Administration

Last modified: May 11, 2026

Introduction

The Administration module contains the administration functionality. It allows you to manage local accounts and view app statistics, such as runtime information, sessions, and scheduled events.

Features

  • Manages user accounts
  • Provides a read-only overview that shows the following information:
    • All active sessions
    • All scheduled events
    • All runtime instances
  • Displays runtime statistics

Dependencies

  • Atlas Core: required for the Administration module versions 4.0.0 and above
  • Combo Box: required for the Administration module versions 4.0.0 and above
  • Atlas UI Resources: required for the Administration module versions 3.0.0 and below
  • Mendix SSO: required for the Administration module versions 1.3.X (for example 1.3.2) and 2.1.X (for example 2.1.2)

Installation

Follow the instructions in How to Use Marketplace Content to import the Administration module into your app.

Module Roles and Access Control

Overview of Module Roles

The Administration module provides a set of fine-grained module roles for enhanced control over permissions and access. You can combine these roles to allow only the permissions required for a specific use case.

  • Administrator – Allows full management of user accounts:

    • Create new user accounts.
    • Delete existing user accounts.
    • Read and write access to FullName and Email of the Administration.Account objects.
    • Change passwords of other accounts.

  • User – Allows the following access levels:

    • Write access to the FullName and Email attributes of the Administration.Account object for the current user.
    • Read access to the FullName and Email attributes of other users’ Account objects.

  • ReadOwnDetails – Allows read access to the FullName and Email attributes of the Administration.Account object for the current user.

  • EditOwnDetails – Allows read and write access to the FullName and Email attributes of the Administration.Account object for the current user, where write access inherently includes read access.

  • EditOwnPassword – Allows the current user to change their own password. Note that either ReadOwnDetails or EditOwnDetails is required when applying this module role.

  • ReadOthersFullName – Allows read access to the FullName attribute of other users’ Administration.Account objects.

  • ReadOthersEmail – Allows read access to the Email attribute of other users’ Administration.Account objects.

Default Access Rules

Default rights for new members are set to None for all access rules.

Combining Module Roles Depending on Use Case

You can combine these module roles to configure access to user account data based on the needs of the app. Instead of assigning broad access, select only the module roles required for each app role.

The following examples illustrate common role combinations:

Default End-User

Allows users to read and edit only their own details, and change only their own password.

  • EditOwnDetails
  • EditOwnPassword

Read-Only User Profile

Allows users to read only their own personal details. Profile updates and password management are handled externally through the configured identity provider (IdP) or single sign-on (SSO) solution.

  • ReadOwnDetails

Users Who Need Visibility of Other Users’ Names

Required only when users’ full names must be displayed. For example, when using the Workflow Commons module, users with access to the Task Inbox must be able to view other users’ full names. The Assignee column uses this to display who is assigned to each task.

  • ReadOwnDetails
  • EditOwnPassword
  • ReadOthersFullName

User Profile with Email Visibility

Allows users to view their own personal details, the names of other users, and other users’ email addresses.

  • ReadOwnDetails
  • EditOwnPassword
  • ReadOthersFullName
  • ReadOthersEmail

Administrative Users

Allows full management of user accounts.

  • Administrator

Usage

Adding the Account Overview Page to the Navigation

On the Administration.Account_Overview page, you can view and manage all the accounts in your app. To add the page to the app navigation, follow these steps:

  1. In App Explorer, open Navigation.
  2. In Menu, click New item. The New Menu Item dialog box opens.
  3. Enter a caption.
  4. Select an icon.
  5. In the On click drop-down list, select Show a page. The Select web page dialog box opens.
  6. Find Account_Overview using the search box at the top and select it. The Select web page dialog box closes.
  7. Click OK to save the settings for the new menu item.

If you run the app and log in as a user with the Administrator role, you can see the new page in the navigation.

Adding Users as an Administrator

  1. Make sure that you added the account overview page to the navigation.

  2. Run the app and sign in as a user with the Administrator role.

  3. Go to the account overview page.

  4. If the new user does not need to consume the published web service of your app, click New local user to add the new user.

  5. If the new user needs to consume the published web service of your app, click New web service user to add the new user.

  6. In the New Account dialog box, fill in the user data.

  7. Click Save.

Using Supporting Microflows with Mendix SSO

The Administration module versions 1.3.X (for example, 1.3.2) and 2.1.X (for example, 2.1.2) contain a set of microflows to configure Mendix SSO to use Administration.Account as the user entity. To use the supporting microflows with Mendix SSO, follow these steps:

  1. Make sure that your app contains the Mendix SSO module. If it does not, import the Mendix SSO module from the Marketplace.

  2. Configure the MendixSSO_AfterStartup microflow from the Administration module as the after startup microflow. If there is already an after startup microflow, add the MendixSSO_AfterStartup microflow as a sub-microflow in the existing microflow instead of replacing it.