Peers

The Peers page provides a complete overview of all peer accounts that have access to your MSPControl environment. A peer represents an additional user or device identity — for example, another administrator, a developer, or an integration account — who can sign in and manage tenant resources within their assigned permissions.

Navigation

To open this page, select Peers from the main navigation panel in the customer area. The page displays a sortable table with all current peer accounts, their status, and authentication settings.

Toolbar

The top toolbar includes several control options:

• + Create Peer Account — opens the peer creation form (see the section below for details).
• All — a filter to display only specific peer types (Active, Device, Disabled, etc.).
• Search — instantly finds users by name, full name, or e-mail address.
• Column Visibility — toggles individual table columns on or off to simplify the display.
• Page Size (e.g. 25 ▼) — defines how many peers are shown per page.

Table Overview

The main table lists each peer account in its own row. The available columns include:

• User Name — the unique login name of the peer account. Click to sort alphabetically.
• Full Name — the person’s name or, for device peers, the service label.
• E-mail — the primary contact address, used for invitations and notifications.
• Role — the access level or function of the peer, such as:
  • Customer Admin Peer — has broad administrative permissions within the organization.
  • Customer Admin for Testing — a limited administrative scope for test environments.
  • Web Developer — restricted to website or FTP resources.
  • Device — represents a technical or automated service account.
• Last Login — the last recorded sign-in date and time for this peer.
• StatusID — indicates whether the peer account is Active or disabled.
• Two Factor — the two-factor authentication method enabled (e.g., Email or <None>).
• Org User Bound — shows whether the peer is linked to a specific organizational user.
• MS Account Status — identifies whether the peer is connected to a Microsoft account or Entra ID. If Linked, single sign-on is available.
• PAM/PIM Permissions — displays privilege escalation or just-in-time access settings, if configured.

Sorting and Filtering

Each column header can be clicked to sort peers alphabetically or chronologically. Combine sorting with the global filter (All) to quickly find inactive, device, or administrative peers.

Actions

Hovering over a peer row may reveal contextual actions such as edit or delete, depending on the user’s permissions.

Best Practices

• Restrict Customer Admin Peer roles to users who require full management access.
• Use Device peers for automation agents or service integrations to maintain audit clarity.
• Regularly check Last Login to identify stale or unused accounts.
• Enforce at least Email-based two-factor authentication for all administrative peers.
• Ensure Microsoft-linked peers (MS Account Status: Linked) comply with your organization’s SSO policies.

Create Peer Account

The Create Peer Account page appears after clicking + Create Peer Account on the main Peers page. It allows administrators to create new peer identities with individual access roles, security settings, and contact details.

User Credentials

• User Name — required. Defines the unique identifier for this peer account.
• Send Invitation — if enabled, the system will email a sign-in invitation instead of requiring a password during creation.
• Password / Confirm Password — used when manual password creation is preferred (only active if the invitation option is disabled).
• Generate Password — automatically produces a strong random password and fills both fields.
• Photo — optional. Upload an image to personalize the account’s avatar.
• Password Never Expires — disables password expiry policies for this account. Recommended only for service peers.

Role and Personal Information

• Role — defines the permission scope of the peer:
  • Customer Admin Peer — full administrative access for the tenant.
  • Web Developer — limited to website and FTP resources.
  • Device — used for system or agent-based access.
• First Name / Last Name — user display name fields.
• Company Name — organization name associated with this peer.
• E-Mail — primary contact address (used for invitations and notifications).
• Secondary E-Mail — backup address for communication and recovery.
• Mail Format — preferred message format (HTML or Plain Text).
• Status — sets the account’s operational state (Enabled or Disabled).

Security and Authentication

• Two Factor Authentication — select the authentication provider (e.g., Email, OTP, or <None>). This defines how the user confirms login attempts.
• External Login Settings — the option Require External Login forces the peer to authenticate through a connected provider, such as Microsoft Entra ID, instead of MSPControl-native credentials.

Privileged Access Management

• Load Groups — loads available privilege groups for assigning additional access scopes or time-limited admin elevation. This applies when PAM/PIM integration is configured for the tenant.

Contact Information

The Contact Information section stores the peer’s physical and communication details:

• Street Address 1 — primary street address.
• City, Country/Region, Region (State), Postal Code — location details used for records or billing purposes.
• Phone Number 1 / Mobile Phone / Fax — contact numbers with country code selectors.

Actions

• Save Changes — creates the peer account with the configured parameters and returns to the Peers list.
• Cancel — aborts creation and discards all unsaved data.

Best Practices

• Always enable two-factor authentication for administrative roles.
• Do not select “Password Never Expires” unless the account is automated and monitored.
• For Microsoft-integrated tenants, prefer Require External Login to enforce corporate SSO.
• Provide accurate contact details for audit and recovery purposes.
• Use Device roles exclusively for system-level peers.