How to Create a New Magento 2 Administrator Account?
[Updated on May 28, 20225] Have you ever found yourself locked out of your Magento store without admin access? Learning how to create a new Magento 2 administrator account ensures store management.
67% of Magento security breaches involve compromised admin accounts. It highlights the benefits of proper account creation and management.
The tutorial explores the prerequisites, steps, and best practices to create an admin account.
Key Takeaways
-
Follow the prerequisites before creating a new admin account.
-
Follow the steps to create a Magento 2 administrator using the command line.
-
Configure user roles and permissions to control backend access.
-
Best practices keep your admin accounts secure and your store safe.
-
Find solutions to common errors when creating or managing admin accounts.
-
6 Prerequisites for Creating a New Magento 2 Administrator Account
-
6 Common Challenges and Solutions When Creating Magento 2 Admin Accounts
What are Magento 2 Administrator Accounts
Administrator account is a user profile that grants access to the Magento backend. It is where we perform store management tasks.
Admin users can:
-
Configure settings
-
Manage products and categories
-
Process orders
-
Handle customer data
-
Install extensions
Each administrator account has a unique username and password. The assigned role defines its access level and permissions.
Magento supports various admin users. It allows store owners to delegate responsibilities while maintaining control. Customize admin roles to limit or expand access to specific features. It depends on business needs.
Creating secure, role-specific accounts enhances both productivity and security. Regular management of admin users enhances store security.
You can create administrator accounts through the Magento admin panel. You can also create it through the command line interface. It is especially useful for developers or when locked out of the dashboard.
6 Prerequisites for Creating a New Magento 2 Administrator Account
1. Access to Magento Backend or Command Line Interface
To create a new admin user:
-
You must have a working admin account to log in and create another user via the interface.
-
You can use SSH to connect to your server if the admin panel is inaccessible. Execute Magento CLI commands.
2. Functional Magento 2 Installation
-
You will need an installed and functioning Magento 2 system.
-
It ensures that all user management features are available. These include role-based permissions and the CLI tool.
3. Predefined Administrator Role
When using the admin panel to create a new user. You must assign a role to the new user. Magento uses user roles to control what each admin user can access or change. Make sure:
-
At least one role, like Administrator, is already created.
-
The role needs necessary permissions to manage the store.
If no roles exist, create one via System > Permissions > User Roles.
4. Strong, Secure Password
Magento enforces strict password complexity for security purposes. The password must:
-
Contain uppercase and lowercase letters.
-
Include at least one number.
-
Include at least one special character.
-
Be at least 7 characters long.
Using a weak password will result in errors or security risks.
5. Valid and Unique Email Address
Each admin user must have a unique, valid email address:
-
Needed for receiving notifications and for password recovery.
-
Helps differentiate accounts and track activity in logs.
6. Proper Server Permissions
If you use the command line:
-
You must have appropriate file and folder permissions. It is set in your Magento installation directory.
-
The user executing the CLI commands should have the necessary rights.
Incorrect permissions can block account creation or cause system errors.
4 Steps to Create a New Magento 2 Administrator Account
1. Log in to your Magento 2 server with SSH using the command:
ssh your-username-ssh@$server-ip
Replace your-username-ssh and $server-ip with your SSH username and server IP address.
2. Go to your Magento 2 root directory using:
cd /home/cloudpanel/htdocs/www.domain.com/
Adjust the path based on where you install Magento on your server.
3. Run the command to create a new administrator
Use the admin:user:create CLI command:
php7.4 bin/magento admin:user:create \
--admin-user='new-admin' \
--admin-password='!admin123!' \
--admin-email='info@domain.com' \
--admin-firstname='John' \
--admin-lastname='Doe'
Make sure the password meets Magento's complexity rules. Avoid weak or common passwords in production.
4. Once you create a new Magento 2 administrator account, you will see the message:
Created Magento administrator user named new-admin.
Configuring User Roles and Permissions in Magento 2
1. Understanding Default Roles
Magento 2 includes several predefined roles out of the box. These are useful for teams or stores that do not need complex permission structures:
-
Administrators have full control over the Magento backend features and configuration settings. We recommend it only for trusted users like store owners or lead developers.
-
Sales access manages only orders and customers. It is ideal for sales representatives and order processors.
-
Content grants access to CMS features like pages and widgets. It is best suited for content managers or designers.
We can change these roles. You can use them as templates to create custom roles.
2. Creating Custom Roles
Custom roles help you enforce the principle of least privilege. It is where users only have access to what they need.
To tailor permissions based on job responsibilities:
1. Navigate to Admin Panel > System > Permissions > User Roles
2. Click “Add New Role” in the top-right corner.
3. Under the Role Info tab:
- Enter a Role Name and set a Role Scope.
4. Switch to the Role Resources tab:
-
Choose All for full access or Custom to select specific resources.
-
Check only the areas the role should access, including marketing and products.
5. Click Save Role.
Custom roles provide flexibility and security. It is by preventing unauthorized changes to critical store configurations.
3. Assigning Roles to Administrator Accounts
Once you have created the desired role, you must assign it to administrator users.
1. Go to Admin Panel > System > Permissions > All Users
2. Click on an existing user or create a new user to whom you want to assign the role.
3. Go to the User Role tab.
4. Select the appropriate role from the list of roles.
5. Click Save User.
You can assign various roles to a single user. In this case, the user inherits the combined permissions of all assigned roles.
