Skip to content

Users

Describe user accounts in Get2Dial and how they relate to tenants and roles.

Users belong to a tenant (users table; email is unique per tenant via UNIQUE(tenant_id, email), password stored as a bcrypt hash). Each user has one of four roles and an optional sip_extension for the softphone. Production columns track last_login_at, failed_login_count, locked_until, must_change_password and more.

The four roles (pinned by a DB CHECK constraint), least to most privileged:

  • agent — handles calls, sets dispositions.
  • supervisor — live monitoring, reports, QA.
  • admin — manages the tenant’s campaigns, users, routing, carriers.
  • platform_admin — cross-tenant; lives in the Platform tenant.

The first platform admin and first tenant are created by the one-shot bootstrap flow (cmd/bootstrap):

Terminal window
docker compose --profile bootstrap run --rm \
-e BOOTSTRAP_PLATFORM_ADMIN_EMAIL=admin@example.com \
-e BOOTSTRAP_PLATFORM_ADMIN_PASSWORD='at-least-12-chars' \
bootstrap platform-admin

Thereafter users are managed via POST /api/v1/users and friends (/users/{id}/reset-password, /disable, /enable).

  • An agent handles queued and dialer-bridged calls and sets dispositions.
  • A supervisor monitors live queues/agents and runs reports.
  • An admin provisions campaigns, queues, routing and users for the tenant.
  • A platform admin provisions tenants and edge nodes from the admin console.
  • Authentication and session handling are covered under Authentication.
  • Beyond the role, fine-grained access uses per-user capabilities — see Permissions.
  • Follow least-privilege when assigning roles.