User Management

Last Updated: Feb 10, 2022
documentation for the dotCMS Content Management System

The Users tool in the System menu

There are two types of user logins in dotCMS: front-end and back-end.

Front-End User Accounts

Front end user accounts give access to restricted content and/or restricted sections of the front-end (public facing portion) of your site - very much like a traditional account login system used at many other sites.

You must create and manage front-end user accounts yourself, as appropriate for your implementation. Depending on how you implement front-end user accounts, you may collect and track certain user information, perform different types of authentication, and track specific logged in user's browsing habits within your site(s).

Back-End User Accounts

Back-end users are users who are able to login into the dotCMS back-end console. Back-end users are extended Permissions which give them access to tools used to add and modify content or otherwise change your site (as their permissions allow).

When you create a User account in dotCMS, you create a back-end user. Rights for back-end users are typically managed via user Roles.

Important Notes

  • For any user to create or make changes to user accounts, they must have the CMS Administrator role assigned.
  • The recommended way to create front-end user accounts is by creating a Custom Content Type to create and manage front-end user accounts.
    • This gives you full control over what information is collected and tracked, how users are authenticated, and what permissions users have to all content on your site.
    • This also provides the greatest security.
  • It is possible to provide front-end user accounts using regular dotCMS user accounts.
    • To do this, each front-end user account should be assigned a Role which has explicitly restricted access to the dotCMS back-end console (by eliminating rights to view all dotCMS back-end tabs).
    • However for security purposes it is strongly recommended that you create and maintain front-end user accounts separately from back-end User accounts.
      • This ensures that front-end users can never access the dotCMS back-end (even due to a configuration error), since front-end users will not have valid user accounts in the dotCMS back-end.

On this page


We Dig Feedback

Selected excerpt: