The Users page allows administrators to manage user accounts, assign roles, and control access to deployments.
Users Overview
The user list displays all accounts in your FlatRun instance:
- Username — User identifier
- Email — Contact email
- Role — Permission level (Admin, Operator, Viewer)
- Status — Active or disabled
- Created — Account creation date
- Last Login — Most recent login time
User Roles
FlatRun provides three built-in roles with different permission levels:
| Role | Description | Permissions |
|---|---|---|
| Admin | Full system access | All operations, user management, system settings |
| Operator | Deployment management | Create, modify, delete assigned deployments |
| Viewer | Read-only access | View deployments, logs, and stats |
Role Capabilities
| Action | Admin | Operator | Viewer |
|---|---|---|---|
| View deployments | ✓ | ✓ | ✓ |
| View logs | ✓ | ✓ | ✓ |
| Start/stop deployments | ✓ | ✓ | ✗ |
| Create deployments | ✓ | ✓ | ✗ |
| Edit deployments | ✓ | ✓ | ✗ |
| Delete deployments | ✓ | ✓ | ✗ |
| Manage users | ✓ | ✗ | ✗ |
| System settings | ✓ | ✗ | ✗ |
Creating Users
- Click "Add User"
- Fill in user details:
- Username — Unique identifier
- Email — Valid email address
- Password — Initial password
- Role — Select permission level
- Click "Create"
Tip: Users receive an email notification with their credentials when created (if email is configured).
Editing Users
- Click on a user in the list
- Click "Edit"
- Modify details:
- Role
- Status (active/disabled)
- Save changes
Changing Username
Usernames cannot be changed after creation. Create a new user if a username change is needed.
Password Management
Reset User Password
- Select the user
- Click "Reset Password"
- Enter a new password or generate one
- Notify the user of their new password
User Self-Service
Users can change their own password from their profile:
- Click on username in the header
- Go to "Profile"
- Click "Change Password"
- Enter current and new password
Deployment Access
Control which deployments a user can access (for Operator and Viewer roles).
Assigning Deployments
- Open the user's detail page
- Go to "Deployments" tab
- Click "Assign Deployment"
- Select deployment(s)
- Choose access level:
- Read — View only
- Write — View and modify
- Admin — Full control including delete
- Save
Access Levels
| Level | Permissions |
|---|---|
| Read | View deployment, logs, stats |
| Write | All read + start/stop, edit config |
| Admin | All write + delete, manage access |
Removing Access
- Open the user's deployments tab
- Find the deployment
- Click the remove icon
- Confirm removal
Viewing Users by Deployment
See who has access to a specific deployment:
- Navigate to the deployment
- Go to Settings → Access
- View list of users and their access levels
Disabling Users
Disable a user to prevent login without deleting the account:
- Edit the user
- Toggle "Status" to disabled
- Save
Disabled users:
- Cannot log in
- Retain their configuration
- Can be re-enabled later
- API keys are also disabled
Deleting Users
- Select the user
- Click "Delete"
- Confirm deletion
Warning: Deleting a user also removes their API keys and access assignments. This action cannot be undone.
Your Profile
Access your own account settings:
- Click your username in the header
- Select "Profile"
- View/edit:
- Email address
- Password
- Notification preferences
- API keys
Activity Tracking
View user activity in the Audit Log:
- Login attempts
- Deployment actions
- Configuration changes
- API usage
See Audit Logging for more details.
Best Practices
- Least privilege — Assign the minimum role needed for each user
- Regular audits — Review user access periodically
- Disable unused accounts — Don't leave inactive accounts enabled
- Strong passwords — Enforce password complexity
- Deployment scoping — Only grant access to needed deployments
Keyboard Shortcuts
| Shortcut | Action |
|---|---|
n | Create new user |
/ | Focus search |