The Users Module in MokoCRM lets you manage who has access to your ERP/CRM system and what each person can do. This includes creating user accounts, assigning roles and permissions, grouping users by department or function, and securing access via IP restrictions or audit logs.
The Users Module in MokoCRM lets you manage who has access to your ERP/CRM system and what each person can do. This includes creating user accounts, assigning roles and permissions, grouping users by department or function, and securing access via IP restrictions or audit logs.
🔐 Creating a New User
- Navigate to:
Home → Users & Groups → New User - Fill out:
- Login: Unique username
- Password: Strong, secure password
- First Name / Last Name
- Email (used for notifications and password resets)
- Status: Set as Active or Inactive
- Assign initial permissions or leave for group inheritance.
✅ Tip: You can enforce password policies under Setup → Security.
👥 Managing Groups
Groups allow you to assign rights collectively:
- Go to Users & Groups → Groups
- Click "New Group"
- Give your group a name and description (e.g., "Sales Team", "Finance Dept.")
- Add users to the group
- Assign permissions — all users inherit these rights.
🛂 Assigning Permissions
You can assign permissions at the User or Group level:
- Navigate to a user or group profile
- Click "Permissions"
- Check or uncheck modules/actions (View, Create, Edit, Delete)
Each module (e.g., CRM, Projects, Billing) has its own set of permissions.
🕵️ Audit & Access Logs
Admins can view logs of user activity:
- Home → Admin Tools → Audit Logs
- Track login history, failed attempts, and session activity
IP restrictions and session timeouts can be configured under:
Setup → Security → Access Controls
🚫 Deactivating or Deleting Users
- To deactivate, open the user profile and toggle Status to Inactive.
- To delete, you must ensure the user is not tied to critical data (owner of invoices, tasks, etc.).
💡 Best Practices
- Always use groups for access control. Avoid assigning individual permissions unless necessary.
- Limit admin rights to trusted staff only.
- Enable two-factor authentication and IP filtering for added security.