Users are the people who access and interact with your Tadabase application. Understanding how users work is fundamental to building secure, multi-user applications. In this article, you'll learn everything about creating, managing, and authenticating users.

In Tadabase, a user is anyone who logs into your published application. Users are stored in a special system table that Tadabase automatically creates for every app. This table contains:

• Email Address - Unique identifier for each user
• Password - Encrypted and securely stored
• Role - Determines what the user can access
• Profile Information - Name, phone, custom fields
• Status - Active, inactive, or pending
• Login History - Track when users access the app

It's important to understand the distinction:

• Users - People who log in to use your app (stored in the Users table)
• Records - Data about anything else (customers, products, orders, etc.)

A user might also be represented as a record. For example, in an HR app, employees are both users (who log in) and records (employee data). You'll often link the Users table to other tables using connection fields.

Tadabase supports multiple types of users:

1. Authenticated Users

Users who must log in to access the application:

• Have login credentials (email and password)
• Are assigned to specific roles
• Have personalized experiences
• Can access protected pages and data
• Their actions are tracked and auditable

2. Public (Anonymous) Users

Visitors who access public pages without logging in:

• No login required
• Can view public pages
• Can submit public forms
• Limited functionality
• No personalization

3. SSO (Single Sign-On) Users

Users who authenticate through external providers:

• Google SSO
• Microsoft/Azure AD
• SAML-based SSO (enterprise plans)
• Simplified login experience
• Centralized identity management

4. API Users

External systems that access your app programmatically:

• Use API keys instead of passwords
• Used for integrations and automations
• Typically not assigned to roles
• Covered in Phase 7 (Integration & APIs)

When you create a Tadabase app, a Users table is automatically created. This is a special system table that manages authentication.

Default User Fields

Every Users table includes these default fields:

Field Name	Type	Description
Email	Email	Unique login identifier (required)
Password	Password	Encrypted password (required)
Role	Role	User's access level (required)
First Name	Text	User's first name (optional)
Last Name	Text	User's last name (optional)
Status	Status	Active, Inactive, or Pending
Last Login	Date/Time	Timestamp of most recent login
Created Date	Date/Time	When the user account was created

Adding Custom User Fields

You can add any fields you need to the Users table:

• Profile Information - Phone number, address, avatar image
• Organizational Data - Department, employee ID, manager
• Preferences - Notification settings, language, timezone
• Custom Attributes - Anything specific to your application
• Connections - Link users to other tables (e.g., Company, Team)

Example: Adding a phone number field

1. Go to Data Builder → Users table
2. Click "Add Field"
3. Select "Phone" field type
4. Name it "Phone Number"
5. Configure any validation rules
6. Save

This field now appears in signup forms, profile pages, and can be used in any component that displays user information.

There are several ways to create users in Tadabase:

Method 1: Manual Creation (Builder)

As a builder, you can manually create users:

1. Go to Data Builder
2. Open the Users table
3. Click "Add Record"
4. Fill in the required fields:
   • Email address
   • Password (or send invitation)
   • Role
   • Any custom fields
5. Set status to "Active"
6. Click "Save"

This method is useful for creating initial admin users or testing different user types.

Method 2: Signup Form (Self-Registration)

Allow users to create their own accounts through a signup form:

1. Create a public page (accessible without login)
2. Add a Signup Component
3. Configure which fields users should complete
4. Select the default role for new signups
5. Optionally require email verification
6. Publish the page

When users submit the signup form, their account is automatically created.

Method 3: User Invitation

Invite users via email:

1. Go to Settings → Users
2. Click "Invite User"
3. Enter the user's email address
4. Select their role
5. Click "Send Invitation"

The user receives an email with a link to set their password and activate their account.

Method 4: Bulk Import

Import multiple users at once:

1. Prepare a CSV file with user data (email, role, etc.)
2. Go to Data Builder → Users table
3. Click "Import"
4. Upload your CSV file
5. Map columns to fields
6. Complete the import

Note: When importing users, you can either:

• Set temporary passwords and require users to reset
• Send invitation emails automatically
• Generate random passwords and send via email

Method 5: API Creation

Create users programmatically via the API:

• Use Tadabase REST API
• Submit POST request to Users endpoint
• Include user details in JSON payload
• Useful for integrations with other systems
• Covered in detail in Phase 7

Authentication is the process of verifying a user's identity. Tadabase provides multiple authentication methods:

Email & Password Login

The standard authentication method:

• Users enter email and password
• Tadabase verifies credentials
• Session is created on successful login
• Users remain logged in until timeout or logout

Password requirements can be configured in Settings:

• Minimum length
• Complexity requirements
• Password expiration
• Password history

Email Verification

Require users to verify their email address:

1. Enable email verification in Settings → Users
2. When users sign up, they receive a verification email
3. They must click the link to activate their account
4. Unverified users cannot log in

This prevents fake accounts and ensures you can communicate with users.

