User management in Agora¶

Agora provides user management and access control.

Users exist only for authorization; Agora does not store or process personal data about individuals.

User management lives in the security area of the admin UI. The current UI offers an account list, per-user card, password change, lockout status, and links to related security data.

Bootstrap administrator¶

On the server run:

./create-account -u USERNAME -p PASSWORD

User list¶

On the user list an administrator can:

• view all accounts;
• create accounts;
• see login and role;
• see last login time;
• change password inline;
• open a user card;
• lock a user.

Locked accounts are indicated in the row.

Change password from the list¶

To change a password quickly:

1. Find the user in the list.
2. Enter the new password in New password.
3. Confirm with the button at the field or press Enter.

On success the UI shows a confirmation.

Lock from the list¶

Locking a user immediately terminates all active sessions.

Unlock on the account page.

User card¶

From the list, open a user card. There you see:

• account_id;
• login;
• external_account_id to link the account to an external system;
• account creation time;
• last modification time;
• last login time;
• lock time if locked;
• current open sessions and past closed ones.

The card also lets you:

• change the password;
• lock the user;
• unlock the user;
• return to the account list.

If password fields changed, the UI warns on navigate-away.

Change password in the user card¶

To change password in the card:

1. Open the account page.
2. Enter the new password.
3. Confirm the change.

Errors appear under the password field.

Locking a user¶

As in the list, the card provides lock with a confirmation dialog.

Locking immediately ends all open sessions for that user.

Related security features¶

User management ties to other security areas:

• the audit log shows user actions;
• sessions lists open and closed sessions;
• open sessions can be force-ended via logout.

User-related actions should appear in the audit log for later review and incident response.

Even if user lock APIs are incomplete, security staff can still monitor accounts and end sessions when needed.

Role model¶

Agora defines several roles:

• administrator — manages streamers, devices, and external settings;
• content manager — manages streams and VOD assets;
• observer — can view monitoring but cannot edit streams or settings;
• security — can read the audit log and lock users or sessions when needed.

This model separates admin, content, and security duties. Detailed permissions per role will be documented on dedicated security pages.