Appfarm Documentation
Getting startedDocumentationCommunityAppfarm Create
  • Overview
  • Getting Started
    • What is Appfarm?
    • Key concepts
    • Quickstart
      • Speed intro
      • Step-by-step guide
    • Appfarm Showroom
    • FAQ
  • Appcademy
    • Learning paths
    • Appfarm Fundamentals
      • Intro Course
        • 1. Intro to No-Code and Appfarm
        • 2. Navigation in Appfarm Create
        • 3. What is Apps?
        • 4. Intro to UI Editor
        • 5. Data Model
        • 6. App Data
        • 7. Actions
        • 8. Tips and Tricks
        • 9. Intro to practical walkthrough
        • 10. Create a details view of a Project
        • 11. Create a Custom List
        • 12. Swipe and Delete
        • 13. Functionality for simple Create of Data
        • 14. Upload and Download Photos
        • 15. Input Dialog with Validation and Save
        • 16. Dashboard
        • 17. Summary
        • Quiz
      • User Interface Fundamentals
        • Container - Sectioning, Styling and Repeating
        • Conditional Styles
        • Motions
        • Responsive Design
        • Step-by-step workflow
        • Featured UI Components
        • Quiz
      • App Data Fundamentals
        • Data Source Filtering
        • App Variables and Runtime Properties
        • URL Parameters
        • Quiz
      • Actions & Logic Fundamentals
        • Event Handlers
        • Featured Action Nodes
        • Context Parameters
        • Quiz
      • Services Fundamentals
        • Introduction to Services
        • Setting up a Service
        • Scheduling a Service
      • Integration Fundamentals
        • The web request action node
        • Fetch data from an endpoint
        • Map data to a data source
        • Modify the response
        • Nested data mapping
        • Path parameters
        • Authentication
        • Send data to an endpoint
        • Quiz
      • User handling and permissions
        • Users and roles
        • Permissions
        • Creating users
        • Extending the User object class
        • Updating and deleting users
        • Unauthenticated access
        • Quiz
    • Appfarm Professional
      • User Interfaces
        • Featured UI Components
        • Concepts and Use Cases
      • Data Structures & Data Handling
        • Data Features
        • Search & Filters
        • Featured Action Nodes
        • GraphQL
      • Logic & Flow
        • Logical Concepts
        • Date and Time Handling
        • Featured Action Nodes
        • Exception Handling
      • Login & Configuration
        • Login and Authentication
        • Settings, Configuration and Languages
      • Security & Operations
        • Security and Permissions
        • Deployment
        • Schedules and Logs
        • Debugging and App Health
      • Performance & Optimization
        • Optimizing Performance
        • Enhancing Functionality
    • Appfarm Sales Representative
    • Appfarm Developer Forum
      • Session 1: Data Modeling in Appfarm Create
      • Session 2: App Data in Appfarm Create
      • Session 3: Services in Appfarm Create
      • Session 4: Optimizing Performance
    • Background
      • Databases
        • Data modeling 101
        • Database normalization
  • Library
    • UI components
      • Advanced bar chart
      • Advanced bubble chart
      • Advanced combined chart
      • Advanced gantt chart
      • Advanced heatmap chart
      • Advanced line/area chart
      • Advanced pie chart
      • Advanced scatter plot chart
      • Advanced solid gauge chart
      • Animated component
      • Avatar
      • Avatar group
      • Basic bar chart
      • Basic gauge chart
      • Basic line chart
      • Basic pie chart
      • Bottom navigation
      • Button
      • Checkbox
      • Chip group
      • Circular progress
      • Coded component
      • Container
      • Date & time picker
      • Drawable canvas
      • Floating action button
      • Icon
      • Icon button
      • Iframe
      • Image
      • Linear progress
      • List
      • Map
      • Menu list
      • Multi select
      • PDF reader
      • Popover
      • Radio buttons
      • Rich text editor
      • Rich text
      • Select
      • Slider
      • Speed dial
      • Switch
      • Table
      • Tabs
      • Text
      • Text edit
      • View container
      • Visibility group
    • Action nodes
      • Aggregate data
      • Advanced search
      • Auth operations
      • Block
      • Catch exception
      • Copy to clipboard
      • Create file archive
      • Create file object
      • Create object
      • Create user account
      • Delete objects
      • Delete user account
      • Duplicate objects
      • End execution
      • Exit block
      • Exit loop
      • Export data
      • Foreach
      • Generate document
      • If
      • Import data
      • Invalidate cache
      • Log in
      • Log to console
      • Log out
      • Next iteration
      • Navigate
      • Open/close popover
