Roles and Permissions
| Role | View Shared | View Private | View Library | Download | Upload | WebDAV | User Management | 
|---|---|---|---|---|---|---|---|
| admin | optional | ||||||
| manager | optional | restricted | |||||
| user | optional | ||||||
| viewer | except private | except private | |||||
| contributor | uploaded | shared & uploaded | upload path | optional | |||
| guest | shared | ||||||
| visitor | shared | 
Please note that this overview only applies to PhotoPrism® Pro. Information on the user management features of our personal editions is available in the user guide at https://docs.photoprism.app/user-guide/users/.
Admin
Admins have unrestricted access to all pictures, albums, and settings.
Regular Admins can lose their privileges due to an intentional or accidental role change. However, accounts with the optional "superadmin" status (can be set with the -s flag) retain their admin privileges even if they are assigned a non-admin or invalid role. This is to prevent them from locking themselves out.
When Super Admins change settings such as the language or theme, these automatically become the default settings for other users, unless they have explicitly made a different choice. In addition, global feature flags can only be changed by Super Admins.
Manager
The Manager role is similar to the User role, except that managers additionally have read-only access to the User Management tab in the Admin Web UI. This allows them to see which users have access to a PhotoPrism instance without being able to change user account roles or elevate account privileges. Managers can also audit and delete sessions through the web interface to prevent abuse and unauthorized access.
User
Users have full access to the library and can view, edit, and delete all pictures and albums. Unlike Admins, Users cannot view or change the Library and Advanced Settings, only personal preferences such as theme, language, and password. In addition, their WebDAV access can be disabled. Future releases may include more ways to customize user privileges, e.g. with individual account attributes.
Viewer
Viewers are similar to regular Users, except that they do not have write access to the library and cannot see content that has been archived or marked private. They also cannot upload/import files or trigger indexing. Like all registered users, Viewers can change and save personal preferences such as theme, language, and password.
Contributor
Contributors have read-only access (view and download) to the resources that are in their configured base path, and to the albums that an admin or regular user has shared with them via a link (see below). The Contributor role does not have access to the entire library, but does have the right to upload files to the directory specified as the upload path. Contributors can also change their personal user preferences such as theme, language, and password.
Guest
Guests do not have access to the entire library. They only have read access (view and download) to the resources that are in their configured base path (if any) and to the resources that other users have shared with them, e.g. via a link. Guests can also change personal settings such as theme, language, and password.
Visitor
Visitors cannot be added manually. This special role is tied to a system account that represents anonymous users who use links to view albums or other content that has been shared with them. Visitors can only access these resources and cannot log in with a username or password. They also cannot retain their personal settings for longer than their browsing session lasts.
Our team will be happy to provide you with configuration recommendations and information about customization options.
Sharing Between Users
To share resources e.g. with Guests or Contributors who do not have full access, Admins and Users can create share links. When a user with limited privileges opens such a link while being logged in, their account will get read-only access to the shared resources. It will later also be possible to share content with other users directly through the web interface without creating links first.
Managing User Accounts
Admin Web UI
PhotoPrism® Pro includes a web user interface for account and session management. It allows you to conveniently manage user accounts and sessions when you log in as Admin and then navigate to Settings > Users.
 
CLI Commands
As an alternative to the web user interface, you can run the following commands in a terminal to perform tasks such as adding, viewing, editing and deleting user accounts:
| Command | Description | 
|---|---|
| photoprism users ls [search] | Searches existing user accounts | 
| photoprism users legacy [search] | Searches legacy user accounts | 
| photoprism users add [options] [username] | Adds a new user account | 
| photoprism users show [username] | Displays user account information | 
| photoprism users mod [options] [username] | Modifies an existing user account | 
| photoprism users rm [username] | Removes a user account | 
| photoprism users reset | Removes all accounts and resets the database | 
| photoprism passwd [username] | Changes the password required to log in | 
| photoprism passwd --rm [username] | Removes the password from a local account | 
Account Options
The users add and users mod commands support these flags to set or change account properties:
| Command Flag | Description | 
|---|---|
| --name NAME,-n NAME | full NAME for display in the interface | 
| --email EMAIL,-m EMAIL | unique EMAIL address of the user | 
| --password PASSWORD,-p PASSWORD | PASSWORD for authentication | 
| --role value,-r value | user account ROLE (admin, user, viewer, contributor or guest) (default: "user") | 
| --auth PROVIDER,-A PROVIDER | authentication PROVIDER (default, local, oidc, ldap or none) | 
| --auth-id ID | authentication ID e.g. Subject ID or Distinguished Name (DN) | 
| --attr ATTRIBUTES,-a ATTRIBUTES | custom user account ATTRIBUTES | 
| --superadmin,-s | make user super admin with full access | 
| --no-login,-l | disable login on the web interface | 
| --webdav,-w | allow to sync files via WebDAV | 
| --base-path value,-d value` | restrict search to this originals folder | 
| --upload-path value,-u value | upload files to this sub-folder | 
| --disable-2fa | deactivate two-factor authentication | 
Changing a Password
Running the following in a terminal changes the password of an existing user without affecting other account settings, e.g. if you cannot remember the currently set password or if there was a problem configuring the initial admin account (replace [username] with the username of the account you want to update):
photoprism passwd [username]Note that when you use Docker Compose and do not already have a terminal session open, you must prepend docker compose exec photoprism so that the command is executed within the photoprism container, for example:
docker compose exec photoprism photoprism passwd adminThe examples in our documentation use the new docker compose command by default. If your server does not yet support it, you can still use docker-compose or alternatively podman-compose on Red Hat-compatible Linux distributions.
Removing a Password
Changing the authentication of an existing account to a password-less provider like OIDC will not remove a previously set password, so it can still be used to log in (optionally also with 2FA).
If a local password has been set for such an account that should no longer be used, you can remove it by running the following command in a terminal:
photoprism passwd --rm [username]Creating a New Account
The command photoprism users add creates a new user account. For example, you could run the following to add a new admin with the username "bob" and the password "mysecret":
docker compose exec photoprism photoprism users add -p mysecret -n "Bob" bobIf you do not specify an initial password with the -p flag, you will be prompted to enter a password for the new account. Further account properties can be set with the flags listed above.
Viewing Account Details
To view the account properties of a specific user, use the show subcommand:
docker compose exec photoprism photoprism users show bobSearching User Accounts
To list all existing accounts, you can run the following:
docker compose exec photoprism photoprism users lsWith the photoprism users ls command, you can also find specific accounts based on a search term you provide:
docker compose exec photoprism photoprism users ls bobTo display a description and the available options for a command, use the --help flag:
docker compose exec photoprism photoprism users ls --helpSession Management
You can use the following terminal commands to create, inspect and, if necessary, delete access tokens for the authentication of browsers and other clients (including app passwords):
| CLI Command | Description | 
|---|---|
| photoprism auth ls [search] | Lists currently authenticated users and clients | 
| photoprism auth add [username] | Adds a new authentication secret for client applications | 
| photoprism auth show [identifier] | Shows detailed information about a session | 
| photoprism auth rm [identifier] | Deletes a session by id or access token | 
| photoprism auth reset --yes | Resets the authentication of all users and clients | 
In addition, login attempts can be viewed in the application service logs as well as with this command:
docker compose exec photoprism photoprism audit logins [search]PhotoPrism® Documentation
For more information on specific features, services and related resources, please refer to the other documentation available in our Knowledge Base and User Guide:
