Administrator Login

Login Information

It is critical that the system administrator login is protected from unauthorized access. We recommend that you choose a high-security password. The password is stored in a hashed format so it cannot be read from the global configuration file.

Username: This is the administrator’s user name. By default, the user name is admin. This can be changed to anything (username change is recommended) however it cannot contain the @ character. Please note that the name is case sensitive.

Password: This field sets the password for the user name indicated in the previous setting. By default, there is no password; however, it is obviously recommended that you set one.

Allow login only from listed addresses: Limiting access to certain addresses can help reduce the risk of unauthorized access. This field accepts a list of IP addresses and IP addresses with a netmask that tell the PBX which addresses are allowed. If the field is empty, every address is allowed.

Admin email addresses: This field contains the email address for the administrator. If several addresses are needed, the list must be seperated by ;.

API access: This flag will enable API access for the administrator account using Basic authentication. Without the flag enabled, API access is only possible with a session token.

Used Tokens and Passkeys

The PBX stores login tokens and passkeys that allow login without entering a password. The table shows when the item was created, last used, from what IP address aand what User-Agent.

• Token (document symbol) are stored in the browser after successfully logging in, so that when the user returns to the page, there is no need to enter the password again. The validity duration can be set in the System Security settings.
• Passkeys (key symbol) are used to store the public key part of the passkey. The private key is stored on the client.

Those token can be deleted with the delete button if needed.