Manage Team Roadmap


Last modified: November 22, 2022

Overview

Experimental:

Manage Team is an experimental feature. We do not recommend using this feature in production environments. It is currently under development and is only available to a limited number of cPanel & WHM customers. It will be available for testing in future releases.

In cPanel & WHM version 108, we added Manage Team as an experimental feature. cPanel account users can use Manage Team to create team users that can log in and modify the cPanel account. Once the feature is fully functional and out of the experimental phase, team users will be able to share data and resources with the parent account in order to manage websites and to update domains, email accounts, and databases.

Terminology

  • Team Owner -This cPanel account is the parent account.
  • Team User - This virtual account exists under the team owner’s account.
  • Team - The team owner’s account with all its team users.
  • Team Member - A member of the team. A team member is either a team user or a team owner.
  • Role - A set of privileges, features, and files set by the team owner that a team user has permission to use, access, or modify.

Feature Overview

After almost a decade of requests, cPanel is offering Manage Team. The new Manage Team feature allows the creation of team user accounts so that multiple users can access, administer, and work on a single cPanel account without the security risk of sharing credentials.

With Manage Team, business owners can allow developers and administrators to manage websites for their businesses. Each team user will have a separate login and will share the same cPanel account resources. This allows for the division of responsibility and provides audit tracking for all accounts.

One goal of the Manage Team feature is to allow multiple roles to provide access to specific features that the user will need. For example, if a business owner hired an email administrator, that team user would have the Email role. This role would give access to the Email feature group in cPanel so that the team user has the tools they need to complete their job. Other people a business owner might hire may include a web designer, a web programmer, or a database administrator. All of these roles can have access to tools that will assist them with their work without using the business owner’s cPanel password.

Manage Team in WHM

Remember:

In cPanel & WHM version 108, this feature is experimental. It will not appear in your Feature Manager interface unless you have a Premier license and meet other criteria. You must enable the experimental flag using the terminal command touch /var/cpanel/experimental/p683 so that the feature will appear in your cPanel & WHM user interface.

Enabling Manage Team

To enable the Manage Team interface for a cPanel account, select the team feature from the dropdown menu in WHM’s Feature Manager interface (WHM» Home » Packages » Feature Manager).

You can also use WHM’s Add a Package and Edit a Package interfaces to adjust the maximum number of team users that team owners may have.

Manage Team in cPanel

The Manage Team feature uses existing cPanel tools for account management. The Manage Team feature allows management via the following:

  • Creation - Creating the account so a team user can log in.
  • Authentication - Logging in.
  • Modification - Changing a team users tools, contact email, password reset, etc.
  • Suspension - Disabling logins for a team user.
  • Deletion - Removing an account entirely.

The Manage Team interface shows a list of all existing users, both active and suspended, on the team. A team includes a maximum of seven team users and the team owner. Suspended accounts count toward the maximum.

When creating a new account, team owners will be able to set a new username, add a contact email, and select roles.

To set a new password, there are two options. Team owners can either set the new team user’s password or send an email with a login link for the team user to set their own password.

Only the team owner can modify team user accounts, except that team users can change their password, contact email, and two-factor authentication secret. You can configure the following items during team user creation:

  • Username - Set the user’s login username.
  • Notes - This setting is optional. You can choose to add notes regarding the user.
  • Password options - You can choose to send an email to let the user choose their own password (default), or you can set the password for the user. The team user can change their password after creation.
  • Contact email address - The contact email address for the team user. The team user can change their contact email address after creation.
  • Require two-factor authentication (2FA) - Two-factor authentication adds extra security to a team user’s account. All team members either have 2FA or all do not. The entire team will have the 2FA status that the team owner has. If the team owner has 2FA, each team member must set up their 2FA before they can access their account. Each team member has their own device and 2FA secret, and they can change their 2FA secret after creation. The team owner cannot turn 2FA on or off for their team users. Only the WHM account owner can enable or disable 2FA for a team.
  • Services - Team owners can also create or assign File Transfer Protocol (FTP), Web Disk, or email services to team users.
  • Roles - Roles are a set of privileges, features, files, or tasks that a team user can use.

Audit logging

Since there will be many users sharing access to various features, files, and directories, tracking team user activity is a critical element of the Manage Team feature. One way the system does this is by logging actions taken through the Audit Log interface.

For more information about our audit logs, read our The cPanel & WHM Log Files documentation.

Feedback

cPanel, L.L.C. values our customers’ feedback. Join us on Discord to ask questions and to share your experience with this feature.

Additional Documentation