Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Users

The Users page in Kinesis API provides comprehensive user management capabilities for administrators. This interface allows root users to view, add, modify, and delete user accounts across the platform.

Access Control

Important: The Users management page is only accessible to users with the ROOT role. Other users attempting to access this page will be redirected to the dashboard.

Accessing the Users Page

To access the Users management page:

  1. Log in with a ROOT user account
  2. Navigate to /web/users in your browser or use the navigation menu

User Interface Overview

Users Management Page

The Users management interface includes:

  • A searchable list of all users in the system
  • Pagination controls for navigating through large user lists
  • Actions for adding new users, changing roles, and deleting accounts
  • User details including ID, username, name, email, and role

Viewing and Filtering Users

User List

The main section of the page displays a table of users with the following information:

  • ID: The unique identifier for each user
  • Username: The login name (links to user profile)
  • Name: The user's full name (first and last name)
  • Email: The user's email address
  • Role: The user's permission level (ROOT, ADMIN, AUTHOR, or VIEWER)
  • Actions: Buttons for available actions on each user

Filtering Users

To find specific users:

  1. Use the search box at the top of the user list
  2. Type any part of the username, name, email, or role
  3. The list will automatically filter to show matching users

Pagination

For systems with many users:

  1. Navigate between pages using the pagination controls
  2. The page displays up to 15 users at a time

User Roles

Kinesis API implements a role-based access control system with four permission levels:

RoleDescription
ROOTFull system access, including user management and critical system settings
ADMINAdministrative access to most features, but cannot manage users and configs
AUTHORCan create and modify content but has limited administrative access
VIEWERRead-only access to most parts of the system

Adding New Users

Prerequisite: SMTP settings must be properly configured for the user registration process to work. See Configs for details on setting up email.

To add a new user:

  1. Click the "Add a New User" button at the top of the page
  2. Fill in the required information:
    • First Name
    • Last Name
    • Username
    • Email Address
  3. Select the appropriate role for the user
  4. Click "Create"

Behind the Scenes

When you create a new user:

  1. The system generates a secure random password
  2. An email is sent to the new user with their:
    • Username
    • Generated password
    • Login instructions
  3. The password is hashed before storage and cannot be retrieved later

Add User Modal

Changing User Roles

To change a user's role:

  1. Find the user in the list
  2. Click the role change button (star icon)
  3. Select the new role from the available options
  4. Confirm the change

Note that:

  • You cannot change the role of ROOT users
  • You cannot downgrade your own ROOT account

Change Role Modal

Deleting Users

To delete a user account:

  1. Find the user in the list
  2. Click the delete button (trash icon)
  3. Confirm the deletion in the modal that appears

Important considerations:

  • User deletion is permanent and cannot be undone
  • All user data and associated content will be removed
  • ROOT users cannot be deleted through this interface
  • You cannot delete your own account

Delete User Modal

Password Management

The Kinesis API user management system handles passwords securely:

  • Passwords for new users are automatically generated with strong entropy
  • Passwords must contain lowercase letters, uppercase letters, numbers, and special characters
  • Passwords are never stored in plain text—only secure hashes are saved
  • Users can reset their passwords via the "Forgot Password" functionality
  • Admin users cannot see or reset passwords directly, only trigger the password reset process