Skip to main content

User types

Last update:

The following user types are used to access resources and account settings:

  • Account owner — the primary user, created automatically when the account is registered;
  • users — invited by the Account owner and have limited access to the Control panel;
  • service users — added by the Account owner, used for programmatic access and API access. They do not have access to the Control panel.

Access for users and service users is determined by permissions that have been assigned to them.

Learn more about authenticating different user types in the API in the API Request Authentication API documentation.

Account owner

The primary user who registered the account. Has access to all products, services, resources, and settings in the account.

The Account owner has exclusive permissions that cannot be assigned to other users:

You cannot designate another user as the Account owner or change their permissions. You can only change their profile details.

Users

They have access to the Control panel and are invited to the account by the Account owner or a user with the iam.admin role.

The level of access is determined by permissions that have been assigned to them.

Users can authenticate in the Control panel in two ways:

  • via email and a password created in the Control panel. They undergo two-step authentication via email, can generate a static token (X-Token) for full access to Selectel product APIs;
  • via SSO on the identity provider side if they belong to one of the federations. They do not undergo two-step authentication. Users are added pre-registered — they only need to enter their full name upon their first sign-in. An email address is mandatory for them. They have no API access.

Service users

A user with an account for programmatic access and access via Selectel product API and other automation tools. Does not have access to the Control panel, only has a username and password.

The level of access is determined by permissions that have been assigned to them.

The Account owner or users with the iam.admin role can add service users and issue access keys for them — SSH, S3, and ADB keys.