SinglePoint User Management gives your Company Administrator full authority to provision, modify and revoke every user inside the portal. Role templates (Initiator, Approver, Releaser, Auditor, Administrator, Read-Only), per-account permissions, per-product permissions, dual-control thresholds, token assignment and a 7-year audit log sit in one administrative console.
This is the control plane commercial clients actually require. Fifty users on one Company ID, twenty of them restricted to AP batches, five of them with wire approval above $5M, two of them full administrators — all managed without a help desk ticket to U.S. Bank, aligned with OCC access-control guidance and SOX segregation of duties for public companies.
Security Overview Talk to Implementation
The Company Administrator is the empowered human inside your organisation who runs SinglePoint User Management. No U.S. Bank help desk ticket required for day-to-day changes.
Inside SinglePoint User Management the Company Administrator creates users, assigns a role template, sets per-account and per-product permissions, issues or reassigns tokens, and activates the user without needing to loop in U.S. Bank operations. Onboarding a new AP clerk takes under five minutes.
Most commercial clients designate two Company Administrators inside SinglePoint User Management for succession and segregation. If one administrator is unavailable or leaves, the second retains full control and can revoke the departing administrator's access without bank intervention.
When a user is locked out after five failed sign-in attempts, the Company Administrator unlocks directly through SinglePoint User Management. No need to phone 1-800-377-3404 during business hours. Unlock events are audit-logged with user, timestamp and justification note.
When an employee departs the organisation, SinglePoint User Management disables the user, revokes the token and preserves the 7-year audit history. Termination workflows can be triggered via API from your HR system (Workday, SuccessFactors) for zero-delay revocation.
Five default role templates plus Read-Only ship with SinglePoint User Management. Each is editable and any custom role can be derived from the base permissions.
| Role | Initiate | Approve | Release | Reports |
|---|---|---|---|---|
| Initiator | Yes | No | No | Own activity |
| Approver | No | Yes | No | Scope of approval |
| Releaser | No | No | Yes | Scope of release |
| Auditor | No | No | No | Full read-only |
| Administrator | Yes | Yes | Yes | Full plus audit log |
The control surface commercial clients most often tune inside SinglePoint User Management.
SinglePoint User Management enforces dual control on any payment type above a configurable threshold. Common configurations include wires above $100,000 requiring second approval, wires above $1,000,000 requiring third approval, ACH batches above $500,000 requiring second approval. Sensitive administrative actions (add new beneficiary, modify wire limit, change user permission) can also be dual-controlled.
SinglePoint User Management supports hardware tokens (RSA SecurID, VASCO Digipass) and soft tokens (U.S. Bank token app for iOS and Android). The Company Administrator binds a token to a user, tracks lifecycle, rotates tokens on a configurable schedule and revokes on termination. Lost tokens are replaced within one business day via U.S. Bank courier.
SinglePoint User Management at a glance.
Commercial Banking Portal — Topic Cluster