8 Best Practices for Magento 2 Administrator Accounts
1. Use Unique Admin Accounts for Each User
Each admin user should have their login credentials. Avoid sharing accounts among team members.
Benefits:
-
It improves traceability, and you can track who made changes.
-
Makes it easier to revoke access without affecting others.
-
Helps with accountability and auditing.
2. Follow the Principle of Least Privilege
Only grant permissions that a user needs to perform their tasks.
Example:
-
A content editor does not need access to payment or shipping settings.
-
A support agent only needs access to customers and orders, not system configuration.
Create custom roles in Magento under System > Permissions > User Roles. Assign only the necessary resources.
3. Use Strong Passwords
Magento requires secure passwords but always enforces strong password policies, including:
-
At least 7 characters
-
At least one uppercase and lowercase letter
-
One number and one special character
Tip: Use a password manager to create and store secure credentials.
4. Restrict Admin Panel Access by IP Address
If possible, limit backend access to specific IP addresses. It is especially true if you work with a fixed team or from known locations.
Benefits:
-
Configure IP whitelisting in your web server or firewall.
-
For example, with Apache or NGINX, restrict access to /admin to your office IPs.
It reduces exposure to brute-force attacks.
5. Review and Remove Inactive Accounts
Audit admin accounts on a regular basis. Remove or deactivate:
-
Former employees
-
Temporary contractors
-
Dormant or inactive users
It minimizes risk and reduces clutter in your user management interface.
6. Log and Track Admin Activity
Enable and review admin logs:
-
Track changes to settings and customer data.
-
Identify abnormal behavior or unauthorized access attempts.
Magento's built-in logging and third-party extensions can assist with this.
7. Change the Default Admin URL
-
By default, Magento uses /admin as the backend login URL. It is predictable and easy for bots to target.
-
Change it to a custom path, like /secureadmin-xyz, using:
php bin/magento setup:config:set --backend-frontname="secureadmin-xyz"
- It adds security through obscurity and reduces automated attack attempts.
8. Keep Magento and Extensions Updated
-
Always keep your Magento instance and all third party extensions up to date.
-
Updates often include security patches. These patches address vulnerabilities affecting administrator accounts.
-
Use a staging environment to test updates before production.
6 Common Challenges and Solutions When Creating Magento 2 Admin Accounts
1. Password Does Not Meet Complexity Needs
Error:
The password must be at least 7 characters long. It should include letters and numbers.
Cause:
Magento enforces a strong password policy for admin accounts.
Solution:
Ensure the password includes:
-
At least 7 characters
-
Uppercase and lowercase letters
-
Numbers
-
Special characters.
2. “Admin user already exists”
Error:
An admin user with the same first name and last name or email already exists.
Cause:
Magento does not allow duplicate usernames or email addresses.
Solution:
-
Use a unique admin-user and admin-email value.
-
Check existing users in the database if needed.
3. Permission Denied When Using CLI
Error:
Permission denied or cannot write to var/ or generated/ directories
Cause:
Incorrect file/folder permissions or the wrong user running the command.
Solution:
-
Run commands as the web server user.
-
Set correct permissions.
4. Magento CLI Version Mismatch
Error:
php: command not found or bin/magento: no such file or directory
Cause:
Incorrect PHP version or not in the Magento root directory.
Solution:
-
Navigate to the correct directory.
-
Use the correct PHP version.
5. Database Connection Errors
Error:
SQLSTATE[HY000] [1045] Access denied for user
Cause:
Magento often can’t connect to the database due to a misconfigured env.php.
Solution:
-
Verify database credentials in app/etc/env.php
-
Check if the database service is running
-
Use CLI to test the connection.
6. Login Redirect Loop or Blank Page
A new admin user cannot log in; they are stuck on the login page or redirected.
Cause:
Often caused by:
-
Cookie/domain issues.
-
Wrong base URL configuration.
-
Incomplete user role assignment.
Solution:
-
Assign a proper role to the user under System > Permissions > All Users.
-
Check web/cookie/cookie_domain in the Magento config.
-
Clear browser cookies and Magento cache.
FAQs
1. How can I add a new admin user in Magento?
You can add a new admin user through the Magento admin panel or via CLI. Use the command php bin/magento admin:user:create with appropriate parameters.
2. What should I do if I am locked out of the Magento 2 admin panel?
Use the CLI method to create a new administrator account. Unlock an existing one with the command php bin/magento admin:user:unlock username.
3. How do I assign specific permissions to a new admin user?
Create a custom role with specific permissions at System > Permissions > User Roles. Then, assign that role to the user when creating or editing their account.
4. Can I create various admin users at once in Magento 2?
You can automate the process using a script that runs the CLI command for each user. It reads from a CSV file containing user details.
5. How do I secure my Magento 2 admin accounts?
Use strong password policies and two-factor authentication. Also, use IP restrictions and appropriate session timeouts. Regular security audits also help keep admin accounts secure.
Summary
How to create a new Magento 2 administrator account helps control access to the backend. The tutorial explores the key features of the process, including:
-
Create admin accounts via CLI using bin/magento admin:user:create.
-
Roles define permissions; you can customize them via the backend under User Roles.
-
Always follow the principle of least privilege when assigning roles to users.
-
Audit and update admin accounts to maintain security and compliance.
Enhance your store’s security and performance with an administrator account. Consider managed Magento hosting to handle the technical details.
[Updated on May 28, 2025]