Security & Data Access
FiveOps keeps each community workspace separated so staff only see the communities they are allowed to access.
Community Scope
Each community has its own staff, tickets, player records, resource data, backups, economy snapshots, and support cases.
Users must be active staff for a community before they can open that community in the dashboard.
Staff Matching
Staff can be matched by:
- FiveOps account
- Discord ID
This means you can add a staff member by Discord ID before they sign in for the first time.
Role Checks
FiveOps checks account access before loading dashboard data or allowing important actions.
Owner and admin roles can manage sensitive settings such as connector tokens, billing, staff access, Discord setup, and server actions.
Connector Tokens
Connector tokens are shown once and stored as hashes.
Revoke and regenerate tokens if a token is exposed.
Server Secrets
Your server secrets stay on your server:
- Database dump username/password
- Local file paths
- MySQL/MariaDB host
The Windows agent uses them locally and reports only job results/metadata.
Best Practices
- Keep connector tokens private.
- Remove old staff accounts when someone leaves your team.
- Use owner access only for trusted senior staff.
- Regenerate a token if it was pasted into chat, Discord, or a public file.
