Security & Data Access

FiveOps keeps each community workspace separated so staff only see the communities they are allowed to access.

Community Scope

Each community has its own staff, tickets, player records, resource data, backups, economy snapshots, and support cases.

Users must be active staff for a community before they can open that community in the dashboard.

Staff Matching

Staff can be matched by:

  • FiveOps account
  • Discord ID

This means you can add a staff member by Discord ID before they sign in for the first time.

Role Checks

FiveOps checks account access before loading dashboard data or allowing important actions.

Owner and admin roles can manage sensitive settings such as connector tokens, billing, staff access, Discord setup, and server actions.

Connector Tokens

Connector tokens are shown once and stored as hashes.

Revoke and regenerate tokens if a token is exposed.

Server Secrets

Your server secrets stay on your server:

  • Database dump username/password
  • Local file paths
  • MySQL/MariaDB host

The Windows agent uses them locally and reports only job results/metadata.

Best Practices

  • Keep connector tokens private.
  • Remove old staff accounts when someone leaves your team.
  • Use owner access only for trusted senior staff.
  • Regenerate a token if it was pasted into chat, Discord, or a public file.