@@ -239,20 +239,32 @@ create and restore backups, view server statistics, …
239239
240240# ## Basic Setup
241241
242- 1. If not done already, register an account and grant administration rights to it
243- using the ` configure` access rule
244- (see [Administration Account](../install/next-steps.md#administration-account)):
242+ 1. If not done already, register a Jabber/XMPP account in ejabberd:
243+
244+ ` ` ` shell
245+ ejabberdctl register admin1 example.org s0mePass
246+ ` ` `
247+
248+ 2. Define an Access Control List ([ACL](../configuration/basic.md#acl))
249+ called ` admin` (or any name you prefer) and include the account in that ACL:
245250
246251 ` ` ` yaml
247252 acl:
248253 admin:
249254255+ ` ` `
256+
257+ 2. Grant administration rights to that account using the ` configure`
258+ [access rule](../configuration/basic.md#access-rules)
259+ (see [Administration Account](../install/next-steps.md#administration-account)):
260+
261+ ` ` ` yaml
250262 access_rules:
251263 configure:
252264 allow: admin
253265 ` ` `
254266
255- 2 . Make sure ` ejabberd_web_admin` is available in
267+ 3 . Make sure ` ejabberd_web_admin` is available in
256268 [request_handlers](../configuration/listen-options.md#request_handlers)
257269 of a [ejabberd_http](../configuration/listen.md#ejabberd_http) listener.
258270 If you want to use HTTPS, enable [tls](../configuration/listen-options.md#tls).
@@ -269,16 +281,25 @@ create and restore backups, view server statistics, …
269281 /admin: ejabberd_web_admin
270282 ` ` `
271283
272- 3. Open the Web Admin page in your favorite web browser.
273- The exact address depends on your configuration;
274- in this example the address is: ` https://example.org:5443/admin/`
284+ 4. Grant permission to that ACL to execute all API Commands in WebAdmin using
285+ [api_permissions](../../developer/ejabberd-api/permissions.md):
275286
276- 4. In the login window provide the ** full Jabber ID: ` [email protected] ` ** and password.287+ ` ` ` yaml
288+ api_permissions:
289+ " webadmin commands" :
290+ from: ejabberd_web_admin
291+ who: admin
292+ what: " *"
293+ ` ` `
294+
295+ 5. Open the Web Admin page in your favorite web browser.
296+ The exact address depends on your configuration;
297+ in this example the address is: ` https://example.org:5443/admin/`
298+
299+ 6. In the login window provide the ** full Jabber ID: ` [email protected] ` ** and password.277300 If the web address hostname is the same that the account JID,
278301 you can provide simply the username instead of the full JID: ` admin1` .
279302
280- 5. You' re good! You can now use the Web Admin.
281-
282303# ## Additional Security
283304
284305For security reasons, you can serve the Web Admin on a secured connection and bind it to the internal LAN IP.
0 commit comments