Access the Yalla Admin Web
This section explains how users access the Yalla Admin Web and how the system handles authorization and sessions.
Log in to the Admin Web Portal
- Users access the Yalla Admin Web using their email and password
- Only authorized admin users can successfully log in
- Login supports:
- Standard email/password authentication
- OTP verification on each login
- Admin can hide/show their password by selecting the eye icon
- Admin has to check the checkbox; if not, the Sign in button will stay disabled
- With the right credential user can log in as an Admin
If credentials are valid but the user is not an admin, access is denied.
Understand Admin vs Non-Admin Access
- Admin users
- Can access the Admin Web
- Can manage hospital data, appointments, staff, and services
- Non-admin users (patients or app users)
- Cannot access the Admin Web
- Attempting to log in shows an Unauthorized message
- Must use the Mobile App instead
Admins can only:
- View and manage data for their own hospital
- Not access data from other hospitals
Session Timeout and Unauthorized Behavior
- Admin sessions are time-bound
- After a period of inactivity or daily expiry:
- The session expires automatically
- The user is logged out
When a session expires:
- The system redirects the user to the login page
- Unauthorized pages are not accessible
- Users must log in again to continue
If a user attempts to access Admin Web features without a valid session:
- An Unauthorized or Session Expired message is shown
- No data is exposed