Browse docs
--- title: "Users" description: "Create dashboard users, assign roles, and automate identity lifecycle events." icon: "user-round" ---
Overview
Enterprise identity adds dashboard users for administrative access. Users are separate from managed API keys: users sign in to operate the dashboard, while managed keys authenticate applications calling the gateway.
Users have an email, display name, status, timestamps, and assigned role IDs. Role assignments determine which admin resources they can access when RBAC is enabled.
Manual management
Use the dashboard at Identity -> Users to create users, edit display names and status, assign roles, and delete users.
Create roles before assigning them to users. See Roles.
Server API automation
For endpoint reference see the Admin API section.
Create a user:
curl -X POST http://your-aurora-host/admin/api/v1/identity/users \
-H "Authorization: Bearer $AURORA_MASTER_KEY" \
-H "Content-Type: application/json" \
-d '{
"email": "operator@your-company.test",
"display_name": "Operator",
"password": "<initial password>"
}'Assign a role:
curl -X POST http://your-aurora-host/admin/api/v1/identity/users/<user-id>/roles \
-H "Authorization: Bearer $AURORA_MASTER_KEY" \
-H "Content-Type: application/json" \
-d '{"role_id": "<role-id>"}'Use your identity provider and OIDC where possible for production sign-in. Use local password users for bootstrap, break-glass, or deployments that intentionally do not use SSO.