User Management
User management lives in the Admin Console at /admin, accessible from the Admin entry in the sidebar (admins only). See the dedicated Admin Console page for the full walkthrough.
This page covers the higher-level concepts.
Roles
| Role | Permissions |
|---|---|
| Admin | Full access: all data, settings, user management, credentials, audit log |
| Viewer | Read-only: can view all transactions, reports, accounts, invoices — but cannot add users, change settings, or modify credentials |
The first account created in setup (self-hosted) or sign-up (cloud) is always an admin. You can have multiple admin accounts.
How users join
There are two paths to creating a new user:
- Cloud sign-up — a brand-new visitor at books.geekonomics-app.com fills out the sign-up form. This creates a new company tenant plus an admin user for that tenant. It does not add a user to an existing company.
- Invited by an admin — an admin opens the Admin Console → Users tab, clicks Add User, and creates the account with a temporary password. The new user is added to that admin's existing company.
There is no public "join an existing company" sign-up flow — that path goes only through an admin.
Password management
Users can change their own password three ways:
- Forced change after temporary password — when an admin creates a new user with a temp password, the user is prompted to set a real password on their first sign-in
- Forgot password — from the sign-in page, if SMTP is configured (see SMTP & Email)
- Reset by an admin — a platform admin can issue a temp password from the Platform panel; a tenant admin can update a user from the Admin Console
Deactivating a user
There is no soft-disable per user — to remove access, delete the user from the Admin Console → Users tab. Their historical data (transactions, invoices) is preserved; only the login credential is removed.
To lock out an entire tenant at once, a platform admin can deactivate the company from the Platform panel.
Multi-company note
Geekonomics is multi-tenant — each company's data is fully isolated. Users belong to a single company. If you need separate books for different entities, sign up multiple companies (one per entity) or run separate self-hosted installs.