      • Open confirm dialog
      • Open print dialog
      • Open snackbar
      • Open Unsplash dialog
      • Open URL
      • Persist objects
      • Push notifications
      • Read objects
      • Request permissions
      • Run code
      • Run other action
      • Run service
      • Scan barcode/QR code
      • Send email
      • Send SMS
      • Set client language
      • Set data source attributes
      • Set selection
      • Set theme
      • Set user account image
      • Show install app prompt
      • Sleep
      • Sort objects
      • Throw exception
      • Toggle drawer
      • Update object
      • Update secret
      • Update user account
      • Web request
      • While
  • Reference
    • Appfarm Create
      • Appfarm Commander
      • Blue dots
      • Copy & Paste
      • Farmer's Market
      • Find references
      • Find usage
      • Keyboard shortcuts
      • Undo/Redo
      • User preferences
    • Platform concepts
      • Conditions
      • Data bindings
      • Date and time
      • Event handlers
      • Filters
      • Functions
      • Markdown
      • Objects
      • Operators
      • Value processor
    • Dashboard
    • Apps
      • UI
        • Views
          • Dialog
          • Drawer
        • Layout designer
        • Component properties
        • Shareable UI components
      • Data
        • App variables
        • Data sources
        • Calendar data sources
      • Actions
      • App settings
      • App size
      • App health
    • Services
      • Service Endpoints
      • Service settings
      • Service health
      • API explorer
    • Data model
      • Object classes
      • Object class properties
      • Enumerated types
      • GraphQL
        • Queries
        • Mutations
      • Data Extract API
      • Time series data
    • Operations
      • Deploy
      • Schedules
      • Logs
    • Resources
      • Themes
      • Files
      • Fonts
      • Internationalization
    • Configuration
      • Environments
      • Login
        • Custom auth providers
    • Security
      • Users
      • Service accounts
      • Roles
      • Secrets
      • Permissions
        • Conditional Permissions
    • Appfarm Client
      • Developer tools for Apps
      • Developer tools for Services
      • Warnings and errors
  • How to
    • Data modeling
      • Many-to-many relationships
      • Use naming conventions
      • Offline data handling
      • Data silos and White labelling
    • User interface
      • Manage a many-to-many relationship with a Chip group
      • Configure drag and drop
      • Build a drag-and-drop calendar
      • Design a responsive layout
      • Work with flexbox
      • Use Mapbox as a map layer
      • Understand charts
    • Logic and flow
      • Event Log Design
      • Configure advanced search
    • Themes and styling
      • Change the active theme
      • Add custom email templates
    • Enhance your app
      • Add deep links
      • Add keyboard shortcuts
      • Add link previews for social media
      • Apply SEO best practices
      • Change the active language
      • Generate a PDF from a Container
    • Integrations
      • Integrate with external systems
      • Integrate with OpenAI
      • Integrate with Google Analytics (GA4)
      • Configure a custom email account
      • Integrate with a payment provider
      • Integrate with Signicat
      • Integrate directly with an external database
      • Retrieve a Bearer token from Google Cloud
      • Fetch data from BigQuery
      • Retrieve access token from Microsoft Entra ID
    • Workflow automation
      • Update an OAuth 2.0 access token from a service
    • Authentication and access control
      • Add users and assign roles
      • Configure unauthenticated access
      • Implement third-party authentication
    • Security, testing and deployment
      • Add a custom domain
      • Install an app on a device
      • Get ready for Production
      • Optimize performance
      • Security checklist
      • Test and debug
    • Example apps
      • Create an Instagram clone
        • The end result
        • Designing the feed
        • Create new post
        • Add a like-button
        • Add comment-functionality
  • Solution administration
    • Subscription and billing
    • Dedicated tier benefits
    • Guide to GDPR
      • Key principles
      • How Appfarm protects personal data
      • How you can protect your clients’ data
      • Glossary
    • Appfarm and the EU AI Act
  • Policies
    • Appfarm Policies
    • Data Processors
    • Privacy Policy
Powered by GitBook
On this page
  • How Appfarm evaluates a User in the client (Apps)
  • Adding Users for access to Create
  • Adding Users from your Apps (with access to the client)
  • Updating Users from your Apps
  • Removing Users from your Apps
  • Enable User Account Manipulation setting in Environment Config
  • Enable which Role may update or create user accounts
  • Handling Service Accounts

