Users
The Users view lists every registered Lumio user across all accounts. Admins can edit user details (display name, email), manage login connections (disconnect, set reconnect flags, configure primary connections), manage account memberships (add to / remove from accounts), override account creation and max-account limits, and delete users entirely.
Where to find it
Admin sidebar → Users. The list lives at /users; detail pages live at /users/\{id\}.
Quick start
- Open Admin → Users.
- Search by display name or email using the top search bar.
- Click any row to open the user detail page.
- Inspect login connections and account memberships in the stacked cards.
- If a login provider needs to be detached, use the delete button on that connection row.
Detailed walkthrough
Users list (/users)
- Search — debounced 300 ms search on display name and email.
- Columns — Avatar + display name, Email, Created date, Last Login date.
- Pagination — 25 users per page; "Page X of Y (N users)" footer.
- Row click — navigates to
/users/\{id\}.
User detail (/users/[id])
Five cards:
- User Information — Display name and email (both editable inline, requires
users:edit), User ID (copyable), Created At, Last Login. A Delete User button (requiresusers:delete) opens a confirmation dialog before permanently deleting the user and all their data. - Login Connections — table of every identity provider the user has linked: Provider (Twitch, Google, etc.; the Google provider displays as "YouTube"), Username on that provider, Connected Since timestamp, and a Primary For column showing which accounts use this connection as their primary (displayed as amber star badges). Each row has a Disconnect button (visible when the user has more than one connection) and a Reconnect Flag toggle. Admins can set or clear the primary connection for any account from this card.
- Account Memberships — table of every account the user belongs to: Account (linked to
/accounts/\{account_id\}), Plan badge, Role, Owner flag. An Add to Account button allows admins to add the user to an account by account ID. Each non-owner membership row has a Remove button with a confirmation dialog. - Account Creation Override — 3-state override dropdown that controls whether this user may create new accounts (see Account Creation Override below).
- Max Accounts Override — optional integer override for how many accounts the user can own (see Max Accounts Override below).
Max Accounts Override
The Max Accounts Override section lets admins grant a specific user the ability to own more (or fewer) Lumio accounts than their plan normally allows.
The field is stored as max_accounts_override on the user record and accepts an optional positive integer. When set, it replaces the plan-derived account limit for that user. When null, the plan default is used.
Field values:
| Value | Meaning |
|---|---|
null | Use the plan default (no override). |
1 or more | User may own up to this many accounts regardless of plan. |
Updating this field calls PATCH /v1/admin/users/\{id\} (REST) with { "max_accounts_override": <value_or_null> } or the corresponding GraphQL mutation. The change takes effect immediately — the per-user cache entry is invalidated on save. Requires users:edit admin permission.
The override is exposed in:
GET /v1/admin/users/\{id\}response body (max_accounts_overridefield)adminUser(id)GraphQL query (maxAccountsOverridefield onAdminUser)
Account Creation Override
The Account Creation section lets admins grant or deny a specific user the ability to create streaming accounts, regardless of the global system:account_creation flag setting.
Dropdown options:
| Option | Stored value | Meaning |
|---|---|---|
| Default | null | Defer to the global system:account_creation flag. If the flag is ON, the user can create accounts; if OFF, they cannot. |
| Allow | true | User may always create an account, even if the global flag is OFF. |
| Deny | false | User is always blocked from creating an account, even if the global flag is ON. |
Effective-state badge — displayed next to the dropdown, it shows the resolved outcome (Allowed / Blocked) by combining the dropdown value with the global flag state, so you can see the real-world effect at a glance without mentally simulating the resolution logic.
Saving the override calls PATCH /v1/admin/users/\{id\} (REST) or the adminUpdateUserAccountCreationOverride mutation (GraphQL). The change takes effect immediately — the per-user cache entry is invalidated on save.
Common scenarios
- Abuse investigation — open a user, check their account memberships to see what data they control, then follow up in each account.
- Compromised OAuth — delete the affected login connection. The user must re-link that provider before using it again.
- Duplicate account merge — the admin UI does not merge users. Use the CLI/DB for merges; use this page to verify account memberships first.
- "Why can't user X log in?" — inspect Login Connections to confirm they still have at least one working provider link.
Permissions
| Action | Permission |
|---|---|
| View user list / detail | users:read |
| Edit display name / email | users:edit |
| Delete a user's login connection | users:edit |
| Set reconnect flag on login connections | users:edit |
| Update account creation / max accounts override | users:edit |
| Delete a user | users:delete |
| Set primary login connection for an account | accounts:edit |
| Add / remove account memberships | accounts:edit |
All actions additionally require admin:access. System admins (system_admin.is_system = true) implicitly have every permission.
API
| UI action | GraphQL | REST |
|---|---|---|
| List users (paginated, searchable) | adminUsers | GET /v1/admin/users |
| Get user detail | adminUser | GET /v1/admin/users/\{id\} |
| Update display name / email | adminUpdateUser | PATCH /v1/admin/users/\{id\} |
| Delete user | adminDeleteUser | DELETE /v1/admin/users/\{id\} |
| Delete a login connection | adminDeleteUserLoginConnection | DELETE /v1/admin/users/\{id\}/login-connections/\{provider\} |
| Set login reconnect flag | adminSetLoginReconnectFlag | PUT /v1/admin/login-connections/\{id\}/reconnect-flag |
| Set primary for account | adminSetPrimaryLoginConnection | -- |
| Update account creation override | adminUpdateUserAccountCreationOverride | PATCH /v1/admin/users/\{id\} (body field account_creation_override) |
| Update max accounts override | adminUpdateUserMaxAccountsOverride | PATCH /v1/admin/users/\{id\} (body field max_accounts_override) |
Tips & gotchas
- There is no ban / unban surface in the admin app today. Blocking a user from logging in is done by removing all of their login connections or deleting the user entirely.
- There is no sessions management in the admin user view. Session admin is handled per-account by the account owner (see the user-facing docs for the sessions page).
- Admins can add/remove account memberships from the user detail page. Changing a member's role still happens inside the account itself, not from the admin panel.
- The list uses the Next.js proxy route
/api/userswhich calls the REST admin endpoint underneath. - Deleting a user is permanent and cascades to all their data. Use with caution.
Related
- Accounts — which accounts a user belongs to
- Audit Log — record of login / logout / admin events
- OAuth Clients — public OAuth apps that can act on behalf of users