To start managing people, first go to the Admin panel by clicking on the gear icon in the bottom of the navigation sidebar and selecting Admin settings.
In the Admin panel, select the People tab from the menu bar at the top of the screen. You’ll see a list of all the people in your organization.
To add a new person, click Add person in the upper right corner. You’ll be prompted to enter their name and email address.
If you’ve already configured Metabase to use email, Metabase will send the new user an invite email. Otherwise, it’ll give you a temporary password that you’ll have to send to the person you’re inviting by hand.
To deactivate someone’s account, click on the three dots icon on the right of a person’s row and select Deactivate from the dropdown. Deactivating an account will mark it as inactive and prevent the user from logging in - but it won’t delete that person’s saved questions or dashboards.
To reactivate a deactivated account, click the Deactivated radio button at the top of the people list to see the list of deactivated accounts. Click on the icon on the far right to reactivate that account, allowing them to log in to Metabase again.
Metabase doesn’t explicitly support account deletion. Instead, Metabase deactivates accounts so people can’t log in to them, while it preserves any questions, models, dashboards, and other items created by those accounts.
If you want to delete an account because the account information was set up incorrectly, you can deactivate the old account and create a new one instead.
You can edit someone’s name and email address by clicking the three dots icon and choosing Edit Details. Note: be careful when changing someone’s email address, because this will change the address they’ll use to log in to Metabase.
Search for a person and look for an icon beside their name.
Note that the type of user is set when the account is first created: if you create a user in Metabase, but that person then logs in via Google or some other form of SSO, the latter’s icon will not show up next to their name.
If you’ve already configured your email settings, people can reset their passwords using the “forgot password” link on the login screen. If you haven’t yet configured your email settings, they will see a message telling them to ask an admin to reset their password for them.
To reset a password for someone, just click the three dots icon next to their account and choose Reset Password. If you haven’t configured your email settings yet, you’ll be given a temporary password that you’ll have to share with that person. Otherwise, they’ll receive a password reset email.
If you’re using Metabase Cloud, contact support to reset your admin password.
If you’re a Metabase admin and have access to the server console, you can get Metabase to send you a password reset token:
reset-password firstname.lastname@example.org, where “email@example.com” is the email associated with the admin account:
java -jar metabase.jar reset-password firstname.lastname@example.org
Metabase will print out a random token like this:
... Resetting password for email@example.com... OK [[[1_7db2b600-d538-4aeb-b4f7-0cf5b1970d89]]]
/auth/reset_password/:token, where “:token” is the token that was generated from the step above. The full URL should look something like this:
This action will delete any dashboard subscriptions or alerts the person has created, and remove them as a recipient from any other subscriptions or alerts.
This action doesn’t affect email distribution lists that are managed outside of Metabase.
To determine who has access to what, you’ll need to
To view and manage your groups, go to the Admin Panel > People tab, and then click on Groups from the side menu.
Every Metabase has two default groups: Administrators and All Users. These are special groups that can’t be removed.
To make someone an admin of Metabase, you just need to add them to the Administrators group. Metabase admins can log into the Admin Panel and make changes there, and they always have unrestricted access to all data that you have in your Metabase instance. So be careful who you add to the Administrator group!
The All Users group is another special one. Every Metabase user is always a member of this group, though they can also be a member of as many other groups as you want. We recommend using the All Users group as a way to set default access levels for new Metabase users. If you have Google single sign-on enabled, new users who join that way will be automatically added to the All Users group.
It’s important that your All Users group should never have greater access for an item than a group for which you’re trying to restrict access — otherwise the more permissive setting will win out. See Setting permissions.
To create a group, go to Admin settings > People > Groups, and click the Add a group button.
We recommend creating groups that correspond to the teams your company or organization has, such as Human Resources, Engineering, Finance, and so on. By default, newly created groups don’t have access to anything.
Click into a group and then click
Add members to add people to that group. Click on the X on the right side of a group member to remove them from that group. You can also add or remove people from groups from the People list using the dropdown in the Groups column.
To remove a group, click the X icon to the right of a group in the list to remove it (remember, you can’t remove the special default groups).
Adding people to groups allows you to assign
To add someone to one or more groups, just click the Groups dropdown and click the checkboxes next to the group(s) you want to add the person to. You can also add people from the group’s page.
This feature is only available on Pro and Enterprise plans (both self-hosted and on Metabase Cloud).
Group managers can manage other people within their group.
Group managers can:
Group managers are not admins, so their powers are limited. They cannot create new groups or invite new people to your Metabase.
To promote someone to become a group manager:
For guidance on which groups you should create for your Metabase, check out Permissions strategies.