Administration

Hi there! Welcome to Dex, Forte's latest and greatest payments application. With Dex, you can view, create, and manage all your transaction data—including customers, payment methods, addresses, and schedules—in one convenient place. You can also view and maintain your merchant account, keep track of your funding entries, resolve disputed transactions, and generate API credentials to connect Dex with your third-party applications.

Location Setup

Regenerate Legacy Credentials

Managing Legacy Credentials

Dex works not only with newer products like Forte Checkout and the REST API, but also Forte's legacy products like the Advanced Gateway Interface and Virtual Terminal. Rather than navigating between products to create and regenerate processing and web service credentials, we've given Merchant and Enterprise Organization Admins the ability to create and manage credentials for legacy products and integrations. These credentials include the Real-Time Password required for merchants using the following products

  • Advanced Gateway Interface
  • Forte Mobile App

As well as the API Login ID and Secure Transaction Key required for merchants using the following products:

  • SOAP web services
  • Secure Web Pay
  • Forte.js
  • Forte Checkout v1

Creating Credentials

To create any of these credentials, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations Datagrid displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Details screen displays.
  4. Click the Credentials tab.
  5. Click the Generate link under the credential you want to create. The credential displays in the applicable field.
  6. Click the Copy link to copy the value to your computer's clipboard.

Regenerate Credentials

To regenerate any of these credentials, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations Datagrid displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. Click the Credentials tab.
  5. Click the Regenerate link under the credential you want to regenerate. A Regenerate Modal displays asking you to confirm that you want to regenerate the credential.
  6. Click the Regenerate button on the Regenerate Modal. Dex returns you to the Location's Detail Screen with the newly generated credential displayed under the applicable field.
  7. Click the Copy link to copy the value to your computer's clipboard.
  8. Remember to update your product integrations with the new value to avoid errors.

Regenerating FTP Passwords

Merchant Admins and Developers can regenerate their FTP passwords if it becomes compromised or forgotten. Merchants must have existing FTP credentials, including a username that consists of a transmitter ID preceded by the letter U (e.g., U12345).

To regenerate your password, complete the following steps:

  1. Navigate to the Locations Datagrid by clicking Locations on the Dex Main Menu. The Locations Datagrid displays.
  2. Enter the Location Name or Location ID in the Search field or use the Status, States, Postal Code, Services, or PayFac Profile ID filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. Click the Credentials tab.
  5. Click the Regenerate link under the FTP Password field. A Regenerate FTP Password modal displays.
  6. Select the Yes, I understand and wish to regenerate it checkbox to activate the Regenerate button.
  7. Click the Regenerate button. Dex returns you to the Location's Details Screen and displays the regenerated FTP password credential under the FTP Password field.
  8. Click the Copy link to copy the value to your computer's clipboard. To ensure continued service, update any software integrations or point-of-sale terminals that use FTP credentials to transmit files to Forte.

 

Work with Card Settings

Working with Card Services Settings

User's with the appropriate permissions can view and modify the Address Verification Services (AVS) and Card Verification Value (CVV) settings of a merchant's account from the Location's Details Screen in Dex. Obtaining an AVS match and requiring CVV values reduces credit card fraud—especially for card-not-present merchants—and greatly reduces the merchant's risk of chargebacks and fraud dispute liability. CVV matches provide a quick method of customer identification and card verification for card-not-present transactions. The AVS system compares the ZIP or Postal Code provided by the customer to the ZIP or Postal Code of the customer billing address on file with the credit card issuer. In Dex, you can view and configure whether or not to require CVV values and configure your AVS settings to either warn you or decline the transaction in the event of a ZIP code mismatch.

Viewing CVV Settings

To view the CVV settings of a merchant location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations Datagrid displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services tab.
  5. Click the  on the Card Services row. Details about the merchant's credit card services display.
  6. Look for the Card Verification Value (CVV) field. This is the field applicable to CVV checks. The value in this field indicates whether CVV submission is Optional or Required.
  7. Click the  on the Card Services row to close it.

Editing CVV Settings

To edit the CVV settings of a merchant location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations Datagrid displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services tab.
  5. Click the Edit icon that displays on the Card Services row. The Edit Card Services Modal displays.
  6. Click the CVV tab. The Card Verification Value (CVV) field displays.
  7. Select whether you want to make this value Required or Optional for customers by selecting the applicable radio button.
  8. Click the Save button to update the settings and return to the Location's Details screen.

Viewing a Merchant's AVS Settings

To view the AVS settings of a merchant location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations screen displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services tab.
  5. Click the  on the Card Services row. Details about the merchant's credit card services display.
  6. Look for the Postal Code and Postal Code Mismatch fields. These are the fields applicable to AVS checks. The values in these fields indicate whether you want to make the Postal Code field Required or Optional, and whether you want Forte to Warn you of a mismatch, to automatically Decline the transaction, or to not perform the AVS check at all (i.e., Don't Check).
  7. Click the  on the Card Services row to close it.

