Users
Admin → Users. A server-side DataTables grid — search across all columns, per-column sort, a
filter toolbar — plus a validated editor, all driven over /api. Row controls (edit / delete) appear
only when your ACL allows them (the server computes the permission flags).
Users are thin — roles live on the membership
A user is pure identity. The important thing to know when managing users:
- Roles are not on the user. A user's role comes from their membership in an org (
org_user). So the same person can be an admin in one organization and a viewer in another. You grant a role by adding or editing a membership, not by editing the user. - Credentials live elsewhere. Passwords, 2FA, and API tokens are factors in
user_credential, not fields on the user — see Auth & sessions.
See also
- Organizations — the tenants a user belongs to.
- Multi-tenancy — why the membership is the tenancy boundary and the role.