Multi-Operator Setup

XoloC2 supports multiple simultaneous operators. All operators share the same session list, task history, and operator chat. Access is controlled by a single role flag: admin vs operator.

Role differences

Capability	Admin	Operator
Sessions, tasking, stager, reports	✓	✓
Operator chat	✓	✓
Beacon generator	✓	✓
Settings (IP whitelist, webhook, secret rotation)	✓	✓
User management (create / delete accounts)	✓	✗
Audit log	✓	✗

The admin account created during installation is the only admin by default. All accounts created from the panel are operators.

Step 1 — Create an operator account

Fill in:

Username — minimum 3 characters
Password — minimum 12 characters

The new account is created with must_change_password = true — the operator will be forced to set their own password on first login.

Share the temporary password out-of-band (Signal, encrypted email, etc.). The operator changes it on first login.

Ask the operator to enable TOTP MFA after their first login. See the MFA setup guide.

You can verify MFA status for all operators from Settings > Users — the MFA column shows enabled/disabled per account.

Step 4 — Revoke access

To remove an operator, go to Settings > Users and click Delete next to their account. The deletion is logged in the audit log.

Notes

There is no UI to promote an operator to admin — admin status requires a direct database edit:
Terminal window
```
sqlite3 server/xoloc2.db "UPDATE users SET is_admin=1 WHERE username='newadmin';"
```
All operators share the same beacon pool — there is no per-operator session isolation
Task history includes the operator username who sent each task (visible in reports and audit log)
Operator chat is shared and persisted — all messages are visible to all connected users

Multi-Operator Setup

Multi-Operator Setup

Role differences

Step 1 — Create an operator account

Step 2 — Share credentials securely

Step 3 — Recommend MFA enrollment

Step 4 — Revoke access

Notes