Learn about Users managed by Nhost Auth
Users are created using the sign-up or sign-in flows described under Supported Methods.
auth.users
table.auth
schema.You’re allowed to:
users
table and other tables in the auth
schema.users
table and other tables in the auth
schema.Each user has one default role and a list of allowed roles. These roles are used to resolve permissions for requests to GraphQL and Storage.
When the user makes a request, only one role is used to resolve permissions. The default role is used if no role is explicitly specified. Users can only make requests using the default role or one of the allowed roles.
The default role is used when no role is specified in the request. By default, users’ default role is user
.
You can change what the default role for new users should be at Settings -> Roles and Permissions.
Allowed roles are roles the user is allowed to use when making a request. Usually, you would change the role from user
(the default role) to some other role because you want to use a different role to resolve permissions for a particular request.
By default, users have two allowed roles:
user
(default)me
You can change the default role for new users at Settings -> Roles and Permissions.
It’s possible to give users a subset of allowed roles during signup.
Example: Only set the user
role (exclude the me
role) for the user’s allowed roles:
When no role is specified, the user’s default role will be used:
If you want to make a GraphQL request using a specific role, you can do so by using the x-hasura-role
header, like this:
If the request is not part of the user’s allowed roles, the request will fail.
You can store custom information about the user in the metadata
column of the users
table. The metadata
column is of type JSONB so any JSON data can be stored.
Example: Add metadata to a user during sign-up:
Example: Get all users.
Example: Get a single user.
If you have users in a different system, you can import them into Nhost. When importing users you should insert the users directly into the database instead of using the authentication endpoints (/signup/email-password
) to avoid sending unnecessary transactional emails.
Make a GraphQL request to insert a user like this:
Connect directly to the database and insert a user like this:
Passwords are hashed using bcrypt.
Learn about Users managed by Nhost Auth
Users are created using the sign-up or sign-in flows described under Supported Methods.
auth.users
table.auth
schema.You’re allowed to:
users
table and other tables in the auth
schema.users
table and other tables in the auth
schema.Each user has one default role and a list of allowed roles. These roles are used to resolve permissions for requests to GraphQL and Storage.
When the user makes a request, only one role is used to resolve permissions. The default role is used if no role is explicitly specified. Users can only make requests using the default role or one of the allowed roles.
The default role is used when no role is specified in the request. By default, users’ default role is user
.
You can change what the default role for new users should be at Settings -> Roles and Permissions.
Allowed roles are roles the user is allowed to use when making a request. Usually, you would change the role from user
(the default role) to some other role because you want to use a different role to resolve permissions for a particular request.
By default, users have two allowed roles:
user
(default)me
You can change the default role for new users at Settings -> Roles and Permissions.
It’s possible to give users a subset of allowed roles during signup.
Example: Only set the user
role (exclude the me
role) for the user’s allowed roles:
When no role is specified, the user’s default role will be used:
If you want to make a GraphQL request using a specific role, you can do so by using the x-hasura-role
header, like this:
If the request is not part of the user’s allowed roles, the request will fail.
You can store custom information about the user in the metadata
column of the users
table. The metadata
column is of type JSONB so any JSON data can be stored.
Example: Add metadata to a user during sign-up:
Example: Get all users.
Example: Get a single user.
If you have users in a different system, you can import them into Nhost. When importing users you should insert the users directly into the database instead of using the authentication endpoints (/signup/email-password
) to avoid sending unnecessary transactional emails.
Make a GraphQL request to insert a user like this:
Connect directly to the database and insert a user like this:
Passwords are hashed using bcrypt.