Skip to main content
FiveM has two separate permission layers, and a well-run server uses both. txAdmin admins can use the web dashboard — kick, ban, warn, restart, manage the whitelist. ACE permissions control what players can do in-game — admin commands, framework staff menus, and permission-gated resources. Making someone a txAdmin admin does not automatically give them in-game powers, and vice versa.

Layer 1: txAdmin Admins

1

Open the Admin Manager

In the txAdmin web interface (see txAdmin Setup), open Admin Manager from the menu. Only the master account and admins with the manage admins permission can access it.
2

Create a new admin

Click New Admin and fill in a username. Link the admin’s Cfx.re account (their forum username) so they can log in with it — you can also link their Discord ID.
3

Assign permissions

txAdmin permissions are granular: view console, kick, ban, whitelist, manage settings, and more. Give each staff member only what their role needs.
4

Share the login

Send them your txAdmin URL. They log in with their Cfx.re account — no passwords to manage.

Finding a Player’s Identifiers

For in-game (ACE) permissions you need a player identifier. FiveM players have several: fivem (Cfx.re account ID), license (Rockstar license hash), discord (Discord user ID), and steam (only when a Steam Web API key is set). Two easy ways to find them:
  • txAdmin: open Players, click the player, and their identifiers are listed in the player modal.
  • Live console: with the player online, run status in the console in the Game Panel — it lists connected players; then use txAdmin or your framework’s admin tools to view full identifiers.
IdentifierExampleNotes
identifier.fivem:identifier.fivem:1234567Cfx.re account ID — short and easy to read
identifier.license:identifier.license:a1b2c3...Rockstar license hash — always present, most commonly used
identifier.discord:identifier.discord:123456789012345678Discord user ID — only if the player runs Discord alongside FiveM
identifier.steam:identifier.steam:110000112345678Hex Steam ID — requires steam_webApiKey on the server
Prefer license or fivem identifiers for permanent admin grants — they’re always available, while discord and steam identifiers depend on how the player launched the game.

Layer 2: ACE Permissions in server.cfg

ACE is FiveM’s built-in access control system. You define what a group may do with add_ace, and put people in groups with add_principal. Add these lines to your server.cfg and restart:
# Give the admin group access to run commands
add_ace group.admin command allow

# But explicitly deny the dangerous quit command
add_ace group.admin command.quit deny

# Add players to the admin group by identifier
add_principal identifier.fivem:1234567 group.admin
add_principal identifier.license:a1b2c3d4e5f67890a1b2c3d4e5f67890a1b2c3d4 group.admin
add_principal identifier.discord:123456789012345678 group.admin
LineWhat it does
add_ace group.admin command allowGrants the group.admin group permission to use console commands
add_ace group.admin "resource.permission" allowGrants a specific permission a resource asks for (check its docs)
add_principal identifier.fivem:... group.adminPuts a specific player (by Cfx.re ID) into group.admin
add_ace group.admin command allow grants access to every registered command, including destructive ones like stop and quit. For larger staff teams, grant specific commands instead (e.g. add_ace group.mod command.kick allow) or pair the broad grant with explicit deny rules as shown above. Only give full command access to people you trust with the entire server.

Group Inheritance

Groups can inherit from other groups using add_principal between principals:
# admins inherit everything moderators can do
add_principal group.admin group.moderator

add_ace group.moderator command.kick allow
add_ace group.admin command.stop allow
Here group.admin automatically has command.kick (inherited) plus command.stop (its own). This lets you build a clean staff hierarchy: user → moderator → admin.
Framework admin systems (QBCore’s qb-adminmenu, ESX’s admin groups, or txAdmin’s own in-game menu) layer on top of ACE — many of them check for specific ACE permissions documented in their READMEs, while others keep their own permission lists in the database.

Test Your Setup

  1. Restart the server so the new server.cfg lines load.
  2. Join the server with the account you granted.
  3. Open the F8 console and try a permission-gated command — for example txadmin scripts respond to /tx for txAdmin admins, or test a simple registered admin command from one of your resources.
  4. If you get “Access denied”, re-check the identifier (one typo breaks the whole line) and confirm the line appears after any framework ensure lines that register the permissions.

Security Best Practices

  • Never paste add_principal lines sent by strangers “to help debug” — this is a common social-engineering trick.
  • Audit your admin list regularly, in both txAdmin’s Admin Manager and server.cfg.
  • Give sub-users on the Game Panel only the panel permissions they need — panel access is a third, separate layer above txAdmin and ACE.
  • Take regular backups so a rogue admin’s damage can be rolled back.

Build your staff team on solid ground

FiveM server hosting from €4.80/month at Wasabi Hosting — with DDoS protection and 24/7 support behind your community.