Editing a Merchant's AVS Settings

NOTE: Only Merchant and Enterprise Admins can edit AVS settings.

To edit the AVS settings of a merchant location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations screen displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services tab.
  5. Click the Edit icon that displays on the Card Services row. The Edit Card Services modal displays.
  6. Under the Postal Code field, select whether you want to make this field Required or Optional for transactions. If you select Optional, the only Postal Code Mismatch options available are Don't Check or Warn.
  7. Under the Postal Code Mismatch field, select one of the following actions you want Forte to do in the event of a mismatch:
    • Warn
    • Decline
    • Don't Check - Default
  8. Click the Save button to update your settings and return to the Location's Details screen.

Work with Forte Verify Settings

Working with Validate/Validate+ Settings

Merchant Admins can view and modify the bank account status verification settings of a merchant's account from the Location's Details Screen in Dex. Merchants can customize how much risk they're willing to accept when performing echeck transactions by defining the response to Validate and Validate+'s preauthorization checks.

Using proprietary methods, Validate and Validate+ check EFT accounts for the following characteristics:

  • Has the account been reported as closed?
  • Has the account issued a stop payment within the last 30 days?
  • Has the account had one or more Non-Sufficient Funds (NSF) transactions with the last 90 year?
  • Has the account had 3 or more NSF transactions with the last 90 days or 5 or more NSF transactions in the last year?
  • Does the account accept debit activity?

Validate and Validate+ Merchants can then determine whether or not to approve a transaction based upon these characteristics and define those settings in Dex.

Viewing Validate/Validate+ Settings

To view the Validate/Validate+ settings of a merchant location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations screen displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services tab.
  5. Click the down arrow next to Verification Services. The following account options and currently defined transaction responses display for Bank Account Status Verification:

    Validate Plus:

    • Account Closed - The account provided was reported as closed.
    • Stop Payment - The account provided has issued a stop payment within the last 30 days.
    • Non-Sufficient Funds (NSF) - The account provided had 1 or more NSF transactions within the last year.
    • Excessive Non-Sufficient Funds (NSF) - The account provided has had 3 or more NSF transactions within the last 90 days or at least 5 NSF transactions within the last year.
    • No Debits - The account provided does not accept debit activity.

    Validate:

    • Young Accounts - The account verified is in good standing for 90 days or less.
    • Account Not Found - The account could not be verified. This could be a non-existent account and/or the issuing bank is not participating in the verification service
  6. Click the up arrow in the Verification Services box to close it.

Editing Validate+ Settings

To edit the Validate+ settings of a merchant location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations screen displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services tab.
  5. Click the Edit button that displays on the Bank Account Status Verification Services row. The Validate or Validate+ Settings modal displays.
  6. Click either the Approve or Decline radio buttons next to the following options. These buttons define whether Forte should automatically decline transactions for accounts that meet the preauthorization criteria.

    Validate Plus:

    • Account Closed - The account provided was reported as closed.
    • Stop Payment - The account provided has issued a stop payment within the last 30 days.
    • Non-Sufficient Funds (NSF) - The account provided had 1 or more NSF transactions within the last year.
    • Excessive Non-Sufficient Funds (NSF) - The account provided has had 3 or more NSF transactions within the last 90 days or at least 5 NSF transactions within the last year.
    • No Debits - The account provided does not accept debit activity.

    Validate:

    • Young Accounts - The account verified is in good standing for 90 days or less.
    • Account Not Found - The account could not be verified. This could be a non-existent account and/or the issuing bank is not participating in the verification service.
  7. Click the Save button to update the settings and return to the Location's Details screen.

Status

Message

Pending

Onboarding Pending: Merchant has been queued for onboarding.

Pending

Onboarding Pending: File(s) have been sent to Early Warning for onboarding.

Active

Onboarded Successfully: Authenticate has been enabled for the merchant.

Inactive

Onboarding Failed: Due to an enrollment error, we couldn’t onboard the merchant.

Inactive

Onboarding Failed: Due to a validation error, we couldn’t onboard the merchant.

Viewing Authenticate Status

To view the Authenticate status of a merchant location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations screen displays.

  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.

  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.

  4. If not already selected, click the Products and Services tab.

  5. Click the down arrow next to Verification Services. The status of the Bank Account Owner Verification - Authenticate service will be displayed.

Status

Message

Inactive

Service is not enabled

Pending

Service is in the process of being enabled

Active

Service is Active

Working with PayPal Settings

Merchants who utilize Forte Checkout to allow customers to easily make purchases on their site now have the option to offer PayPal as a payment method. Merchants must complete the Onboarding to PayPal process to link their Forte Merchant Account and PayPal Account using a PayPal Onboarding link created by Forte specifically for the Merchant prior to the service being enabled in Dex.   

