User Management
Users have global roles, effective state, and security preferences. When handling user issues, first decide whether the cause is account state, authentication method, global role, or room permissions.
User State
Section titled “User State”| Concept | Values | Impact |
|---|---|---|
| Global role | root, admin, user | Platform administration capability |
| Effective state | active, banned | Sign-in, room creation, and room joining |
| Preferences | 2FA, notifications | User-level settings, not YAML configuration |
| Auth methods | password, OPAQUE, passkey, email, OAuth2 | Sign-in and recovery options |
Role Boundaries
Section titled “Role Boundaries”rootcan manage all users and administrators.admincan manage normal users but cannot manage root or equally privileged administrators.usercan use rooms and media features according to business permissions.
Common Commands
Section titled “Common Commands”synctv user listsynctv user get alicesynctv user create alice --email alice@example.comsynctv user ban alice --reason "abuse"synctv user unban alicesynctv user set-role alice adminsynctv user preferences get alice| Scenario | Prefer |
|---|---|
| Abuse | Use ban, keep the reason, avoid deleting audit context |
| Account recovery | Verify identity and bound methods before changing password, email, or 2FA |
| Promote administrator | Use a root account and record the reason |
| Change 2FA preference | Confirm at least two local verification methods remain |
| Delete account | Evaluate room, media, review, notification, and audit impact first |
Authentication details are in Authentication and Security Model. User-facing behavior is in Sign In and Account Security.