[Hub] WPMUDEV Hub for more than one user

I think WPMUDEV Hub should support login access to more than one user for a single account. I mean that some companies that run on WordPress may have more than one developer, site manager and lots and lots of core users. And they decided that they will use WPMUDEV for their site. Now they have to share a single login credentials among all of them and it is also a very insecure thing. So, I would recommend that WPMUDEV Hub should have multiple user authentication support like AWS have. In case of AWS we use IAM to make new users and grant them permission about what they can use or what not. It would be very helpful if WPMUDEV have an AWS IAM like feature.

  • Tony G

    On one hand I agree that this would be helpful. On the other hand I think it's a lot more complicated.

    WPMU DEV needs to be protective that people aren't giving out or selling random access to their services. There needs to be accountability. When someone leaves your company/association, will the manager come back here to revoke their access? Maybe not.

    If a company has multiple technicians, it would be great if they all participated here in some way. I think there's value in a company that has its people contributing to this community with bug reports, feature requests with +1 / -1 votes, and real-world experience.

    But as we already see in this post, we have one person posting, liking his own post, then an associate with the same name liking that post. Will associates MegaLike suggestions in a way that unfairly skews the voting process here? This probably means that people who are linked to a Hub account should not necessarily have individual access to the forum. But there goes that other advantage.

    And with multiple people associated with an account, an organization might then want to restrict access for specific sites to specific people.

    So, I'm not saying this is a bad idea - I've thought about it too - but what seems like a simple suggestion really isn't.

  • Suman

    I know there are lots of bad guys out there. If this above feature is enabled they could resell WPMUDEV services. You are right. What about this idea.

    Suppose person A has a WPMUDEV account B also have one and person C own a company now person A and B joins person C's company so now person C can give access to person A and person B to have access in person C's account as long as he want. If person C want to revoke access he can. Now you will say that what is the importance of it. To explain this I will take two business scenario:

    Scenario 1:
    Like person C owns a company and person A and B works there as a developer or anything you might imagine. Now if they have an centralised account ( person A and B will pay their individual membership or person C can pay all their payments from his account but someone has to pay for the membership of each user) they can access and make changes and do awsome stuffs to their site and all will be centralised and can be viewed by all the members linked to person C's account.

    Scenario 2:

    Say person C is running a website management business. Now there person A and B works as support engineer or developer or anything. Now the company gets an order I this can anyone from their team can add the site to the hub. Let say person A added xyz.com to the hub and now the company has grown hand now C has 50000 sites to manage and many support expert works there the owner of xyz.com raised a support ticket that his site has a problem or he needs to fix something take any random situation. Now he opens an helpdesk ticket suppose person V is assigned to this ticket now he can easily login to the person C's hub with his own WPMUDEV credentials and make the recommended changes or if he gets stuck he can also use the WPMUDEV support.

    I think you have got an clear idea what I mean to say. I don't want that some bad guys spam or resell or do anything with WPMUDEV account. By this idea each member would have their own WPMUDEV account which they have to individually pay. Or the company may also pay but they have to pay.

  • Suman

    I think you are not getting my point. See How Facebook Pages Works especially in case of a business page. There is one admin and he can assign let say a digital marketer to manage his page. He just gives him access to his page and the admin can revoke the access any time he wants right? Now let's say person A has a full premium WPMUDEV account and now I contacted him and decided that he will be my Wordpress developer or If I am running a WordPress Management and Maintenance business I decided that he will work in my team. Now here I am the admin of my account and say he is a team member of my company. I can revoke his access whenever I want but he can't add new user only I Can Think it as a Group in Instagram ( in Instagram there can only be 15 members in a team), or a WhatsApp group similarly WPMUDEV centralized account where each member of the group has a separate wpmudev account they have their own Login credentials and now how can someone make abuse of wpmudev membership? And as far as I know in WhatsApp group or Instagram group or ina facebook page with multiple managers the PRivacy of all the users is protected.

  • Julian

    Or simply allow access to Hub site management functions only. Provide a simple permissions management tool we can use to only allow a person to edit a particular set of options on only those sites they need access to.
    Keep a login and activity log, enforce the use of 2FA and perhaps some options to easily undo changes made by others.

    The Hub would be a better tool for teams and agencies.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.