Merchant Admins can view and manage the PayPal settings of a Merchants account from the Location's Details Screen in Dex.

Onboarding Process to PayPal in Dex

Merchants are encouraged to reach out to their Forte contact to have PayPal added to their Merchant account. Prequalification’s will determine if the Merchant account is eligible to be set up for PayPal. Once qualified, an Onboarding link will be generated for your Merchant Location in Dex.  A Merchant admin can click the Onboarding link to complete the Onboarding process and once completed, Forte will receive confirmation from PayPal and the PayPal service will be enabled in Dex for the Merchant.

 

To begin your PayPal Onboarding process for your merchant account/location, complete the following steps:

  1. Click Locations on the Dex Main Menu. The Locations screen displays.
  2. Enter Location Name or Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services tab.
  5. A PayPal section will be displayed with the Merchants location unique Onboarding link.
  6. Click the copy           icon if required, to open the Onboarding link from any desired webpage and begin setting up your PayPal Merchant Account.
  7. Merchant Admin will Select the unique PayPal Onboarding Link to begin the Onboarding process.
  8. The PayPal section will be displayed with one of the following Statuses below throughout the Onboarding process.
  9. Once PayPal is ‘Active’ the PayPal Account email and PayPal Merchant ID (last 4 digits) will be displayed in the PayPal card section

Viewing PayPal Settings

To view PayPal settings of a merchant location, complete the following steps:

  1. Click Locationson the Dex Main Menu. The Locations screen displays.
  2. Enter Location Nameor Location ID in the Search field or use the Status, States, Postal Code, or Services filters to narrow down the list of locations.
  3. When you find the desired merchant location, click the row on which it's listed. The Location's Detail screen displays.
  4. If not already selected, click the Products and Services
  5. A PayPal section will be displayed with the Merchants PayPal Account information.
  6. Once PayPal is ‘Active’ the PayPal Account email and PayPal Merchant ID (last 4 digits) will be displayed in the PayPal card section.

Working with Secure Web Pay Settings

NOTE: Only Admins can view or edit a location's Secure Web Pay (SWP) settings.

To prevent toggling between two different products for merchant settings, we've added Virtual Terminal features to Dex. This gives you the ability to set up and maintain your organization settings from one product. In addition to creating legacy credentials and updating card settings, you can now also set up, view, and update your SWP settings. These settings apply to both the Checkout and Embedded (Capture and Charge Templates) versions of SWP.

Disabling/Enabling SWP

If you no longer need SWP, you can easily disable (or enable) it by completing the following steps:

  1. Navigate to the Locations Datagrid by clicking Locations in the Dex main menu.
  2. Enter the location's name or ID in the search field, or use the Status, States, Postal Code, Services, or PayFac Profile ID to narrow down the displayed list of locations.
  3. After locating the desired location, click the row on which it displays. The Location's Details Screen displays.
  4. If not already selected, click the Products and Services tab and scroll down to the Secure Web Pay (SWP) row.
  5. Click the toggle to disable (or enable) SWP. If successful, Dex displays a success message.

Viewing and Testing SWP Settings

To view a your SWP settings, complete the following steps.

  1. Navigate to the Locations Datagrid by clicking Locations in the Dex main menu.
  2. Enter the location's name or ID in the search field, or use the Status, States, Postal Code, Services, or PayFac Profile ID to narrow down the displayed list of locations.
  3. After locating the desired location, click the row on which it displays. The Location's Details Screen displays.
  4. If not already selected, click the Products and Services tab and scroll down to the Secure Web Pay (SWP) row.
  5. Click the View Code link. A View Code modal displays with the full HTML code of your SWP setup. From the View Code modal, you can copy the code by clicking the Copy button or view/test the code by clicking the Test Code button. After clicking the Test Code button, Dex automatically opens a sandbox browser window with a Pay Now button and its corresponding payment form.
  6. To return to the Location's Details Screen, click Cancel on the View Code modal.

Updating SWP Settings

To update your SWP settings, complete the following steps:

  1. Navigate to the Locations Datagrid by clicking Locations in the Dex main menu.
  2. Enter the location's name or ID in the search field, or use the Status, States, Postal Code, Services, or PayFac Profile ID to narrow down the displayed list of locations.
  3. After locating the desired location, click the row on which it displays. The Location's Details Screen displays.
  4. If not already selected, click the Products and Services tab and scroll down to the Secure Web Pay (SWP) row.
  5. Click the  to open the Secure Web Pay Settings modal

a. To update your contact information and payment settings, select the Main tab and edit the following fields:

Status

Message

Company Name

The Doing Business As (DBA) name of your business.

Email

Your customer service email address.

Phone

Your customer service phone number.

Fax

Your customer service fax number, if applicable.

Street Address

The first line of the street address of your physical business address.

Street Address 2

If necessary, the second line of the street address of your physical business address.

Postal Code

The postal/ZIP code of your physical business address.