Was this helpful?

Export as PDF
  1. How to
  2. Authentication and access control

Add users and assign roles

PreviousAuthentication and access controlNextConfigure unauthenticated access

Last updated 1 year ago

Was this helpful?

This section covers adding and updating Users and providing them with the correct Roles.

In important note on Users in Appfarm, is that one User (with an unique email as login) may exist only once inside a solution. The build-in Users database is shared across environments. Therefore, providing a User with correct Roles, and restricting access to various environments by Roles is important.

Users and Roles is also covered by a series of videos in the of the Appcademy Fundamentals learning path.

How Appfarm evaluates a User in the client (Apps)

When logging into the client (https://YOUR-HOST-NAME), you meet the login screen (unless you have a direct link to an App with Public Access). Upon login, if authentication succeeds, your User's Roles are evaluated.

First off, Appfarm evaluates if your (user's) Role(s) have access to log in the the Environment you are trying to access. The configuration of login access vs environments is configured from Permissions > Login.

If your Role(s) have access to more than 1 App, a splash screen for App selection will be presented. If only 1 App is available to you, you will be redirected to it automatically.

When accessing the App, all App Data is read. But only data of those Object Classes allowed to read for your Role(s), as defined in Permissions > Object Classes. When using the App, updates, create and delete of App Data will only be allowed if your Role(s) have those Permissions. In other words, you may have access to Read data of an Object Class, but not Update it.

When setting up logic in your App, you may access the properties of the logged-in user from the built-in Data Source (found in App Data) called Current User. When logging into an App, the Current User is you.

Adding Users for access to Create

Users may be manually added from the menu Users. Providing a User with one of the built-in roles Owners, Maintainers or Developers will give them access to Create. Owners have full access inside Create, being able to add other Owners as well. You may view the settings for access within Create from the menu Permissions > Advanced. If you are to add a User with a custom access to Create, you need to add a Custom Role for this, and adjust the Create access from the Advanced Permissions section.

Adding Users from your Apps (with access to the client)

Obviously, you could create a Custom Role with access to your Apps, and add these User manually from Create.

However, most solutions need an App with functionality for adding or removing Users.

The built-in User object may not be extended with additional properties. In most cases, you would need to create a Person Object Class. This Object Class should at least have a property User with data type User, and may have other properties, such as Company or Department, or Privacy policy accepted. Note: The built-in User object will soon be possible to enrich with custom properties as well, but for now you need a dedicated Object Class for this purpose.

Adding a new User to your App, would in the above example, require some UI to Create a new Person. For example, a dialog for entering First Name, Last Name and Login (email). Clicking the SAVE button should create a new User (action node Create User Account)

  • We have runtime properties on the Person object for holding First Name, Last Name and Email temporarily. In our example, these properties should only be saved on the User object. You might save these properties to the Person object as well (adding these 3 properties as Object Class Properties of the Person Object Class)

  • These properties are copied down to the User object created using Data Bindings

  • We assign a Role App Users in the Role Memberships setting

  • Accept Existing User is ticked. This means, if the User object is already created (e.g. added manually in Create or added from Dev or Test environments), the User object will just be read and updated with the correct Role (defined by the setting Add Roles being ticked).

  • Add to Data Source: We have a runtime-only Data Source (cardinality One) for the purpose of holding the User object just created (or read, if already existing). We need this for updating the reference Person.User to point towards this User object in the next step.

Once this action node has succeeded, the User just created exists in the User database with correct permissions.

The Person object is not yet saved. This Action Node (Create Object) creates the Person object, with reference to the User object just created. The next Action Node Persist saves the Person object to the database.

Updating Users from your Apps

Updating Users from your Apps is explained following the same example as above.

Note that Updating a User's Email property must be done by removing the User object (Delete User Account) and Create a new user account using Create User Account.

You could reuse your UI for creating a Person. Edit a Person is typically done from a Table listing all Persons. Before opening the dialog for editing, just read the object in context into the Person (temp) Data Source! And if properties First Name and Last Name are not stored on the Person Object Class, just update these 2 runtime-only properties on the Person (temp) Data Source (from Person (temp).User.First Name, Person (temp).User.Last Name) before opening the dialog as well.

The SAVE button could trigger an action as follows:

Executing this action will update for First Name and Last Name of the User.

Removing Users from your Apps

If you do not want to permanently Delete the User, you could instead perform an Update User Account, and remove all permissions. This may be done by applying all roles in the Remove Roles setting of the Update User Account action node (see screenshot for Update User Account above).

Enable User Account Manipulation setting in Environment Config

Each environment has a global setting found in Environment Config > ENVIRONMENT. By default, user manipulation from Apps is only enabled for Production environment. When testing your functionality for adding or updating Users from either Develop, Test og Staging environment, you need to tick the checkboxes found in Environment Config > ENVIRONMENT, as illustrated below.

Enable which Role may update or create user accounts

From the menu Permissions > ACCOUNTS AND ROLES, you need to define which Roles are allowed to Create, Update or Delete User Accounts. This setup applies to user manipulation from the Client only, not from Create.

Handling Service Accounts

Service Accounts are users without a username and password. Service Accounts are added manually from Create - no action node exists for adding them from Apps.

Service Accounts are members of one or more Roles, similar to Users. They follow the same principles with regard to Permissions. But the normal use case for Service Accounts is that they are member of a dedicated Role, and this Role has access to one or more Services.

Optionally, you may tick the Send Welcome Mail. A default welcome mail will be sent to the User. The Welcome Mail content may have overrides defined from the menu Environment Config (see ). Or you could just create your own welcome email using the Send Email action node.

Action Node Delete User Account allows you to delete a user. But note that doing this from Development or Test environment, for a User that is using the Production, will delete the User for good - leaving the User without possibility to access the Production environment anymore. Therefore, a good policy is to disable Delete User globally for Dev and Test environment (defined in the User Account Manipulation setting of , also explained below).

See for more info on handling Service Accounts.

User handling and permissions module
this section
Environment Config
this section
Setting to allow User Account Manipulation, to be turned ON