Managing Users and Access Control
Set up user accounts, control who can access your documentation projects, and keep credentials secure by managing roles, project-level permissions, and API key rotation.
Prerequisites
- A running docsfy server (see Getting Started with docsfy)
- The
ADMIN_KEYenvironment variable set on the server (at least 16 characters) - Admin access — either via the
ADMIN_KEYor a user account with theadminrole
Quick Example
Create a user with the CLI in one command:
docsfy admin users create alice --role user
Output:
User created: alice
Role: user
API Key: docsfy_aBcDeFgHiJkLmNoPqRsTuVwXyZ...
Save this API key -- it will not be shown again.
Understanding Roles
docsfy has three roles with different permission levels:
| Role | Generate docs | View docs | Manage users | Manage access |
|---|---|---|---|---|
| admin | ✅ | ✅ | ✅ | ✅ |
| user | ✅ | ✅ | ❌ | ❌ |
| viewer | ❌ | ✅ | ❌ | ❌ |
- admin — Full access including creating/deleting users, granting project access, and rotating API keys.
- user — Can generate, view, delete, and download documentation for their own projects. Cannot perform admin operations.
- viewer — Read-only access. Can browse documentation shared with them but cannot generate or modify anything.
Creating Users
From the Web Dashboard
- Log in as an admin.
- Navigate to the Users tab in the admin panel.
- Enter a username, select a role from the dropdown, and click Create User.
- Copy the generated API key immediately — it is shown only once.
From the CLI
docsfy admin users create bob --role viewer
The --role flag accepts user, viewer, or admin. If omitted, it defaults to user.
Warning: The API key is displayed only once at creation time. Store it securely — there is no way to retrieve it later. If lost, you must rotate the key.
Username Rules
- Must be 2–50 characters long
- Must start with a letter or number
- May contain letters, numbers, dots (
.), hyphens (-), and underscores (_) - The username
adminis reserved and cannot be used
Listing Users
CLI
docsfy admin users list
USERNAME ROLE CREATED
alice user 2026-06-01 10:30:00
bob viewer 2026-06-02 14:15:00
carol admin 2026-06-03 09:00:00
Add --json for machine-readable output:
docsfy admin users list --json
Web Dashboard
The Users tab shows all users in a table with their username, role, and creation date.
Granting Project Access
By default, each user can only see projects they own. Admins can share a project with other users by granting access.
From the Web Dashboard
- Go to the Access tab in the admin panel.
- Fill in the Project Name, Username, and Owner fields.
- Click Grant Access.
From the CLI
docsfy admin access grant my-repo --username bob --owner alice
This gives bob read access to all variants (branches, providers, models) of the project my-repo owned by alice.
Note: Both the user and the project must already exist. The grant command validates this and returns an error if either is not found.
Revoking Project Access
From the Web Dashboard
- Go to the Access tab.
- Under Lookup Access, enter the project name and owner, then click List Access.
- Click Revoke next to the user you want to remove.
From the CLI
docsfy admin access revoke my-repo --username bob --owner alice
Listing Project Access
See who has access to a specific project:
docsfy admin access list my-repo --owner alice
Project: my-repo
Owner: alice
Users with access: bob, carol
Add --json for machine-readable output.
Rotating API Keys
If a key is compromised or a user loses their credentials, rotate their API key. This immediately invalidates the old key and all active sessions for that user.
Admin Rotating Another User's Key
CLI:
docsfy admin users rotate-key bob
User: bob
New API Key: docsfy_xYzAbCdEfGhIjKlMnOpQrStUvWxYz...
Save this API key -- it will not be shown again.
Web dashboard: Click Change Password next to the user in the Users tab. You can optionally provide a custom key or leave the field empty to auto-generate one.
Users Rotating Their Own Key
Non-admin users can rotate their own key through the API. This clears their current session — they must log in again with the new key.
Warning: The built-in
adminaccount (authenticated viaADMIN_KEY) cannot rotate keys through the API. Change theADMIN_KEYenvironment variable and restart the server instead.
Custom API Keys
You can supply a custom key instead of auto-generating one:
docsfy admin users rotate-key bob --new-key "my-custom-secure-key-here"
Custom keys must be at least 16 characters long.
Deleting Users
From the CLI
docsfy admin users delete carol
You will be prompted for confirmation. Add --yes to skip:
docsfy admin users delete carol --yes
From the Web Dashboard
Click Delete next to the user in the Users tab and confirm the action.
What Happens When a User Is Deleted
- All active sessions for the user are invalidated immediately
- All projects owned by the user are deleted from the database
- All project files on disk belonging to the user are removed
- All access grants (both granted to and granted by the user) are cleaned up
- A user cannot be deleted while one of their projects has a generation in progress
Warning: User deletion is permanent and cannot be undone. All of their projects and generated documentation will be lost.
The Admin Account
docsfy has a special built-in admin identity that authenticates with the ADMIN_KEY environment variable:
- Username:
admin - Credentials: The value of the
ADMIN_KEYenvironment variable - This account always has full admin privileges
- It cannot be deleted or have its key rotated through the API — change the
ADMIN_KEYenv var and restart the server
You can also create additional users with the admin role. These behave identically to the built-in admin for authorization purposes, but their keys are managed through the normal user management workflow.
Warning: Changing the
ADMIN_KEYenvironment variable invalidates all existing user API key hashes (sinceADMIN_KEYis used as the HMAC secret for key hashing). After rotatingADMIN_KEY, you must rotate every user's API key as well.
Advanced Usage
Sessions and Timeouts
- Browser sessions last 8 hours and are stored as HTTP-only cookies
- Rotating a user's API key invalidates all their active sessions
- Expired sessions are cleaned up automatically when the server starts
Connecting the CLI to a Server
Before running admin commands, configure the CLI with a server profile:
docsfy config init
You'll be prompted for a profile name, server URL, username, and password (API key). See Using the CLI for complete setup instructions.
You can also pass credentials directly:
docsfy --host myserver.example.com --username admin --password $ADMIN_KEY admin users list
JSON Output
All CLI admin commands support --json for scripting:
docsfy admin users create ci-bot --role user --json
{
"username": "ci-bot",
"api_key": "docsfy_aBcDeFgHiJkLmNoPqRsTuVwXyZ...",
"role": "user"
}
Access Control Model
docsfy uses an ownership-based access model:
- Every project is owned by the user who generated it
- Owners always have full access to their own projects
- Admins can see and manage all projects regardless of ownership
- Access grants are scoped by project name + project owner — granting access gives the user visibility into all variants (branches, AI providers, models) of that project
- When all variants of a project are deleted, associated access grants are automatically cleaned up
Troubleshooting
"Username 'admin' is reserved" — You cannot create a user with the username admin. Choose a different name and assign the admin role instead.
"Cannot delete your own account" — An admin cannot delete the account they are currently logged in with. Have another admin delete it, or use a different admin account.
"Cannot delete user while generation is in progress" — Wait for any active documentation generation jobs owned by that user to complete, or abort them first. See Managing Projects and Variants for how to abort a generation.
"ADMIN_KEY users cannot rotate keys" — If you are logged in using the ADMIN_KEY environment variable (as the built-in admin account), you cannot rotate your key through the API. Update the ADMIN_KEY environment variable on the server and restart it.
"API key must be at least 16 characters long" — Custom API keys provided via --new-key must be at least 16 characters. Use a longer key or omit the flag to auto-generate one.