City

The city of your physical business address. Dex auto-populates this field when you enter a value into the Postal Code field.

State/Province

The state or province of your physical business address. Dex auto-populates this field when you enter a value into the Postal Code field.

Accept Unsigned Transactions?

If you use the HTML integration method for SWP Checkout, select Yes. If you use the transaction signing integration method of SWP Checkout or the SWP Embedded Charge or Capture Templates in your desktop applications, select No.

eCheck

To accept echeck transactions, toggle this field on (i.e., green).

Transaction Types

Select what types of echeck transactions you want SWP to support by clicking the checkboxes next to the following options:


 • Debit
 • Credit
 • Auth Only

Credit Card

To accept credit card transactions, toggle this field on (i.e., green).

Transaction Types

Select what types of credit card transactions you want SWP to support by clicking the checkboxes next to the following options:

 •  Debit
 • Credit
 • Auth Only

Card Types

Select the type of card brands your organization supports from the following options:

 • VISA
 • MasterCard
 • American Express
 • Discover

Accept Scheduled Transactions?

If you want to allow customers to create schedules and make recurring payments, select Yes. If you do not want to support schedules or you're using the SWP Embedded Charge or Capture Templates, select No.

b. To update the UI and Return Page URLs of SWP, click the Style tab and edit the following fields:

Field

Description

Main Logo

Click the Browse button of the logo image box to open a File Explorer window and select the logo image that will display on the SWP payment form. Logo images must be in .jpg format and should be 900px x 100px.

Side Image

Click the Browse button of the side image box to open a File Explorer window and select an industry- or brand-specific image to display on your payment form. Side images must be in .jpg format and should be 150px x 150px.

Return Page URLs

Enter up to 10 different return page URLs. After the customer completes a transaction, SWP returns him/her to this return page. If the merchant does not provide a return page URL, Forte redirects the customer to a confirmation page.

c. To update the Billing Fields of SWP, click the Billing tab and edit the following fields:

Field

Description

Bill To Instructions

Enter a message that will instruct your customers on what billing information they must submit with their transactions (e.g., "Complete the required fields").

Bill To Fields

Click the radio buttons next to the following fields to define whether you want to make the field RequiredOptional, or Hidden when collecting billing information from your customers:

 • Company Name
 • First Name (cannot be hidden)
 • Last Name (cannot be hidden)
 • Address Line 1
 • Address Line 2
 • City
 • State
 • Postal Code
 • Phone Number
 • Email
To avoid fraud and chargebacks/returns, Forte recommends requiring address fields and running Address Verification Services (AVS) checks and/or using the Validate/Validate+ service for each transaction.

d. To edit the Shipping fields of SWP, click the Shipping tab and update the following fields:

Field

Description

Ship To Instructions

Enter a message that will instruct your customers on what shipping information they must submit with their transactions (e.g., "Complete the required fields"). If Ship To instructions are unnecessary, leave this field blank.

Ship To Fields

Click the radio buttons next to the following fields to define whether you want to make the field RequiredOptional, or Hidden when collecting shipping information from your customers:

 •  Name
 • Address Line 1
 • Address Line 2
 • City
 • State
 • Postal Code

e. To edit the payment/order instructions or update the order fields specific to your business, click the Order/Payment tab and update the following fields:

Field

Description

Payment Instructions

Enter a message that will instruct or inform your customers of relevant payment information. If payment instructions are unnecessary, leave this field blank.

Order Instructions

Enter a message that will instruct or inform your customers of relevant order information (e.g., "Orders made before 3PM CST will ship out same day"). If order instructions are unnecessary, leave this field blank.

Consumer Order ID

The merchant-defined invoice or order number of the transaction. From the Option dropdown, select whether you want this field to be RequiredOptional, or Hidden on the SWP Payment Form. Using the Format dropdown, select the acceptable format for this field using the predefined options or a custom option you create with the Validation Builder. Enter the customer-friendly label that will display on the SWP Payment Form in the Description field.

Wallet ID

A merchant-defined description or reference ID related to the transaction. From the Option dropdown, select whether you want this field to be RequiredOptional, or Hidden on the SWP Payment Form. Using the Format dropdown, select the acceptable format for this field using the predefined options or a custom option you create with the Validation Builder. Enter the customer-friendly label that will display on the SWP Payment Form in the Description field.

Xdata 1

Xdata 2

Xdata 3

Xdata 4

Up to four lines of additional merchant data associated with a transaction or schedule of transactions. From the Option dropdown, select whether you want each field to be RequiredOptional, or Hidden on the SWP Payment Form. Using the Format dropdown, select the acceptable format for each field using the predefined options or a custom option you create with the Validation Builder. Enter the customer-friendly label that will display on the SWP Payment Form in the Description field.

