Users are the most fundamental building block for creating a hierarchy of access among your organization.
You will need to provide a username and password for each user, but all other fields are optional or can be left as the default. Remember that if you ever forget what a setting or user input is, you can hover over the help icon and a tooltip will appear with a description of the setting.
Below is a description of each basic user setting. See Advanced User Settings for a list of more advanced user options.
|Username||This is the username that the user will use to log in via the web interface, desktop app, or FTP client. Usernames are limited to 50 characters. You may choose to use an email address as the username to ensure uniqueness.|
|Authentication method||This is the authentication method that this user can use to log in to their account. The default method is ‘Password/Public key’. Other available methods are ‘Active Directory or LDAP’ (if LDAP synchronization is enabled on your site) and ‘Google OAuth’ (if Google user authentication is enabled on your site).|
|Password||This is the password this user will use when logging in to the web interface, desktop app, or FTP client.|
|Password expiration||Default is to use your site-wide setting, or choose This user must change their password and enter an integer to define the change interval in days. This user will then be required to change their password on every cycle of the change interval.|
|Require password change on first login?||If enabled, this user will be required to change their password when they log in. The user will also be prevented from accessing FTP/SFTP/WebDAV until their password is changed.|
|Email address||Providing the user’s email address allows us to contact them via email with important account information. This may include forgotten password recovery and notifications for file uploads.|
|Full name||This setting is optional and is for your records only.|
|Groups||Choose the Groups that this user will belong to.|
|Enable admin access||Enable to make this user a site-wide administrator. See Adding Administrators for more information.|
|Folder permissions||Grant permissions on the folders you want this user to have access to. See Permissions for more information.|
|Share Link permission||This setting controls whether the user is able to use the sharing features to generate Share Links.|
|Shared/bot user?||Users flagged as a bot or a shared user are not able to change their own password, email address or time zone, and are exempted from 2FA requirements (if any).|
|Notes||Here you can enter notes that are for your records only.|
Administrators can save time when creating a new user by cloning an existing user. This speeds up the user creation process by prepopulating most of the user’s settings from the user being cloned, including group membership and permissions.
To clone a user, click the Clone button in the rightmost column of the user list.
You will then be presented with the New User form with the cloned user’s settings prepopulated.
To delete a user, simply click the delete button in the rightmost column of the user list. The user will immediately be deleted, and they will no longer be able to log in to your site.
You can make any user an administrator by setting Enable admin access to ‘Yes’. You may have as many administrators as you wish. Keep in mind that administrators will have the same level of access that you have, including Read/Write/Delete access on all folders, and the ability to create and manage users.
Advanced User Settings
All times in the web interface will be displayed in this time zone for the user.
FTP/SFTP client root folder
The user will see this folder as the ‘home’ or root’ when logging in via an FTP/SFTP client. The user will not be able to see folders which are parents of this one, even if they have permissions there. This setting only affects FTP/SFTP clients, NOT the web interface, and you still need to give the user permissions to the folder. This is mainly used for providing compatibility with existing FTP/SFTP deployments.
This setting allows you to limit which IP addresses the user is allowed to connect from. List allowed IPs, one per line. You may specify a range in CIDR format, such as
If you are also using a site-wide IP whitelist, users connecting from an IP address matching in either whitelist will be allowed to log in.
Bypass site IP whitelist
Plain/unencrypted FTP Support
If changed, this setting will override the site-wide default, which can be set at Settings > Security > Plain/unencrypted FTP Support.
Note: Allowing unencrypted connections is dangerous because it will cause passwords and file contents to be transmitted across networks in clear text.
Access expiration date
You can grant the user temporary access to your site by entering a date here. Access for this user will be blocked after this date occurs (midnight of the selected date).
This field uses your current time zone when you set or change it.
Use this setting to control which protocols this user will have access to.
You can selectively allow access to:
- Web, Desktop app, and API
Add SFTP public keys here to allow the user to connect via SFTP without having to type a password. Review the SFTP documentation for more details.