ability to communicate within their permitted modules is Unrestricted. However, you can optionally restrict a user's Communication functionality - either to a Fixed Number or Percentage of recipients. The restriction applies only to email and SMS and applies to all permitted sites and modules.

Finally, each new user will be sent a Welcome email, which contains details of their Username and a secure link enabling them to set their password. You may optionally untick this option and not send a Welcome email - perhaps if you intend to manually specify the user's password (as described later in this article), or where the user account exists for the sole purpose of having a Leave Setup for leave recording purposes and where that user does not require any module access. For security reasons, the sent Welcome email, which contains a personal link to set a password, is not shown logged in the user's Communication log.

When you are finished, click Save to add the new user and be redirected to the user's "View" page, showing all the user details you've just set.

You can return to this user "View" page at any time in the future, perhaps to Edit and make further changes. Note also the options to Send a password reset, Change passwordDuplicate, Archive or Delete a user, and set a user's Signature.

From the Groups tab, you can manage the User Groups the User belongs to - further explained in our related support article. Scroll to the bottom of the "View" page to see the user's Communication and Changes logs. The "Created" date/time stamp for the user is recorded in the bottom left corner...

...and a record of the newly-created user is added against the Changes log of the Administrator who added the user.

There are times when it's helpful to link a User's profile to their contact profile in the Address Book module – here's why...

  • Linked users can access both ChurchSuite and My ChurchSuite through their browser using a single login with either their username, user email address or contact email address. They can also access their My ChurchSuite account from a Quick links widget on their ChurchSuite Dashboard page without being required to log in again
  • By default, all emails are sent from the User email address specified in a user's profile. When a User is linked to their underlying contact in the Address Book, that user will also have the option of selecting that an email is sent from their Contact profile email address, typically their 'personal' email address
  • Users with linked contacts have their birthday shown on the calendar in the Calendar module (if their date of birth is specified on their Contact profile) – never miss a staff member's birthday again!

The Users list gives you a quick visual indicator of the User accounts that are currently linked to a Contact.

To link a user, select Edit from the Action menu on the right-hand side.

On the Edit User pop up use the Contact Search to locate the Address Book contact; names will be auto-suggested as you type. Select the appropriate contact – only contacts are listed; children cannot be Users.

The User's Name, Email address and profile image are updated to reflect the linked contact's name, email address and Address Book profile image. You can optionally specify a different User email address if you wish; perhaps using a church/organisation domain email address, while retaining their 'personal' email address against their Address Book contact profile.

Saving the changes, the User's profile now shows the Address Book Contact that the User is linked to.

Duplicating an existing user

It's often the case that the module and/or site permissions being assigned for a new User are going to be the same or similar to an existing User. You can speed up the process of creating multiple Users by duplicating an existing User, either clicking Duplicate from the existing User's profile page...

...or by selecting the Duplicate action from the Users section.

...or from the Permissions report in the Administrator > Reports section.

Whichever method you use, selecting Duplicate will open the Duplicate user pop-up, pre-populated with all the selected user's details, module permissions, connect and site settings and any communication restriction. Add the new user's Username and update the other user-specific details as appropriate before saving the changes. Remember to review the new user's Signature and User Group assignments.

Changing a username

It's sometimes necessary to change a User's username, perhaps if you're changing your user naming convention, or if you have two Users with similar names that you wish to better distinguish. Working within the Administrator area, navigate to the user's "View" page. Click to Edit...

... and then select to Edit their Username.

On the Change username pop-up, enter the new username. Usernames must be unique and be between 2-25 characters - letters, numbers, underscores and full stops, no spaces. Click Save & Return to apply the changes and Save the user account. Don't forget to let the user know their new Username! Their password remains unaffected by this change.

Changing a user password

It may be necessary to change and specify a User's password (rather than send the user a password reset email). While a User can always change their password (in their User Account settings or via a password reset email), only an Administrator can specify another user's password.

Working from a user's "View" page, select Change password.

On the Change password popup, enter the New Password and then Confirm Password. Note the Password Criteria for a valid password. As you type a new password a strength indicator changes from red to yellow to green to indicate the password's strength, and the Password Criteria changes from grey to green as each criterion is met. It's not possible to enforce a minimum password strength.

When user passwords are first set, changed, or reset, ChurchSuite will prevent users from choosing a known insecure password. ChurchSuite references a database of known compromised passwords and will not allow a previously-compromised password to be used. Note, that this does not mean that the user, or their email address, is on that database; simply that the password they are choosing is known to have been previously compromised when it was used in another context.

Click Save to apply the changes. Don't forget to let the User know their new password!

Resetting a user password

Important

Password reset emails are only valid for 24 hours, after which time they cease to work. If multiple password-reset emails are requested, only the most recent email will be valid – each new reset email deactivates all previous reset emails.