6. Click the Save button to save your updates and return to your Location’s Details Screen.

Adding Custom Validations to Order Fields

The Validation Builder gives you the ability to add input text validators to the Order fields on the Secure Web Pay Settings modal. Make your validators by choosing a template with a pre-defined format that you can customize or create a unique validator according to your own requirements. Once you create and save a validator, you can assign it to the Consumer Order ID, Wallet ID, or Xdata1–4 fields by selecting it from the Format dropdown on the Order/Payment tab.

To create a customer validator for the Order fields, complete the following steps:

  1. Navigate to the Locations Datagrid by clicking Locations in the Dex main menu.
  2. Enter the location's name or ID in the search field, or use the Status, States, Postal Code, Services, or PayFac Profile ID to narrow down the displayed list of locations.
  3. After locating the desired location, click the row on which it displays. The Location's Details Screen displays.
  4. If not already selected, click the Products and Services tab and scroll down to the Secure Web Pay (SWP) row.
  5. Click the  to open the Secure Web Pay Settings modal.
  6. Click the Order/Payment tab and scroll to the bottom of the modal.
  7. Click the Validation Builder link that displays above the Order fields. A Validation Builder slider displays.
    1. If you'd like to use a template for your validator, use the dropdown menu in the Template field to select a pre-defined template. You can choose from a variety of date validators, a phone number validator, or a URL validator. Dex automatically populates the Type, Name, Error Message, and Definition fields based on your template selection. Use the Type radio buttons and free-text Name, Error Message, and Definition fields to customize the template. After testing the template, click the Add to List button.
    2. To create a unique validator, select the desired syntax from the Type radio buttons: String, Date, Regular Expression. Add an easily identifiable label to it in the Name field and type out the error message that will display in the Error Message field. Add the validator's string, date, or regular expression syntax pattern that SWP will use to match to input text. For help with Regular Expression Definitions, see Microsoft's Regular Expression Language Quick Reference, which is also referenced on the slider modal. After testing the validator, click the Add to List button.
  8. Click the Close button on the Validation Builder slider to return to the Secure Web Pay Settings modal.
  9. Find the order field to which you want to apply the validator. Use the dropdown menu in the Format field to select the desired validator.
  10. Click the Save button to save your SWP Payment Form settings.

User Setup

Inviting New Users to Dex

To use all the features of Dex, the Admin of your organization must first invite you to become a credentialed Dex user, which entails assigning you to a role. Roles are sets of individual permissions for a user and are tied to the organization(s) to which the user belongs. A user can have more than one role and hence, more than one set of permissions.

For merchants, Dex's out-of-the-box roles include the following:

  • Merchant Admin: The organization's owner who has maximum permissions and can invite new users to the organization.
  • Merchant Manager: A role that enables the user to manage the organization's user records, but does not enable him or her to invite new users to the organization.
  • Merchant User: A role that enables the user to perform daily activities like performing transactions and creating/maintaining customer data.
  • Merchant Developer: A role that gives the user full API key management access and the ability to view the different screens in Dex.
  • Merchant View-Only: A roles that only enables users to view the different screens in Dex.

While the permissions of these roles constrict your access to resources in the Live environment, you have full Admin permissions to your Dex organization in the Sandbox environment. For more information on roles, see Managing Roles and for information on Sandbox testing, see Testing in Sandbox.

Creating Invitations

NOTE: Only Admins can perform the following tasks.

  1. To begin setting up users for your Dex organization, click Manage > Users in the Dex menu. The Users Datagrid displays.
  2. Click the Invite Users button. The Invite Users Modal displays.
  3. Enter the email address of the person you're inviting to join Dex in the Email field. To invite multiple users at once with the same role, separate the email addresses by commas with no spaces.
  4. Use the dropdown menu to select a Role for this user or group of users.
  5. If you would like to add a personal message to the invitation email in addition to the standard Dex boilerplate message, enter it in the Message field. NOTE: This field pre-populates with a message indicating that this invitation gives the user access to Dex in both Live and Sandbox.
  6. After completing all the required fields, click the Invite button. Dex returns you to the Users Datagrid with the new user(s) displayed in the Invited status. Each user has eight days to complete the Dex registration process before the unique registration link in the email expires. Admins must resend the invitation in the event of an expired link.

Resending Invitations to Users

If a user declines an invite, fails to register before the invite link expires, or is deleted, the Admin can resend the user another invite containing a new, unique registration link.

To resend a Dex invitation to a user, complete the following steps:

  1. Click Manage > Users in the Dex menu to access the Users Datagrid.
  2. Use the Status filter to narrow down the list of users according to Invited, Rejected, or Expired statuses within a specified date range. If you know the specific user to whom you want to resend the invite, use the Search field to find him or her by Name or Username (i.e., email).
  3. From the Users Datagrid, click  > Resend next to the user whose invitation you wish to resend, or access the User's Details Screen and click Actions > Resend. Dex sends the user another invite email with a unique registration link, changes the status of that user back to Invited, and immediately disables the registration link in his or her original invite email.

