Vendor login error: You are not allowed to login to this area

I’m trying to setup a vendor account to test functionality and I can’t seem to log in as a vendor!

At first it took me awhile to figure out but you go to /vendor.php

This redirects me to


Which is strange because that means it’s really /index.php?dispatch=auth.login_form&return_url=

so it’s using the customer login form now. When I try to log in as a vendor i get the error:

You are not allowed to login to this area.

Which I’m assuming is happening because I’m a vendor/administrator user trying to log into the customer area. Is something misconfigured or broken here?

Please help!:confused:



this is a guess…

There is probably either a POSTed value or something set in the session that tells the system what your user_type is at login.

Good idea, but I cleared my cookies and it’s still the same issue. I also tried in a different browser. Can someone confirm that vendor.php forwards you to the customer log in area?

I’m not sure what’s actually supposed to happen…



You can’t log in as the Admin and the vendor on the same browser. Sucks I know but doesn’t work. You have to log out of admin first. Then log in as vendor. At least that’s what I have had to do. Hope that helps.

I usually open IE and Google Chrome or even Firefox just so I can hop back and forth without having to sign in and out.

Ok guys I’ve figured it out, after eliminating pretty much all possible options I knew it had to be a config issue.

In config.local, there are the lines:

$config[‘admin_index’] = ‘admin.php’;

$config[‘customer_index’] = ‘index.php’;

And interestingly it said nothing about a vendor index. I just added this line

$config[‘vendor_index’] = ‘vendor.php’;

And now everything works fine!

It’s strange because the zip file with the MV edition has that line in there, but somehow through the configuration process it got deleted.

In any case if anyone has the same problem, make sure in your config.local.php file you have all 3 lines:

$config[‘admin_index’] = ‘admin.php’;

$config[‘customer_index’] = ‘index.php’;

$config[‘vendor_index’] = ‘vendor.php’;

(or whatever you name those files)



I'm on 3.0.4 and can see the 3 lines are in my config.local file… still have the same problem. Can't logout of vendor fully when accessing a vendor admin page. Have to use different browsers.

I go to and get this:

Access denied

You don't have permission to access the page.

I can see the vendor username is still at the top right and top left show vendor: vendor name. I click on logout and it goes to this link: with the same message. Cleared cache, still doesn't work.

Very frustrating, anyone have a solution?