User management

Modern applications require sophisticated user management beyond simple authentication. ShipOS provides a complete user management system with roles, permissions, and organizational structures that scale from simple apps to enterprise solutions.

The user management system operates on three levels: Users, Roles, and Organizations. Users can belong to multiple organizations with different roles in each. This flexibility supports everything from simple personal apps to complex multi-tenant enterprise applications.

Creating and managing users programmatically is straightforward with the ShipOS API:

ShipOS includes predefined roles (Admin, Manager, User, Guest) with sensible defaults, but you can create custom roles with granular permissions. Permissions follow a resource-action pattern like read:users, write:projects, or delete:billing for clear access control.

The permission system supports both role-based access control (RBAC) and attribute-based access control (ABAC). You can create conditional permissions based on user attributes, organization membership, or custom business logic that fits your application's specific needs.

User profiles are extensible with custom metadata fields. Store additional information like preferences, settings, or business-specific data. All user data is encrypted at rest and in transit, ensuring compliance with privacy regulations.