What are Users?
Knack provides user & login features so you can require your live app users to log in, create roles and permissions, and limit logged-in users to only access their own records.
By default, any Knack app can be viewed by anyone that knows the URL. For example, anyone can use this link to view our business directory template app.
Enabling users & logins means that a user must first login before they can view your app. This is what an app would look like if a login was added:
Now an email and password are required to access that app. Anyone that has an email and password to log in and access your app is called a user.
To activate user and login features, first open the app menu from the top left corner of your builder:
Then select the "User Logins" option.
In the "User Logins" section, click the "Activate Users" button. This will enable users for your app.
While activating users, you will have the option to choose which type of login you want to use with your app.
- The first option, "I want to have logins for different pages and user roles.", will allow you to have different types of users and choose which pages will have logins.
- The second option, "I just want one login for the entire app.", will only allow you to add one login to your app, for only one type of user.
Knack Tip: Most apps require user roles such as Employees and Supervisors, or Teachers and Students. If you want different roles to access different parts of your app, make sure you keep the first default option to have logins for different pages and user roles.
Add User Roles
When you activate user and login features, a special Accounts object is added to your app. Each user that can login to your app with an email and password will be stored here as an individual record in the Account object. However, you can also add additional user roles. These are different types of users and will allow you to customize their permissions in the Live App.
To add new user roles, select the "+ADD" button next to the "USER ROLES" text. This will walk you through creating a new user role.
Add User Records
Now that you have users enabled, you can add individual users to your app. You can do this by adding records to your user roles.
This object works just like a regular object in your database. So to add a new user, select the "Records" tab at the top and then the "+ Add Record" button.
Similar to other objects, these user records can also be added with a form view from the Live App.
Edit User Roles
To edit user roles, you can select the settings icon next to the user role name, or you can select the "Settings" tab at the top of the Builder when viewing the user role.
In the user role settings, you can edit the following options:
- Object Name: this is the name of the user role.
- Display Field: this is the field which will be displayed to represent the record in connection fields.
- Sort Order: this is the default order records will sort in within the user role.
- Approval Template: this is the editable email template used to notify users have been approved.
- Account Info Template: this is the editable email template used email users their account details.
Edit User Records
You can edit individual user records both in the Builder as well as in the Live App.
Editing Users in the Builder
To edit user records in the Builder, select the "Records" tab for the user role. Then click the pen edit icon next to the individual record. This will open up a form in a modal popup to edit the user record. You can also edit the record directly inline, by selecting a specific cell on a record.
Editing Users in the Live App
You can also edit user records directly from the Live App, but using an edit form view, similar to records in other objects.
Delete User Roles
To delete a user role, click on the settings icon next to the user role name. Then choose the "Delete" option. This will delete the user role but will not delete the user records in that role. They will remain in the main Accounts object without that role.
Warning: a user role, similar to objects, is a foundational part of your app. So deleting a user role may corrupt pages, views, and connections which use this user role.
Delete User Records
Individual user records can be deleted from both the Builder and the Live App.
Delete User Records from the Builder
To delete user records from the Builder, select the user role then view the "Records" tab. Then use the checkboxes to select specific records. Once records are selected this will reveal new options. There you can choose the "Delete" option.
Delete User Records from the Live app
Individual user records can be deleted from the live app by adding delete links to views. These delete links will then be available in the view for app users.
You can use the checkboxes to select multiple user records and activate additional management features:
For example, you can approve multiple pending registered users at once by updating their status and sending an email alerting them of the approval:
Using Users in your App
Roles and Permissions
User roles are used to create different types of users.
For example, for a project management app, you may want Employee users that are responsible for completing project tasks, and Supervisor users that are responsible for assigning tasks to Employees and approving new projects.
Each user can be assigned to multiple roles if necessary. A record will exist in each user role object that the user is assigned to.
These roles can be used to create different permissions to access your live app.
When you add a login to a page you can specify which roles can have permission to access that page.
This way you can create different pages for different roles. Each role can access different pages, each with different views, fields, and workflows.
The page menu can be configured to only show links to the pages the logged-in user can access, so each user will only see the pages they have permission to.
Add User Logins
You can require a login for any page in your live app.
To add a login, go to the Pages section, then the page you want to protect. Then click on the login tab to require a login:
A special login page will be created containing a single login view. That login view controls the settings for the login and any user registration options.
Note: Every child page underneath that login page will now require a login to access.
Click here for more on managing logins and registrations.
Limit Records to the Logged-in User
Another key feature is building your app so that each user can log in and only access their own records.
For example, if you have a project management app showing tasks, you want each employee to log in and see their own tasks, not the tasks of any other employee.
When adding views to a page protected by a login, you'll see options to set up the view to work this way:
This will require a connection in your database. For example, with our project management example, you'll need a connection field on your Task object connecting it to the Employee.
With that connection in place you can then add a view to show those Task records connected to the logged-in Employee:
When that employee logs in they'll only see those tasks connected to their user record.
Click here for more on displaying records connected to the logged-in user.
Notes & Troubleshooting
- The Accounts user role object stores all user records. So when deleting a user record, the record will need to be deleted from both the user role and the Accounts object.
Overwriting Changes made in the Live App or Builder
At this time it is possible to overwrite changes that other users have made both in the Knack Builder and in the Live App. In other words, there is not a way to prevent users from accessing the builder or a record in the live app when it is being edited in another session by another user.
As such, we strongly encourage the following:
- All Knack Builders have one browser window or tab open while working on schema changes in the Builder. Otherwise if you, or another shared builder on that app, have an older version of the schema open and save changes there, it can overwrite the updates you just made.
- In the Live App, we encourage creating a workflow or process to limit the number of users that might need to edit the same record at any one time.
How To Guides
- Show Records Connected to the Logged-in User
- Show Records Connected To The Logged-in User's Company Or Other Group
- Create an Admin User Role to View All Records
- Create a Single Login Page for Multiple User Roles
- Add Read-Only Access For Users
- How to Force Users to Reset Their Passwords
- Email Your Users
- Track Which User Last Updated a Record