Introduction

After going through the initial installation process, you should now be able to login as the admin user you created with the system admin user.

As an admin, you'll be able to handle many operational tasks such as:

  • Creating, deleting, and updating users, environments, images, and image versions
  • Adjusting user permissions for resources
  • Viewing an audit log of user actions on system resources

User Management

All user management can be handled from the Users page on the dashboard.

Create

Built in authentication

When using built in authentication, the admin is required to add each user that should have access to the platform.

The New User button on the Users page can be used to create a new user.

Create a new user for each developer with the correct name, email, and a temporary password that they can use to sign in with.

Once they sign in, they will be able to change their password.

SAML authentication

When using SAML authentication, a user is created in the system whenever they sign in through their organization's SAML provider for the first time. The user will not have a password set in the system, and all authentication will go through the SAML provider.

Delete

To delete a user from the platform, find the desired user on the Users page, and click the Delete button associated with the user.

If your Coder installation is configured to work with your organization's SAML provider, the user isn't completely deleted from the system, but instead has their access revoked so that they're not able to access the platform anymore.

Update

The Users page provides many options for adjusting a user, such as:

  • Change a user's authentication type from built-in to SAML and vice versa
  • Change a user's role to give them heightened or reduced permissions
  • Changing a user's password in case they forgot it (when using built in authentication)

All of these updates can be made by finding the user on the Users page and adjusting as needed.

User roles and permissions

A user can have one of the following roles:

  • Super Admin - There is only one of these in the system, this is the system admin used for initial configuration
  • Admin - This is the role used for all platform administration tasks as described in this guide
  • Auditor - This role allows a user to audit all users
  • User - This is the default role that each user gets when they're initially created

A user's permissions are associated with a particular resource. They can have these permissions:

  • Writer - The user can make adjustments to the resource
  • Reader - The user can view the resource, but cannot make any adjustments

A user's role and permissions are all handled by the Coder platform for both built in and SAML authentication. This means that any roles or attributes set through your organization's SAML Identity Provider will be ignored by Coder. The main reason for this is to provide a simple and fully integrated experience for users and admins.

Auditing

All user actions on resources in the system are audited to provide a chronological event trail.

The audit log can be viewed on the Audit page.

Audit entries can be filtered by:

  • Resource type - A resource type being an Image, Environment, User, etc.
  • Action - An action against a resource, i.e. Read, Write, Create, etc.
  • Resource ID - All events against a specific resource
  • Resource Target - A friendly name for a resource, i.e. User with email developer@coder.com
  • User ID - All events by a specific user

Permissions

User permissions for a resource can be updated on the associated resource page.

Image Permissions

Image permissions can be changed through the Images page on the dashboard.

A user can be granted read or write permissions to an image. Any user with write permissions for an image can grant other users read or write access to an image.

Along with granting permissions, a user's image permissions can be revoked by an admin or a user who has write permissions for the image.

Table of Contents