DocsAPI

User Management

User Management

Superadmin Signup

When you start Netmaker for the first time, you will be prompted to create a superadmin account from the UI like below

Input your username and a super memorable but strong password then click on the Sign up button. Once you’ve signed up, you can login to your Netmaker server with the account.

Another user type that exists in netmaker CE is “admin“. A user with admin role has equal capabilities as the superadmin, except the creation of other admins and transfering super-admin priviledges.

User Access Tokens

Overview

User Access Tokens are used to generate Bearer tokens that enable programmatic access to API resources on a Netmaker server. These tokens are designed to support non-interactive authentication workflows, particularly in environments that rely on automation and scripting.

Purpose and Use Cases

User Access Tokens are especially useful in scenarios involving:

  • Automated scripts

  • CI/CD pipelines

  • Infrastructure management tools

  • Programmatic integrations with the Netmaker API

By using access tokens, applications and scripts can authenticate securely without requiring interactive user login.

Token Generation

User Access Tokens can be generated under the following conditions:

  • Tokens may be created for existing user accounts.

  • Tokens may also be generated during account creation.

  • Multiple tokens can be generated for a single account.

  • Each token is issued with an explicit expiration date, after which it becomes invalid.

Permissions and Scope

  • The access scope of a User Access Token is strictly limited to the role and type of account for which it was generated.

  • Tokens do not grant privileges beyond those assigned to the associated user account.

Authorization to Generate Tokens

The ability to generate User Access Tokens is restricted as follows:

  • Super Admins, Owners, and Admins are permitted to generate tokens.

  • Admins are limited to generating one token per non-admin user.

  • Admins cannot generate multiple tokens for the same non-admin account.

Token Lifecycle and Revocation

User Access Tokens are automatically invalidated under the following conditions:

  • If a user account is disabled or deleted, all tokens associated with that account can no longer be used for access.

  • If an admin account is deleted or demoted to a non-admin account, all tokens generated by that admin account are automatically deleted, regardless of which users they were issued for.

Security Considerations

  • Tokens should be treated as sensitive credentials and stored securely.

  • Expiration dates should be configured according to the principle of least privilege.

  • Regular token rotation is recommended, especially for long-running automation workflows.

Users in Netmaker Professional

Since v0.25.0, Netmaker Professional offers a more capable user management feature. Server administrators can create different kinds of users (admins, platform users and service users) and group them for easier management.

Check the “Users in Netmaker Professional“ section for more information

Using the Netmaker Desktop Application

Users are required to sign in using their assigned credentials. Alternatively, social login options are available.

After successful login you will be shown all the networks and gateways you have given access to, so now you will be able to connect/disconnect/refresh your connection to a gateway. Internet gateways are depicted with a globe icon. An internet gateway can be used to route all your traffic through the gateway, this is useful if you want to access the internet without exposing your public IP address. This behaves like a traditional VPN.