Overview

In Studio CMS, user accounts control who can enter the backoffice, which areas they can see, and which actions they can perform. This area is essential for organizing the project operation securely, ensuring different levels of autonomy across teams, and keeping control over data and permissions.

Users
Profiles
2FA

1

Where this area appears in Studio

Overview and list management

Overview of the user accounts area in Studio CMS
The Users area centralizes backoffice account management, showing name, email, assigned profiles, status, and the available edit action for each record.

List

Lets you quickly understand who has access to the backoffice and which profile is assigned to them.

Filter and search

Help locate specific users when the project already has several active accounts or different teams operating in it.

Ações

The controls at the end allow you to open the existing account to review data, profiles, status, and other related settings.

2

Concept and what it is for

Controlled access to the backoffice

User account

It is the record that identifies a person in the backoffice and gives them access to the system through their own login.

Profile

It is the set of permissions assigned to the account and determines what the user can view, edit, or manage in the project.

Practical use

It is used to distribute responsibilities by team, control sensitive access, and avoid giving every user the same permission level.

Key idea: user accounts are not only for entering the system. They are the foundation of organization, security, and separation of responsibilities within the backoffice.
3

How to create a new user

Main fields and base setup

Creating a new user in Studio CMS
The creation form brings together the essential data for the new account: name, login, email, profile, password, status, and the two-factor authentication option.
Profiles available when creating users in Studio CMS
The available profiles may vary from project to project, because they depend on the functional scope and the permissions defined for that installation.

Identification

Name, login, and email define the account and help distinguish it from the others.

Security

The password, password confirmation, and the 2FA option help strengthen access to the system.

Status

The Active field lets you decide whether the new account becomes operational immediately or should remain inactive until final validation.

Important: the profile assigned to a user has a direct impact on what they can do in the backoffice. Before saving, always confirm that the account is receiving the correct level of access.
4

How to think about profiles and permissions

Profiles vary depending on the project

  • Not all projects have exactly the same profiles. That depends on the enabled permissions and the functional architecture defined for the backoffice.
  • Profiles such as ROLE_ADMIN, ROLE_FORMS, or ROLE_SUPER_ADMIN may exist as examples, but the final set can vary significantly.
  • Ideally, each user should receive only the access necessary for their role, avoiding excessive permissions.
  • If an account only needs to manage one specific area, the profile should reflect that limitation and not open full system access.
  • When in doubt, it is better to confirm the project logic before creating the account than to rush and fix permissions afterwards.
Good practice: think of profiles as a governance layer for the project. The goal is not to give the maximum possible access, but the right access for each user to work safely.
5

Delete user data

Sensitive action on personal data

Delete user data in Studio CMS
The Delete user data action triggers the routine available in the project from the account email, acting on the data associated with that user.

1. Confirm the correct email

The email field must match exactly the user to whom the action will be applied.

2. Validate the context

Before executing it, confirm internally why this action is necessary and whether it is aligned with the project procedure.

3. Execute with care

The Delete data button acts on personal information, so it should not be used as a casual account management routine.

Attention: this area should be treated as a sensitive operation. Before deleting user data, always confirm the expected impact and whether the procedure is approved for that project.
6

Explore also

Related pages

Studio CMS glossary

Reinforce terms such as profile, permissions, authentication, and other concepts used in backoffice management.

FAQs

Check quick answers to recurring questions about operations, backoffice structure, and Studio organization.

Practical guides

See more operational support content for teams that are starting to work in the backoffice.

Internationalization

Explore another Studio administrative area linked to the structural setup of the project.