Create individual user accounts for team members and configure secure authentication methods in the CRS
Set up user accounts for each team member working in the CRS system. Each user gets their own login linked to their unique email address, with customizable access permissions based on their role as established by your hotel or brand.
The system requires multi-factor authentication for enhanced security, with options for email or mobile app verification.
Required conditions:
📌Important: Set up user roles before creating users. Roles determine system access levels and keep permissions relevant for each team member's responsibilities. Only authorized users with access to the security menu may create users and assign roles.
Create a new user account
Follow the steps below to create a user account.
Go to Security.
Go to User Profile.
Go to the Create New tab.
Enter the user name:
This identifies them in system logs.
Enter a password:
They'll change this on first login.
Enter first name.
Enter last name.
Enter email.
Choose the date format from the dropdown:
MM/DD/YYYY.
DD/MM/YYYY.
YYYY/MM/DD.
Choose time format:
AM or PM.
24 hour.
Select language – only English is fully supported.
Choose user interface (UI) style: This is not currently available it is under development.
Green.
Black or blue.
Grey.
White.
Sienna.
Check the box for 3rd Party Vendor if not a hotel employee for tracking.
Personalize room and rate display by selecting:
Show rate name to display rate names instead of codes.
Show room name to display room names instead of codes.
Show both name and code (recommended) for comprehensive viewing.
Choose the appropriate role as configured from the dropdown based on their job requirements.
Click Add New User.
Go to Modify User tab to configure further.
In the limit rate code access to field enter specific rate codes separated by a comma (,) if you want them to modify only certain rates like best available rate.
Authentication provider (if enabled) select the single sign on option your property or group has set up for the CRS.
Click Save.
📌Note: Users who haven't logged in for 90 days become inactive and won't display in this menu. Contact support or your company's administrator to reactivate inactive accounts.
Grant access to existing users
You can quickly extend CRS access to this property for users already set up in your CRS instance from another property. This task depends on user roles. If you don’t have access to do this yourself, contact your company's system administrator or the support team.
Go to Security.
Go to User Profile.
Go to the Grant Access to Existing User tab.
Enter their user name they're already using in the CRS.
Check the box for 3rd Party Vendor if not a hotel employee for tracking.
Select the role from the dropdown menu.
Click Grant Access.
Create authentication for a user account
Outlined below are the options for authentication for a user account.
Set up multi-factor authentication.
The CRS requires two-factor authentication for all user logins to protect system information.
Email authentication (default option).
All users automatically receive authentication codes via email sent to their registered email address.
Mobile app authentication (recommended).
For enhanced security and convenience, users can set up mobile app authentication using third-party applications like Duo, Authy, Google Authenticator, or Microsoft Authenticator.
Enable mobile authentication
Follow the steps below to enable mobile authentication.
Install an authentication app (Authy, Duo, Google Authenticator, or Microsoft Authenticator) on your mobile device.
Go to Security.
Go to My Profile.
Click Switch to secure code via authentication app button.
Use the authentication app to scan the QR code displayed on screen.
Enter the generated code into the Validate Security Code field in the CRS.
You'll see a success message confirming activation.
The previous button then updates to Switch to Secure Code via Email allowing you to switch back if needed.
Click Save.
Understand multi-factor authentication (MFA) prompts
You'll be prompted for multi-factor authentication (MFA) when:
Normal seven day cycle:
Your seven day MFA period has expired and requires re-verification.
Security system activation:
The system suspects automated or unusual activity and requires additional verification as protection.
Active MFA session:
MFA input is visible and requires completion.
⚠️Important: MFA codes expire after five minutes. Request a new code rather than re-entering an expired one.
⚠️Important: Security-triggered MFA prompts bypass the normal 7-day cycle as intentional protection, not a system error.
Authentication guidelines
Outlined below are a list of the authentication guidelines.
Authentication code format:
All codes are six digits.
Email delivery time:
Codes are sent immediately with no delay from our system. Delivery times may vary based on email service providers.
Code expiration:
Codes expire five minutes after sending.
Frequency of prompts:
When the system detects irregular activity it will request a new MFA. Avoid clicking login too quickly or using saved passwords, as this may trigger bot detection.
Lost mobile device:
Contact support to switch back to email authentication temporarily.
Switching methods:
Users can choose between email or mobile app authentication and switch between methods as needed. Only the user can enable mobile app authentication.