Revoking Invitations to Users

If a user invite is sent by mistake or the user no longer needs access to Dex, the Admin can revoke the invite and immediately disable the unique registration link contained in the user's invite email.

To revoke a Dex invitation to a user from the User Datagrid, complete the following steps:

  1. Click Manage > Users in the Dex menu to access the Users Datagrid.
  2. Use the Status filter to narrow down the list of users according to Invited status within a specified date range. If you know the specific user to whom you want to revoke the invite, use the Search field to find him or her by Name or Username (i.e., email).
  3. From the Users Datagrid, click  > Revoke next to the user whose invitation you wish to revoke, or access the User's Details Screen and click Actions > Revoke. The Revoke Invitation pop-up message displays.
  4. Click OK on the pop-up message. Dex returns you to the previous screen, changes the user's status to Deleted, and immediately disables the unique registration link contained in his or her original invite email.

Delete Users

Admins can delete users in the Active status to ensure they have no access to any Dex merchant organization or location data. When you delete a user from your organization, Dex also deletes that user's notification subscriptions. If the user is subscribed to time-sensitive or critical notifications (such as New Dispute notifications), ensure another user in your organization subscribes to these event notifications.

To delete a user from the Users Datagrid, complete the following steps:

  1. Click Manage > Users in the Dex menu to access the Users Datagrid.
  2. Use the Status filter to narrow down the list of users according to Active status within a specified date range. If you know the specific user you want to delete, use the Search field to find him or her by Name or Username (i.e., email).
  3. From the Users Datagrid, click  > Delete next to the user you wish to delete or, access the User's Details Screen and click Actions > Delete. The Delete User pop-up message displays.
  4. Click the Delete button on the Delete User pop-up message. Dex returns you to the previous screen, changes the user's status to Deleted, and disables his or her access to Dex.

Understanding Roles

Overview

All Dex users must be assigned to at least one role. Dex uses Roles-Based Access Control (RBAC) protocols to define user roles. Roles are sets of individual permissions for a user and are tied to the organization(s) to which the user belongs. A user can have more than one role and hence, more than one set of permissions. Permissions control what a user can access and what tasks he or she can perform.

Merchant Roles

Dex comes with the following generic, predefined roles and permissions for merchants:

Resource

Permission

Merchant Admin

Merchant Manager

Merchant User

Developer

View Only

Addresses

Create

Delete

Read

Update

API Keys

Create

Delete

Read

Update

Customers

Create

Read

Update

Disputes‡

Read

Update

Documents

Create

Delete

Read

Update

Funding Entries

Read

Invitations

Create

Delete

Read

Update

IP Whitelist

Read

Update

Locations

Read

Payment Methods

Create

Delete

Read

Update

PayPal

Read

Update

Roles

Read

Settlements

Read

Transactions

Auth

Capture

Disburse*

Force

Read

Resubmit

Sale

Verify

Void

Users

Delete

Invite

Read

Update

*Only Merchant Admin users can perform disburse/credit transactions. To assign this permission to a Merchant Manager or Merchant User, the Admin must assign users to the Create Credit role.

‡Merchant Admins can assign other users to the Dispute Manager role, which will enable them to view and update disputes.

The permissions inherent in these roles cannot be modified.

Assigning Users to a Role

To add one or more users to a role, complete the following steps:

  1. Click Manage > Users in the Dex menu to access the Users Datagrid. To find the specific user, type his or her Name or Username (e.g., email) into the Search field. You can also use the Status filter to narrow down the list of users according to Active status within a specified date range.
  2. Click the row on which the desired user's record displays. Dex displays the User's Details Screen.
  3. Click the Add to Role button displayed in the "Roles" section. The Add User to Role Modal displays.
  4. Click the checkboxes next to the role(s) you want to give the user. NOTE: You cannot assign a user to a role with more permissions than your own role.
  5. Click the Add to Role button. Dex returns you to the User's Details Screen with the new role(s) listed in the "Roles" section.

Manage User Roles

Admins control the permissions available to users via roles. The User's Details Screen provides Admins access to add and/or delete roles from a user account and provides a quick summary of what permissions a user currently has within Dex.

Adding a Role to a User Account

If a user needs more permissions in Dex to perform additional tasks, an Admin can add pre-defined roles to a user's record directly from the User's Details screen. To add roles to a user account, complete the following steps:

  1. Click Manage > Users in the Dex menu to access the Users Datagrid.
  2. Use the Status filter to narrow down the list of users according to Active status within a specified date range. If you know the specific user to whom you want to add roles, use the Search field to find him or her by Name or Username (i.e., email).
  3. After locating the desired user, click the row on which he or she is listed. The User's Details Screen displays.
  4. In the "Roles" section, click the Add Role button. The Add User to Role modal displays.
  5. Click the checkbox(es) next to the role(s) you want to give the user. NOTE: You cannot assign a user to a role with more permissions than your own role.
  6. After selecting all the roles you wish to add to this user account, click the Add Role button in the modal. Dex returns you to the User's Details Screen with the new roles displayed in the "Roles" section.

