Appearance
Users
Person entities represent user accounts in Entu. Each person can authenticate and is referenced throughout the system for rights assignment and ownership tracking.
Adding Users
- Create a new entity of type Person
- Enter the person's email address in the
entu_userfield - Click Send Invitation — the user receives a link to complete sign-in
User Rights
By default, a newly created person entity has no specific rights. They can only access entities shared at the domain level or rights inherited from a parent entity. To grant additional access, reference the person in the appropriate rights property on the relevant entities:
| Property | Access |
|---|---|
_owner | Full control |
_editor | View and edit (not rights properties) |
_expander | View and create children |
_viewer | Read-only |
_noaccess | Explicitly blocked, overrides inherited rights |
Automatic User Creation
If you want to allow access to all users who authenticate via OAuth, Entu can automatically create a person entity for them on first login — no manual setup required.
WARNING
Auto-created users are regular users. They will have access to all entities and properties that use domain sharing. Make sure your sharing settings are intentional before enabling this.
Access Control
Because the new person entity has _inheritrights: true and is parented under the add_user target, it automatically inherits whatever rights are set on that parent. Grant rights to the parent container once — all auto-created users inherit them.
To restrict a specific user after auto-creation, add _noaccess directly on their person entity. Explicit rights on the child always override inherited ones.
See Entities → Access Rights for more.
Requirements
All of the following must be true for auto-creation to trigger:
- The
databaseentity has anadd_userproperty referencing the parent entity where new person entities will be created (e.g. a "Users" folder) - A person entity type definition exists in the database (
_type: entity,name: person) - The authentication request includes the
dbquery parameter - No existing person entity already has
entu_usermatching the OAuth email