Roles and Permissions
| Role | View Shared | View Private | View Library | Download | Upload | WebDAV | Full Access |
|---|---|---|---|---|---|---|---|
| admin | optional | ||||||
| user | optional | ||||||
| viewer | except private | except private | |||||
| contributor | uploaded | shared & uploaded | upload path | optional | |||
| guest | shared | ||||||
| visitor | shared |
Sharing Between Users
To share resources e.g. with Guests or Contributors who do not have full access, Admins and Users can create share links. When a user with limited privileges opens such a link while being logged in, their account will get read-only access to the shared resources. It will later also be possible to share content with other users directly through the web interface without creating links first.
Standard Account Roles
Admin
Admins have unrestricted access to all pictures, albums, and settings.
Regular Admins can lose their privileges due to an intentional or accidental role change. However, accounts with the optional "superadmin" status (can be set with the -s flag) retain their admin privileges even if they are assigned a non-admin or invalid role. This is to prevent them from locking themselves out.
When Super Admins change settings such as the language or theme, these automatically become the default settings for other users, unless they have explicitly made a different choice. In addition, global feature flags can only be changed by Super Admins.
User
Users have full access to the library and can view, edit, and delete all pictures and albums. Unlike Admins, Users cannot view or change the Library and Advanced Settings, only personal preferences such as theme, language, and password. In addition, their WebDAV access can be disabled. Future releases may include more ways to customize user privileges, e.g. with individual account attributes.
Viewer
Viewers are similar to regular Users, except that they do not have write access to the library and cannot see content that has been archived or marked private. They also cannot upload/import files or trigger indexing. Like all registered users, Viewers can change and save personal preferences such as theme, language, and password.
Contributor
Contributors have read-only access (view and download) to the resources that are in their configured base path, and to the albums that an admin or regular user has shared with them via a link (see below). The Contributor role does not have access to the entire library, but does have the right to upload files to the directory specified as the upload path. Contributors can also change their personal user preferences such as theme, language, and password.
Guest
Guests do not have access to the entire library. They only have read access (view and download) to the resources that are in their configured base path (if any) and to the resources that other users have shared with them, e.g. via a link. Guests can also change personal settings such as theme, language, and password.
Visitor
Visitors cannot be added manually. This special role is tied to a system account that represents anonymous users who use links to view albums or other content that has been shared with them. Visitors can only access these resources and cannot log in with a username or password. They also cannot retain their personal settings for longer than their browsing session lasts.
We will be happy to provide you with configuration recommendations and information on customization options as needed.
User Management Commands
Local user accounts can be added, modified, and deleted by running the following commands in a terminal:
| CLI Command | Description |
|---|---|
photoprism-pro users ls [search] |
Searches existing user accounts |
photoprism-pro users legacy [search] |
Searches legacy user accounts |
photoprism-pro users add [options] [username] |
Adds a new user account |
photoprism-pro users show [username] |
Displays user account information |
photoprism-pro users mod [options] [username] |
Modifies an existing user account |
photoprism-pro users rm [username] |
Removes a user account |
photoprism-pro users reset |
Removes all accounts and resets the database |
Adding and Changing Accounts
You can combine the add and mod subcommands with these flags to set or change account properties:
| Command Flag | Description |
|---|---|
--name NAME, -n NAME |
full NAME for display in the interface |
--email EMAIL, -m EMAIL |
unique EMAIL address of the user |
--password PASSWORD, -p PASSWORD |
PASSWORD for authentication |
--role value, -r value |
admin, user, viewer, contributor or guest (default: "user") |
--attr ATTRIBUTES, -a ATTRIBUTES |
custom user account ATTRIBUTES |
--superadmin, -s |
make user super admin with full access |
--no-login, -l |
disable login on the web interface |
--webdav, -w |
allow to sync files via WebDAV |
--base-path value,-d value` |
restrict search to this originals folder |
--upload-path value, -u value |
upload files to this sub-folder |
For example, you could do the following to add a new user account with the username "bob" and the password "mysecret":
docker compose exec photoprism photoprism-pro users add -r user -p mysecret -n "Bob" bobNote that our guides now use the new docker compose command by default. If your server does not yet support it, the old docker-compose command will still work.
Users of Red Hat Enterprise Linux® and compatible Linux distributions such as CentOS, Fedora, AlmaLinux, and Rocky Linux can substitute the docker and docker compose commands with podman and podman-compose as drop-in replacements.
Viewing Account Details
To see all account properties of a particular user, use the show subcommand:
docker compose exec photoprism photoprism-pro users show bobSearching User Accounts
To list all existing accounts, you can run the following:
docker compose exec photoprism photoprism-pro users lsThis command can also filter the result if you provide a search term as argument:
docker compose exec photoprism photoprism-pro users ls bobTo display a description and the available options for a command, use the --help flag:
docker compose exec photoprism photoprism-pro users ls --helpPhotoPrism® Documentation
For detailed information on specific product features, services, and related resources, see our Knowledge Base, or read the User Guide for help using the web user interface:
