Users (as well as permissions and roles) are used to control access to a web application resources. You can manage them (create, edit, and delete) from the backend using the Audience/Users section:


Each user has name:


Also, on the Roles tab you can assign the roles to a user:


As user itself only has a name, he doesn’t store any information about how he signs in. This information is stored using the Credential objects. Each user can have different credentials, and each credential has its type (it can be email and password, Facebook account, Microsoft account and so on). When user signs in, Platformus checks if there is a credential with the given type, identifier, and secret exists. If the credential is found, corresponding user is signed in.

The credential list looks like this:


Each credential has type, identifier, and secret:


Credential type

As a developer, you can create your own credential types which depend on the sign in methods your application supports.


Secret is optional and can be used to store any additional information. For example, it stores passwords (as hashes) for the email and password credential type. If you need to change the password, just type it into this field. Don’t forget to set the Apply PBKDF2 hashing to secret checkbox to apply hashing, otherwise your password will be saved as plain text and signing in won’t work (as it compares hashes).