User Management
Aero2 provides a complete user management system for your application. Every user has a profile, can authenticate through multiple methods, and can be assigned roles that control their access.
User Lifecycle
Users in Aero2 go through the following lifecycle stages:
| Stage | Description |
|---|---|
| Created | Account exists but email may not be verified |
| Verified | Email address has been confirmed |
| Active | User can sign in and use the application |
| Disabled | Account is suspended; user cannot sign in and all sessions are revoked |
| Deleted | Account is permanently removed |
How Users Are Created
Users can be created through several methods:
- Sign-up flows — Users register directly through social login or (coming soon) email/password
- Admin API — Administrators create accounts programmatically via the Users API
- Invitation links — Users are invited by email and create their account when they accept
- SCIM provisioning — Automatic account creation from enterprise identity providers (coming soon)
What Each User Has
- Unique email — Each email address can only be used once per application
- Profile data — Name, picture, and other identity information
- Roles and permissions — Control what the user can access and do
- Linked identities — Social accounts (GitHub, Google, etc.) connected to the user
- Session history — Record of active and past sessions
Learn More
- User Profiles — Profile fields, self-service updates, admin management
- Sessions — Session lifecycle, listing, and revocation
- Account Linking — Connecting multiple auth methods to one account
- Roles & Permissions — RBAC configuration and enforcement