All users in LabKey must have user accounts at the site level. The site administrator can add and manage registered user accounts via (Admin) > Site > Site Users
Edit user contact information and view group assignments and folder access for each user in the list.
- Select (Admin) > Site > Site Users.
- Deactivate/Re-activate: Control which users are active, i.e. shown in user-selection dropdowns.
- Delete: Delete a user account. See below for more information about the consequences of this action; you may want to deactivate instead.
- Add Users: Click to insert users by entering a list of email addresses. Optionally send notification emails. See Add Users for more details.
- Change User Properties: Manage the set of columns in this table.
- History: Show the history of changes, additions, deletions to this table.
- Has Password: Indicates that the user has a password in LabKey's built-in database authentication system.
Project Administrators can manage similar information for project users by going to (Admin) > Folder > Project Users
. See Manage Project Users
for further information.
Edit User Contact Information
To edit contact information for a user from the site admin table, hover over the row for the user of interest to expose the (Details)
link in the first column, as shown in the screencap above, then click it to view editable details.
- Show Users: Return to the site users table.
- Edit: Edit contact information.
- Reset Password: Force the user to change their password by clearing the current password and sending an email to the user with a link to set a new one before they can access the site.
- Change Email: Edit the email address for the user.
- Deactivate: Deactivated users will no longer be able to log in, but their information (including group memberships) will be preserved in case they are re-activated at a later time.
- Delete: Permanently delete the user. This action cannot be undone and you must confirm before continuing by clicking Permanently Delete on the next page. See below for some consequences of deletion; you may want to consider deactivating the user instead.
- History: Below the user properties you can see the history of logins, impersonations, and other actions for this user.
Users can manage their own contact information when they are logged in, by selecting (User) > My Account
from the header of any page.
Customize User Properties
You can add fields to the site users table, change display labels or order of existing fields and also define which fields are required during the user registration process.
- Select (Admin) > Site > Site Users.
- Click Change User Properties.
- To mark a field as required, check the Required box, as shown for "LastName" below.
- To add a new field, such as "MiddleName", as shown below:
- Click Add Field (lower left).
- Enter the Name: MiddleName (no spaces).
- Leave the default "Text" Data Type selected.
- Click Save when finished.
To view the groups that a given users belongs to and the permissions they currently have for each project and folder on the site, click the [permissions
] link next to the user's name on the Site Users page.
If your security needs require that certain users only have access to certain projects, you must still create all users at the site level. Use security groups
to control user access to specific projects or folders. Use caution as the built in group "Site: Users" will remain available in all containers for assignment to roles.
The ability to inactivate a user allows you to preserve a user identity within your LabKey Server even after site access has been withdrawn from the user.
When a user is deactivated, they can no longer log in and they no longer appear in drop-down lists that contain users. However, records associated with inactive users still display the users' names. If you instead deleted the user completely, the display name would be replaced with a user ID number.
The Site Users and Project Users pages show only active users by default. Inactive users can be shown as well by clicking Include Inactive Users
above the grid.
When a user leaves your group or should no longer have access to your server, before deciding to delete
their account, first consider whether that user ID should be deactivated instead. Deletion is permanent and cannot be undone. You will be asked to confirm the intent to delete the user.
Some consequences of deletion include:
- The user's name is no longer displayed with actions taken or data uploaded by that user.
- If the user is the recipient of important system notifications, those notifications will no longer be received.
- If the user defined as owning data reloads (such as of studies or external data), when the user is deleted, these reloads will raise an error.
- Group membership and permission settings for the deleted user are lost. You cannot 'reactivate' a deleted user to restore this information.
Generally, deactivation is recommended with long time users. The deactivated user can no longer log in or access their account, but account information is retained for audit and admin access.