Proto: user.proto




A User defines an entity which can authenticate to Portal web applications.

Field Type Label Description
username string The User's username. Must be unique within the system.
email string The User's email address.
basicAuth Authenticate the user with Basic Auth.
accessLevel The User's access level. The user will have all the permissions granted in the access level, PLUS the permissions granted by the AccessLevels contained in the Groups to which this User belongs.


Used for authenticating with basic auth.

Field Type Label Description
passwordSecretName string The name of a BasicAuth secret in the cluster to use to authenticate the user. A BasicAuth secret contains the user password. This field is required.
passwordSecretNamespace string The namespace containing the named BasicAuth secret. If empty, defaults to the same namespace as the user.
passwordSecretKey string The name of the secret's data key which contains the password. Defaults to “password” if not set.


The current status of the User. It contains information about the Portals and APIDocs the user has access to.

Field Type Label Description
observedGeneration int64 The observed generation of the User. When this matches the User's metadata.generation, it indicates the status is up-to-date.
state The current state of the user
reason string A human-readable string explaining the error, if any.
hasLoggedIn bool Special status flag that indicates whether the user has logged in for the first time. Set by the Portal Web App.
observedLabels [] repeated The set of labels that are observed in the metadata.labels on the User. These labels are used to map Users to Groups by the Gloo Portal controller.
hasAccessTo Represents set of resources that the user has access to.


Field Type Label Description
key string
value string