Password Reset

Users can reset forgotten passwords:

1. User clicks "Forgot Password" on login page
2. Enters their email address
3. Receives password reset email
4. Clicks link in email
5. Creates new password
6. Can now log in with new password

Single Sign-On (SSO)

Allow users to log in with existing accounts:

Google SSO

• Enable in Settings → Users → Authentication
• Configure Google OAuth credentials
• Users click "Sign in with Google"
• Authenticate with their Google account
• Automatically creates user record

Microsoft/Azure AD SSO

• Enterprise plan feature
• Integrate with your organization's Azure AD
• Centralized user management
• Automatic provisioning and de-provisioning

SAML SSO

• Enterprise plan feature
• Integrate with any SAML 2.0 identity provider
• Okta, OneLogin, etc.
• Enterprise-grade security

Two-Factor Authentication (2FA)

Add an extra layer of security:

• Available on higher-tier plans
• Users enter password plus verification code
• Code sent via SMS or authenticator app
• Dramatically improves account security
• Can be required or optional

Session Management

Control how long users stay logged in:

• Session Timeout - Auto-logout after inactivity
• Remember Me - Keep users logged in across browser sessions
• Force Logout - Require re-authentication after certain period
• Concurrent Sessions - Allow or prevent multiple simultaneous logins

Configure these settings in Settings → Users → Session Settings.

Every user has a status that controls their access:

Active

• User can log in and use the application
• Standard status for functioning accounts
• All permissions apply normally

Inactive

• User cannot log in
• Account still exists but is disabled
• Use for temporarily disabled accounts
• Can be reactivated later
• Useful when employees leave but might return

Pending

• Account created but not yet activated
• Waiting for email verification
• Or waiting for admin approval
• Cannot log in until status changes to Active

Changing User Status

You can change status:

1. Manually in the Users table (Data Builder)
2. Through record rules (automatic)
3. Via the API
4. Through admin interfaces you build

Tadabase provides built-in user management tools, and you can also build custom interfaces.

Built-In User Management

Access in the builder at Settings → Users:

• View All Users - See complete user list
• Add Users - Manually create new users
• Edit Users - Modify user details
• Invite Users - Send invitation emails
• Deactivate Users - Disable accounts
• Delete Users - Permanently remove (use carefully!)
• View Login History - See when users accessed the app

Custom User Management Pages

You can build custom user management interfaces for admins:

User List Page

1. Create a page accessible only to Admin role
2. Add a Table Component
3. Connect to Users table
4. Include relevant fields (Name, Email, Role, Status, Last Login)
5. Add action links (Edit, Deactivate, View Details)

User Detail Page

1. Create a details page for individual users
2. Add Details Component showing user information
3. Include Forms Component for editing
4. Show related records (tasks assigned, orders placed, etc.)
5. Add action links (Reset Password, Change Role, Deactivate)

User Profile Page

1. Create a page where users can view/edit their own profile
2. Add Details Component (logged-in user's data)
3. Include Form Component for editing profile
4. Add password change functionality
5. Allow users to upload profile picture

Every user must be assigned to a role. Roles determine what users can access and do in your application.

Default Roles

Every new app comes with a default Admin role:

• Full access to everything
• Can view all pages
• Can perform all actions
• Typically assigned to application administrators

Creating Custom Roles

You'll create additional roles based on your needs:

• Manager
• Employee
• Customer
• Guest
• Vendor
• etc.

We'll cover roles in detail in the next article. For now, understand that every user needs a role.

Follow these best practices when managing users:

1. Unique Email Addresses

• Each user must have a unique email
• Never share login credentials
• Use real email addresses for communication
• Don't use generic emails (info@, admin@) for individual users

2. Strong Password Policies

• Require minimum password length (8+ characters)
• Enable complexity requirements
• Consider password expiration for sensitive apps
• Never store passwords in plain text (Tadabase encrypts automatically)

3. Email Verification

• Enable for self-registration
• Prevents fake accounts
• Ensures valid contact information

4. Least Privilege

• Assign users to the least privileged role that meets their needs
• Don't make everyone an Admin
• Review roles periodically

5. Deactivate, Don't Delete

• When users leave, deactivate their accounts
• Deleting users can break data relationships
• Keep historical records intact
• You can always reactivate if needed

6. Regular Audits

• Review user list periodically
• Remove or deactivate unused accounts
• Verify role assignments are still appropriate
• Check login history for suspicious activity

7. Test User Experience

• Create test users for each role
• Log in as different users to verify permissions
• Test signup and login flows
• Verify password reset works

Here are typical scenarios you'll encounter:

Scenario 1: Employee Onboarding

New employee joins your company:

1. HR creates user account (or sends invitation)
2. Assign to "Employee" role
3. Employee receives welcome email with login instructions
4. Employee sets password and logs in
5. Employee completes profile information
6. Employee can now access appropriate pages and data

Scenario 2: Customer Self-Registration

Customer wants access to your portal:

1. Customer visits public signup page
2. Completes signup form (email, password, basic info)
3. Automatically assigned to "Customer" role
4. Receives verification email
5. Clicks verification link
6. Can now log in and access customer portal

Scenario 3: Employee Offboarding

Employee leaves the company:

1. HR changes user status to "Inactive"
2. User can no longer log in
3. Historical records remain intact
4. If employee returns, reactivate account
5. If permanent, can delete after retention period

Scenario 4: Role Change (Promotion)

Employee gets promoted to manager:

1. Admin edits user record
2. Changes role from "Employee" to "Manager"
3. User immediately gains manager permissions
4. Can now access manager-only pages and features
5. Previous work as employee remains intact

Scenario 5: Password Reset Request

User forgets password:

1. User clicks "Forgot Password" on login page
2. Enters email address
3. Receives password reset email
4. Clicks link in email (time-limited)
5. Creates new password
6. Can immediately log in

You'll often need to link users to other data in your app.

Connection Field

Use connection fields to link Users to other tables:

Example: Link Orders to Users

1. Go to your Orders table
2. Add a Connection field
3. Connect to the Users table
4. Name it "Customer"
5. Now each order is linked to the user who placed it

Logged-In User Field

Automatically capture who created a record:

1. Add a Connection field to any table
2. Connect to Users table
3. Enable "Auto-fill with logged in user"
4. When users create records, this field automatically captures their user ID

This is crucial for:

• Ownership tracking
• Audit trails
• User-specific record filtering
• Reporting and analytics

Current User Filter

Show users only their own records:

1. Add a Table Component to a page
2. In component settings, add a Filter
3. Filter: "Customer" = "Logged In User"
4. Users will only see their own orders

This is fundamental to building secure, multi-user applications.

Understand how users affect your Tadabase subscription:

Active Users

• Your plan includes a certain number of active users
• Only users with "Active" status count toward your limit
• "Inactive" and "Pending" users don't count
• You can have unlimited inactive users

Checking User Count

• View in Settings → Users
• See "X of Y active users"
• Know when you're approaching your limit
• Upgrade plan if you need more users

Optimizing User Count

• Deactivate users who no longer need access
• Share accounts only when appropriate (e.g., kiosk mode)
• Use public pages for anonymous access
• Consider role consolidation

Common problems and solutions:

User Can't Log In

Check:

• Is status "Active"? (not Inactive or Pending)
• Is email address correct?
• Is password correct? (offer reset)
• Is email verified? (if required)
• Has account been locked due to failed attempts?

User Sees Blank Page After Login

Check:

• Does their role have access to any pages?
• Is there a default page set for their role?
• Are page permissions configured correctly?

Duplicate Email Error

• Email addresses must be unique
• Check if user already exists
• User might have forgotten existing account
• Offer password reset instead

Verification Email Not Received

• Check spam/junk folder
• Verify email address is correct
• Resend verification email
• Check Tadabase email settings
• Whitelist Tadabase email domain

In this article, you learned:

• What users are - People who access your application
• User types - Authenticated, public, SSO, and API users
• The Users table - Special system table with authentication fields
• Creating users - Manual, signup, invitation, import, and API methods
• Authentication - Login, password reset, SSO, and 2FA
• User status - Active, inactive, and pending states
• User management - Built-in tools and custom interfaces
• Best practices - Security, auditing, and user experience
• Common scenarios - Onboarding, offboarding, role changes

Understanding users is the foundation of security. In the next article, you'll learn about roles - how to create different access levels and assign permissions to control what each user can see and do.

Hands-On Exercise (To Be Added)

Exercise placeholders will include practical activities such as:

• Creating test users with different roles
• Setting up a signup form
• Adding custom fields to the Users table
• Testing authentication and password reset
• Building a simple user profile page
• Linking users to other tables

Knowledge Check (To Be Added)

Quiz questions will test understanding of:

• Difference between users and records
• Default fields in Users table
• Methods for creating users
• User authentication options
• User status meanings
• Best practices for user management