User Management

The User Management page is accessible only to administrators. It provides tools to create, edit, deactivate, and delete user accounts, assign roles, and configure resource access patterns.

Accessing User Management

1. Click the user profile icon in the top-right corner.

2. Select Admin from the dropdown menu.

3. The User Management page loads, displaying all registered users.

User Dashboard

The user dashboard displays a table with the following columns:

Column	Description
Email	User’s email address (unique identifier)
Name	First and last name
Role	Assigned role (Admin, Operator, Member, or Service)
Access	Summary of resource access patterns (e.g., “Full access”, “3 patterns”, “No patterns”)
Provider	Authentication provider (Local or OAuth)
Password	Password status indicator
Active	Toggle to activate or deactivate the account
Last Login	Timestamp of the user’s most recent login
Actions	Edit and Delete controls

Roles

Role	Description
Admin	Full access to all features, including user management and license administration
Operator	Full migration access (create, monitor, cutover jobs) without user management or license administration
Member	Limited access, restricted by resource access patterns configured by an administrator
Service	Used for service accounts. This role cannot be assigned through the UI but appears in the user table for accounts provisioned externally

Adding a New User

1. Click the Add User button on the User Management page.

2. Enter the user’s Email address. This serves as the unique identifier and cannot be changed after creation.

3. Optionally enter the First Name and Last Name.

4. Select a Role from the dropdown (Admin, Operator, or Member).

5. The system generates an auto-generated temporary password. Copy this password and share it with the user through a secure channel.

6. Optionally configure a Password Expiry to enforce periodic password changes.

7. Configure Access Patterns for Topics, Schemas, and Consumer Groups (see Resource Access Patterns below).

8. Click Save to create the user account.

Tip

New local users are required to change their temporary password upon first login. Ensure you communicate the temporary password through a secure channel such as an encrypted message or in-person delivery.

Editing a User

1. Locate the user in the dashboard table.

2. Click the Edit action button in the user’s row.

3. Update the Name, Role, Password Expiry, or Access Patterns as needed.

4. Click Save to apply the changes.

Caution

The user’s email address cannot be changed after the account is created. If a user needs a different email, create a new account and deactivate the old one.

Resetting a Password

1. Open the Edit User dialog for the target user.

2. Click Reset Password.

3. The system generates a new auto-generated temporary password.

4. Copy the temporary password and share it with the user through a secure channel.

5. Click Save to confirm.

The user will be prompted to update their password on the next login.

Authentication Providers

Provider	Description
Local	Passwords are managed within the application. Password reset is available through the admin panel.
OAuth	Authentication is handled by an external identity provider. In-app password reset is not available for these accounts.

See SSO Configuration for details on setting up OAuth authentication.

Activating and Deactivating Users

Each user row includes an Active toggle:

• Active: The user can log in and access the suite based on their role and access patterns.
• Deactivated: The account remains in the system but the user cannot log in. Deactivation is reversible by toggling the switch back.

Tip

Deactivating a user is preferable to deleting when you need to temporarily revoke access. Deactivated accounts retain their configuration and can be reactivated without re-entering access patterns.

Deleting a User

Click the Delete action in the user’s row and confirm the deletion in the dialog. This action is permanent and irreversible. All user data, including access patterns and activity history references, are removed.

Danger

Deleting a user cannot be undone. If you are unsure whether the account may be needed in the future, consider deactivating it instead.

Resource Access Patterns

Access patterns control which resources a user can see and manage. They apply to three resource types:

Topics

Define patterns that match topic names. For example, a pattern of orders-* grants access to all topics whose name starts with orders-.

Schemas

Define patterns that match schema subject names. Patterns follow the same wildcard syntax as topic patterns.

Consumer Groups

Define patterns that match consumer group IDs. Patterns follow the same wildcard syntax as topic patterns.

Access Levels

Each pattern is assigned one of two access levels:

Access Level	Description
Read	User can view the resource and its status but cannot perform management actions
Manage	User can view the resource and perform management actions (add, remove, cutover)

Example Configuration

Resource Type	Pattern	Access Level
Topics	orders-*	Manage
Topics	analytics-*	Read
Schemas	orders-*	Manage
Consumer Groups	order-processing-*	Manage

Access Column Summary

The Access column in the user dashboard provides a quick summary:

Display	Meaning
Full access	No restrictions applied (Admin, Operator, and Service roles)
N patterns	Number of access patterns configured
No patterns	No access patterns defined, user has no resource visibility