LogoThreatmatic
Admin

User Management

Search, filter, and manage every user account on the platform.

Admin → Users (/admin/users) provides a full-platform user management table visible only to admins.

Capabilities

  • List all users — paginated table of every registered account
  • Search & filter — find users by name, email, role, or status
  • Role management — promote or demote users between roles
  • Account actions — suspend, delete, or reset authentication for any account

Access Check

The page performs a server-side permission check using auth.api.userHasPermission with the user:list permission before rendering. Users without this permission receive a 403 Forbidden response even if they hold the admin role.

Self-exclusion

The selfId of the currently signed-in admin is passed to the data table so the UI can prevent admins from accidentally modifying their own account's role or status.

How is this guide?

Last updated on

Admin

Platform-wide administration — users, feature flags, and software versions.

Feature Flags (Admin)

Manage platform-wide feature flags that apply to all organizations.

On this page

Capabilities
Access Check