Should a User forget their password, a password reset email can be requested. This can be done in one of two ways...

Users can request their password reset

...by selecting the Forgotten Password? option at the "Enter your password" stage of the login process when logging in through a browser.

The user is required to enter a valid User Email Address (which may be different to the User's Address Book profile email address) - the password reset email is sent to this address. The sent reset email is logged against the user's profile.

An Administrator can send a password reset

An Administrator can send a password reset email for any User (except themselves) from the Users section within the Administrator area. On the User's profile "View" page, click Send password reset. A password reset email will immediately be sent to the User's email address and is logged into the user's Communication log. A 'success' message confirms that a password reset email has been sent.

The password reset page

On receipt of a password reset email, clicking the reset link included in the message will open the Enter your new password page. Note the Password Criteria required for a valid password. As the new password is typed and confirmed, a strength indicator changes from red to yellow to green to indicate the password's strength, and the Password Criteria changes from grey to green as each criterion is met. Password reset emails are only valid for 24 hours.

Note: ChurchSuite will prevent your users from choosing a known insecure password. ChurchSuite references a database of known compromised passwords, and will not allow a previously-compromised password to be used. For clarity, this does not mean that the user or their email address is on that database; simply that the password they are choosing is known to have been previously compromised when it was used in another context.

Keeping on top of changes

Whenever an Administrator makes changes to a User's profile, or a User makes a change to their user profile, a note of the change is recorded in the Changes log for that User, shown at the bottom of the profile "View" page. The log includes full details of the changes made, the date and time of the change, and the name of the User or Administrator who made them.

Reporting options for Administrators

The Administrator area includes a Reports section with a range of useful User-related reports specifically designed to help with managing Users.

The Logins report enables Administrators to view a list of the user login attempts made to ChurchSuite and ChurchSuite Connect within a range of Dates. The results include the Date, whether the login was successful, the Username used, the Device used and the IP Address from which the login attempt was made.

A note about the Logins report

Where able, ChurchSuite will log successful and failed login attempts by users and members.

When a user/member logs into ChurchSuite on an iOS or Android app...

  • A login is logged on the first login
  • A login is logged when the authentication token is refreshed (approximately every 24 hours)
  • A login is logged when switching between accounts within the app i.e. when switching from ChurchSuite to My ChurchSuite and vice versa

When a User logs in via a private or non-private session through a browser...

  • A login is logged on the first login
  • A login is logged when the authentication token is refreshed (approximately every 24 hours)

A login "failure" is only logged against a username for an incorrect password. An incorrect username can't be logged as the username is invalid!

The Password Security report gives a summary of each user's password strength and when their password was last changed. You might use this information to request that a user increases their password security or changes their password periodically. The strength is an algorithm-based indicator designed to suggest the relative strength of the password based on how long it might take an automated bot to crack a password. A "Bad" strength indicates that the password is more easily guessed compared to a comparatively stronger password.

Note: ChurchSuite can only detect the strength of a password when it is physically typed in by a User on a login page. If a user has "autofill" enabled on their browser or they have copied and pasted it (perhaps when using a password vault app like 1Password) it isn't possible to detect the strength of the password. The browser choice may also have an impact on this too as some of the more obscure browsers don't support all functionality. Note that if a user has saved their password in their browser then that will prevent the strength detection from actually running, as the browser's security measures don't permit ChurchSuite access to the browser's saved password list to check the strength.

The Permissions report displays a table of the module access for all users in your ChurchSuite account. Administrators can use this report to manage the permissions of each user within the account. Clicking the Action menu on the right-hand side surfaces the available actions. For multi-site customers, the report displays user Permissions for the Site being viewed. Using the multi-site selector in the top-right corner of ChurchSuite, you can filter the report to show all users for "All Sites" or all users for a specific site.

The Recent Changes report gives a list of all user changes made to users by Administrators or by the user themselves.

Deleting a user

Deleting a User will remove their user profile from ChurchSuite entirely, including the record of their module and site permissions and User Group membership. They will no longer be able to log in and their encrypted password will be deleted. If they are currently logged in, they will be logged out as soon as they navigate to a new page (in an active session) or attempt to process anything on the page being viewed. All historic leave requests and leave setups will be deleted. Any features that have been set visible to "Just me" will no longer be accessible to anyone – including that user's Notes, Flows, Tags, Key Dates, and Booking Resources. This action is permanent and irreversible!

Before you Delete a User you may prefer to Archive them in the first instance, to make sure there are no unexpected consequences from the loss of that User's account. Archived users can be Set active again if necessary. Navigate to the User's profile in the Administrator area and select Archive or Delete.

When deleting a user, follow the on-screen instructions, ticking Yes, I'm absolutely sure and click Delete.


Still need help? Contact ChurchSuite Contact ChurchSuite