Deleting Roles from a User Account

NOTE: All Dex users must have at least one role. If the role you want to delete from a user is his or her's only role, you must first create or assign the user to another role prior to role deletion. To delete roles from a user account, complete the following steps:

  1. Click Manage > Users in the Dex menu to access the Users Datagrid.
  2. Use the Status filter to narrow down the list of users according to Active status within a specified date range. If you know the specific user from whom you want to delete a role, use the Search field to find him or her by Name or Username(i.e., email).
  3. After locating the desired user, click the row on which he or she is listed. The User's Details Screen displays.
  4. In the "Roles" section, hover your mouse over the role you wish to delete and then click the Delete button. The Remove User from Role pop-up message displays.
  5. Click Remove on the pop-up message. Dex returns you to the User's Details Screen with the role removed from the "Roles" section.

Understanding Dex Security Standards

Dex employs a number of security standards for user authentication and data security. This includes password complexity requirements, security browser cookies, and IP Allow Lists.

Password Requirements

All Dex passwords must meet the following requirements:

  • A minimum of 8 characters
  • Cannot contain three consecutive, identical characters (e.g., 111, aaa, or @@@)
  • Includes at least 1 lowercase letter (e.g., a, b, c, d, etc.)
  • Includes at least 1 uppercase letter (e.g., A, B, C, D, etc.)
  • Includes at least 1 of the following special characters: !, @, #, $, %, ^, or &.
  • Must be different than the previous five passwords
  • Must be different than your username

Users must update their passwords every 60 days and log into Dex at least once every 90 days. Dex suspends users who have been inactive for 90 days or more. Once a user is suspended, only the Admin of the organization can restore his/her access.

Restoring User Access

Admins who want to restore a suspended user's access must complete the following steps:

  1. Navigate to your Organization's Details Screen by clicking Organizations on the Dex main menu.
  2. Click the Security tab.
  3. Under the Suspended Users section, click the Manage link.
  4. Dex displays all of your organization's suspended users on the Users Datagrid.
  5. Reactivate each user using one of two methods:
    • From the Users Datagrid, click > Reactivate.
    • Access the User's Details Screen and click Actions > Reactivate.
  6. A Reactivate User message displays asking you to confirm the action. Click the Reactivate button. Dex reactivates the user and restores his/her access.
  7. Repeat steps 5 and 6 for additional suspended users.

Browser Cookies

Browser cookies add another layer of security to login authentication. Cookies prevent unauthorized access to your Dex account even if your credentials become compromised. For new users, Dex will set up and store the cookie on the machine used for registration. Users must set up a browser cookie each time he/she logs into Dex using a new or unfamiliar non-public machine. Do not save cookies to public devices.

To set up a browser cookie on a new device, complete the followings steps:

  1. Access the Dex Login Page and log in using your credentials. Dex will redirect you to a code verification page with a message about your unrecognized device.
  2. Click the Send Code button. Dex sends you a six-digit verification code to your registered email (i.e., username).
  3. Enter the six-digit code in the provided text box. Dex gives you up to three attempts to enter the correct verification code.
  4. Click the This is a public or shared computer checkbox if you are accessing Dex from a non-private/personal device.
  5. Click the Verify Code button. Dex redirects you to your Home screen.

IP Allow Lists

NOTE: Only Admins can enable and manage IP Allow Lists.

An IP Allow List is a service that gives you the ability to control access to Dex and limit that access to only trusted users. IP Allow Lists are lists of trusted IP addresses or IP address ranges from which users can access the Dex domain. Admin users at the Merchant, Partner, and Enterprise levels can create IP Allow Lists for their respective organizations. Once enabled, users can only access Dex from those approved IP addresses. If users attempt to log into Dex from non-allowed IP addresses, Dex displays their current IP address with a message advising them that the address must be added to the Allow List by their organization's admin.

To ensure you are notified of login attempts from non-allowed IP addresses or any updates to your IP Allow List, Dex automatically subscribes Merchant Admins, Enterprise Admins, and Partners to IP Allow List notifications when they accept their Dex invitation. You will receive these notifications for the following events:

  • Unauthorized Access
  • Allow List Updated
  • Allow List Deleted
  • Allow List Enabled
  • Allow List Disabled

Enabling IP Allow Lists

NOTE: IP Allow Lists must contain at least one IP address or IP address range to become fully enabled. For your convenience, the Manage IP Allow List Modal and the Dex login screen displays your IP address, so that you can quickly add it to the allow list to prevent lockout.

To enable and create an IP Allow List, complete the following steps:

  1. Log into your Dex Home Organization and click Organizations in the Dex main menu.
  2. Click the row on which the desire organization displays. If needed, search for the organization by either Organization Name or Organization ID or use the Legal Name, Status, Parent ID, Tax ID, or Type filters to narrow down the list that displays on the Organizations Datagrid.
  3. From the Organization's Details screen, click the Security tab.
  4. Click the Manage link under IP Allow Lists. A Manage IP Allow List modal displays.
  5. Click the toggle (i.e., make it green) next to the Enable IP Allow List field. The IP Address and Name fields display.
  6. In the IP Address field, enter either a single IP address (e.g., 192.168.100.14) or a range of IP addresses using Classless Inter-Domain Routing (CIDR) notation (e.g., 192.168.100.0/24).
  7. In the Name field enter a 60-character or less name for the IP address or range of addresses.
  8. Click the Add button. The IP address is added to the save list that displays on the Manage IP Allow List modal.
  9. Repeat steps 6–8 for all the IP addresses/ranges you want to add to the Allow List.

Managing the IP Allow List

Adding to the IP Allow List

To add to your IP Allow List, complete the following steps:

  1. Log into your Dex Home Organization and click Organizations in the Dex main menu.
  2. Click the row on which the desire organization displays. The Organization's Details screen displays.
  3. Click the Security tab on the Organization's Details screen.
  4. Click the Manage link under IP Allow List. A Manage IP Allow List modal displays.
  5. In the IP Address field enter either a single IP address (e.g., 192.168.100.14) or a range of IP addresses using Classless Inter-Domain Routing (CIDR) notation (e.g., 192.168.100.0/24).
  6. In the Name field enter a 60-character or less name for the IP address or range of addresses.
  7. Click the Add button. The IP address is added to the save list that displays on the Manage IP Allow List modal.
  8. Repeat steps 6–8 for all the IP addresses/ranges you want to add to the Allow List.

Editing an Allowed IP Address

To edit an IP address/range on your save list, access the Manage IP Allow List modal and complete the following steps:

  1. Find the desired address by scrolling through the list or searching for it by Name or IP Address in the Search field.
  2. Click the Edit icon that displays next to the IP address you want to modify. The text fields displaying the address values becomes editable.
  3. Add your updates to the IP Address or Name field and then click the Save icon. Dex returns you to the Manage IP Allow List modal.
  4. Repeat steps 1–3 for all the IP addresses/ranges you want to modify.

Deleting an Allowed IP Address

To delete an IP address/range from your save list, access the Manage IP Allow List modal and complete the following steps:

  1. Find the desired address by scrolling through the list or searching for it by Name or IP Address in the Search field.
  2. Click the Delete icon that displays next to the IP address you want to delete. A message displays asking you to confirm the deletion.
  3. Click the Delete button to confirm the deletion and return to the Manage IP Allow List modal.
  4. Repeat steps 1–3 for all the IP addresses/ranges you want to modify.

Disabling IP Allow Lists

If you no longer wish to enforce IP Allow Lists for Dex access, you can disable it from the Manage IP Allow List modal. If you later decide to re-enable it, your saved list of IP addresses/ranges automatically reactivates too. To disable IP Allow Lists for your organization, complete the following steps:

  1. Log into your Dex Home Organization and click Organizations in the Dex main menu.
  2. Click the row on which the desire organization displays. If needed, search for the organization by either Organization Name or Organization ID or use the Legal Name, Status, Parent ID, Tax ID, or Type filters to narrow down the list that displays on the Organizations Datagrid.
  3. From the Organization's Details screen, click the Security tab.
  4. Click the Manage link under IP Allow Lists. A Manage IP Allow List modal displays.
  5. Click the toggle (i.e., make it gray) next to the Enable or disable IP Allow List for your organization field. A message displays asking you to confirm that you want to disable this feature.
  6. Click the Disable button to confirm. Dex returns you to the Manage IP Allow List modal.

Resolving a TIN Mismatch

The Tax Identification Number (TIN) you submit with your merchant application must match the full Legal Name that you registered with the IRS. Otherwise, we get a TIN mismatch. We understand that typos happen and rather than delay your merchant onboarding, we provisionally enroll you so that you can begin processing transactions.

When enrolled with TIN mismatch, your organization will be placed on a funding and disbursements hold until we can verify your identity. After 30 days, organizations that remain unverified will have their transaction processing capabilities disabled. Merchant accounts unverified after 60 days will be closed due to lack of compliance and funds will be handled in compliance with state laws, which may include escheatment to your state for disbursement.

We'll notify you if a TIN Mismatch occurs and how you can resolve it through the following channels:

  • The Enrollment Approval letters that contain your processing credentials
  • The Dex Invitation email
  • A bright red warning banner that displays at the top of your Dex screen

Once you've submitted the corrected TIN/Legal Name combination and your Forte Location ID to our Underwriting Team, we'll review and validate your organization and then remove the funding and disbursement holds within 3–7 business days. We'll also remove the red warning banner that displays at the top of your Dex screen.

On this page