Skip to content

Portal Manager Management

Managers are users who have access to the portal control panel in Catena. The manager system allows providing different access levels to various employees for managing content, subscribers, and portal settings.

What is a Manager

A manager in Catena is a user account with permissions to manage a portal. Unlike subscribers (who watch channels), managers administrate the system.

Key features:

  • Email and password authentication — login to control panel
  • Permission system — flexible permission configuration for each manager
  • Multiple portals — one email can manage multiple portals
  • Roles and authorities — from viewing statistics to full administration
  • Portal isolation — manager sees only their portal's data

Typical team structure:

Portal "My IPTV Service"
├── Portal Owner (ownerId)
│   └── Assigned outside system, full access
├── Chief Administrator (isAdmin: true)
│   └── Infrastructure management
├── Content Manager (isContentAdmin: true)
│   └── Channel, package, EPG management
├── Subscriber Manager (isSubscriberAdmin: true)
│   └── Subscriber and subscription work
└── Support Operator (read-only)
    └── View data, no changes

Portal Owner vs Managers

Portal Owner

Important: Portal owner is a special role managed outside this Management API.

Owner characteristics:

  • Set when creating portal at infrastructure level
  • Cannot be changed via portal's Management API
  • Has full and unlimited portal access
  • Access rights don't apply to them (isAdmin, isContentAdmin, etc.)
  • Can create, modify, and delete other managers
  • Can assign any permissions to other managers

ownerId field in portal:

{
  "portalId": "pKl9SW3AAAE.",
  "ownerId": "mKl9SW3AAAE.",  // Owner ID
  "name": "my-portal"
}

Changing owner:

  • Performed by Catena system administrator
  • Not available via regular Management API
  • Requires technical support contact
  • Used when transferring portal to another person

Regular Managers

Managers created via API:

  • Created by portal owner or other administrators
  • Have limited permissions per settings
  • Can be modified or deleted by owner
  • Subject to permission system

Key difference:

Characteristic Owner Regular Manager
Creation Outside Management API Via Management API
Permission changes Not applicable Configured by owner
Deletion Only by system admin By portal owner
Access Always full According to permissions

Permission System

Access Levels

isAdmin — infrastructure administrator

  • Technical portal settings management
  • Creating and deleting other managers
  • Changing critical parameters
  • Server settings access
  • Doesn't automatically grant content or subscriber access

isContentAdmin — content administrator

  • Channel management (create, edit, delete)
  • Channel package management
  • EPG source management
  • Channel-package link configuration
  • No subscriber access

isSubscriberAdmin — subscriber administrator

  • Subscriber management (create, edit, delete)
  • Package subscription management
  • Viewing playback sessions
  • Viewing operations log
  • Cannot modify channels and packages

Permission combination:

Manager can have multiple permissions simultaneously:

{
  "isAdmin": true,
  "isContentAdmin": true,
  "isSubscriberAdmin": true
}

This grants full access to all portal functions (except owner change).

Creating a Manager

Via Management API

Create new manager:

curl -X POST https://your-catena-domain.com/tv-management/api/v1/managers \
  -H "X-Auth-Token: your-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "content@company.com",
    "name": "Content Manager",
    "password": "SecurePassword123!",
    "isAdmin": false,
    "isContentAdmin": true,
    "isSubscriberAdmin": false
  }'

Response:

{
  "managerId": "mKl9SW3AAAB.",
  "portalId": "pKl9SW3AAAE.",
  "email": "content@company.com",
  "name": "Content Manager",
  "isAdmin": false,
  "isContentAdmin": true,
  "isSubscriberAdmin": false,
  "createdAt": "2024-10-16T15:00:00Z",
  "updatedAt": "2024-10-16T15:00:00Z"
}

Note: password field is not returned in response.

Login

Authentication Process

Managers login via email and password:

curl -X POST https://your-catena-domain.com/tv-management/api/v1/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "admin@company.com",
    "password": "password123"
  }'

Response:

{
  "portals": [
    {
      "portalId": "pKl9SW3AAAE.",
      "portalName": "My IPTV Service",
      "sessionId": "sessionKl9SW3AAAE."
    },
    {
      "portalId": "pKl9SW3AAAB.",
      "portalName": "Premium TV",
      "sessionId": "sessionKl9SW3AAAB."
    }
  ]
}

Multiple portals:

  • If email used in multiple portals, list of all available is returned
  • Manager selects portal to work with
  • Each portal has its own sessionId for further work

Best Practices

Password Security

Password requirements:

  • Minimum 8 characters
  • Upper and lowercase letters
  • Numbers and special characters
  • Don't use common passwords
  • Change every 90 days

Permission Management

Principle of least privilege:

DON'T grant more permissions than needed for work

Offboarding

Checklist when employee leaves:

  1. ☑️ Immediately delete manager account
  2. ☑️ Check if they were portal owner
  3. ☑️ Change portal API keys (if had access)
  4. ☑️ Check operations log for suspicious actions
  5. ☑️ Notify team about access changes

Troubleshooting

Cannot Login

Possible causes:

  1. Incorrect email or password
  2. Account deleted
  3. Account blocked
  4. Email specified for different portal

Cannot Change Portal Owner

This is correct behavior:

  • Portal owner managed outside Management API
  • Owner change is critical operation
  • Requires Catena system administrator contact
  • Cannot be performed independently

Owner change procedure:

  1. Contact Catena technical support
  2. Provide:
  3. Portal ID
  4. Current owner ID
  5. New owner ID
  6. Justification
  7. Administrator performs change at system level
  8. New owner receives full access

See Also