As an app administrator either at the app store and at the application level, learn how to add and modify user.


On this page, you have the users in rows and the small-apps of your instance as columns.

At the intersection, a pictogram indicates what types of access has been granted.

More than giving you an overview of your users’ access, from this interface you can also:

  • search the users: just start typing the user’s email
  • see the number of users
  • download the users list
  • sort your users
  • hover on the user name to get its creation date and who created it
  • get a reminder of what the pictograms mean
user interface

user interface

Create users

You can create users from the Add user button at the top right side of your screen.



Create/edit a single user


  • Username : the user name MUST be a valid email address.
  • Password :
    • Password generation by email : The user will receive an email to generate its password
    • Single Sign-On : Thanks to the OAuth provider setup in the instance_settings.cson, the user will be able to reuse existing SSO credentials to login to Toucan Toco.
    • Manually set password : Choose a temporary password, as soon as you choose to send a password generation email to your user, you won’t be able to modify it.
  • User-group(s) : (Optional) assign one or multiple groups to your user.
  • Set an expiration date for this account : (Optional) allows you to create a user for a limited period of time. Great for demos or prospect materials.

Assign privileges

Once you have created your user, click on continue to assign rights to one or multiple apps:

user rights

user rights

Here are the privileges explanation (in increasing order of rights perimeter):

  • No access: the user cannot access the right
  • Viewer: the user can access the app in production only, and user collaborative features, but cannot access the studio
  • Validator: the user can access the studio to validate the app before any release to production. The user cannot create or update the app by himself
  • Contributor: the user can access the studio to edit the app.
    • Data Storyteller: The user can access the studio but he can only creates stories, edit color theme and create engagement with Notifictations customization. He cannot add any data to the application (need a feature flag activation).
    • Data Master: The user can access the studio but he can only connect, prepare and apply permissions on data in the app. He cannot create stories/tiles nor affect the front of the application (need a feature flag activation).
    • Business Specialist: The user cannot access the studio but he’s able to add/edit a commentary on a chart directly depending of the value of a requester (report or date at the moment). This can only be done on production (need a feature flag activation).


💡 Those 2 new sub-roles are in Beta right now! If you need that, talk about it with your Customer Success or your Account Executive in order to enable it.

  • App Owner: the user can share the app and manage the app users (add new users, edit or remove them). See the dedicated App Owner privilege below for more details.

If your user is added to a group using group privileges, this step will be skipped. User will inherit privileges setup at the group level.

Notifications settings

Choose how you want to notify your new user of its access :

  • No email : the user won’t receive any welcome email to the platform. The user will only receive its password generation email if specified at creation
  • Platform email : the user will receive one global email listing all the app access granted
  • Applications emails : the user will receive an email for each application access has been granted to

Edit users

You can edit a user’s privileges directly from the interface by clicking on the user privilege icon in a given app column.

user edit rights

user edit rights

If your user belongs to a group with privileges, you won’t be able to edit the user access. You’ll have to remove the user from the group to do so.

You can edit a user’s information by selecting a user from the list to activate the edition menu at the bottom right of your screen.

user edit

user edit

Create/edit multiple users


This is what we call bulk creation 👥

Bulk creation/edition template

To create multiple users, you need to drop a csv file that contains specific information.

user bulk create

user bulk create

A template file is available for download. This file contains all the required columns you need to fill:

  • username : the user name MUST be a valid email address
  • admin : Type in true to give admin access to a specific user
  • provider : (Optional) the name of the sso provider (leave empty if the user logs in via username/password)
  • user-group : (Optional) type in the name of the group, leave it empty if you don’t want to assign any group to your user(s). There are by default 3 user-group column, but you can add more 😃 just make sure to update the number after user-group
  • All existing app on your store will have a dedicated column (small-app lovely-name), you just need to fill what type of privilege each user will have for each app:
    • view for a Viewer
    • validate for a Validator
    • contribute for a Contributor
    • contribute-data for a Data Master (need a feature flag activation)
    • contribute-design for a Data Storyteller (need a feature flag activation)
    • business-specialist for a Business Specialist (need a feature flag activation)
    • own for an App Owner


If you want to delete some users with a bulk upload, then add a delete columns and fill it with true or false

Once you’re done filling-up the template, you just have to drop it in the tile 🎉

user bulk validate

user bulk validate

Send email invitation to new users : with this option activated, users will receive an email to inform him/her of his/her access to the Toucan Toco application and will be invited to create his/her own password.

File example (bulk creation):

username admin user-group 0 user-group 1 small-app finance small-app marketing
test@tou cantoco. com true        
test2@to ucantoco .com   Manager   view  
test3@to ucantoco .com       view contribute
  • will be admin
  • will be assigned to the Manager group and have a view access to the Finance app
  • will have a view access to the Finance app and contributor access to the Marketing app

Edit multiple users

You can edit multiple user’s privileges by selecting the users from the list to activate the edition menu at the bottom right of your screen.

user bulk edit rights

user bulk edit rights

App Owner privilege

The App Owner privilege allows to:

  • benefit from administration rights at the app-level only (and not on the whole platform as opposed to the Admin privilege)
  • share the application to the world!

Please find below an explanation of those two use cases.

Delegate administration

As a platform Admin, you may need to delegate some of your rights at the app level, so that you avoid becoming overwhelmed by administration requests. You need to grant users management rights to other people in your organisation, but only for specific app, preventing your App Owners to access all the apps and users of the platform.

As an App Owner, you need to be autnomous in the way you give access to your app in your organisation.

That’s exactly why the App Owner privilege exists! As an App Owner, you have access to a user management interface right from your app home.

app access button

app access button

From there, you can easily add, remove or edit users privileges on your app.

app owner users management interface

app owner users management interface

Import things to notice:

  • As an App Owner, you can view and edit the privilege of other App Owners
  • When an App Owner adds a new user on his app, then:
  • eitheir the user is already registered on the platform, in such a case the user privilege for this app is updated and he receives a welcome email to notify him he has access to a new app on the platform;
  • or the user is not registered yet on the platform, in such a case the user receives a password email in order to register to the platform, and a new license will be consumed
  • When an App Owner removes a user’s access to the app, the user’s privilege is updated (“no access”), but the user is not deleted from the platform (only a platform Admin can remove completely a user from a platform)

Easily share your app

As an App Owner, you have access to a “Share” directly from your app home:

share button

share button

From there, you will be able to specify email address to send your invites, as well as the privilege they will have on the app:

invite users interface

invite users interface

Note that if you are in a free trial, you have the App Owner privilege by default, so do not hesitate to share your awesome stories!!