Types of users

Last update: September 08 2025

User types are used to access resources and account settings:

• Account owner — the main user, created automatically when registering an account;
• users — are invited by the Account Owner and have limited access to the control panel;
• service users — are added by the Account Owner, used for program access and API access. They do not have access to the control panel.

User and service user access is determined by the permissions assigned to them.

For more information about authenticating different types of users in the API, see the API Documentation API Request Authentication instructions.

Account owner

The primary user who registered the account.Has access to all products, services, resources and settings in the account.

The account owner has exclusive permissions that cannot be assigned to other users:

• account deletion;
• change of company details;
• audit-log review;
• view the authorization log of all users.

You cannot assign another user as Account Owner or change their permissions, you can only change their profile information.

Users

Have access to the control panel, they are invited to the account by the Account Owner or a user with the role of iam_admin.

The degree of access is determined by the permissions assigned to it.

Users can authenticate to the control panel in two ways:

• by e-mail and a password created in the control panel. They undergo two-step authentication via email and phone number, and can issue themselves a static token (X-Token) for full access to Selectel's API products;
• by SSO on the credential provider side if they belong to one of the federations. They do not go through two-step authentication. Users are added already registered — they only need to enter their full name at the first login. Email is mandatory for them. They do not have access to the API.

Service users

User with an account for program access and access via Selectel product APIs and other automation tools.Does not have access to the control panel, only a username and password.

The degree of access is determined by the permissions assigned to it.

Account owner or users with the role iam_admin can add service users and issue them access keys — SSH-, S3- andADB-keys.