Users

Admin → Users. A server-side DataTables grid — search across all columns, per-column sort, a filter toolbar — plus a validated editor, all driven over /api. Row controls (edit / delete) appear only when your ACL allows them (the server computes the permission flags).

Users are thin — roles live on the membership

A user is pure identity. The important thing to know when managing users:

  • Roles are not on the user. A user's role comes from their membership in an org (org_user). So the same person can be an admin in one organization and a viewer in another. You grant a role by adding or editing a membership, not by editing the user.
  • Credentials live elsewhere. Passwords, 2FA, and API tokens are factors in user_credential, not fields on the user — see Auth & sessions.

See also