Table of Contents
In Kanboard there are two types of users:
|Local User||User that stores his password in Kanboard’s database|
|Remote User||User credentials are managed by another system (Example: LDAP server)|
Examples of remote users:
Each Kanboard user has one of these roles:
|Administrator||Access to everything|
|Manager||Can create team projects but cannot change application settings|
|User||Can create private projects only|
Each individual team project can assign a different role to each user and group:
|Project Manager||Can change project settings, access to the Gantt chart and reports|
|Project Member||Can create tasks and use the board|
|Project Viewer||Read-only access to the board and tasks|
Custom project roles can be created to apply a set of restrictions to the users.
In Kanboard, each user can be a member of one or many groups. A group is like a team or an organization.
Only administrators can create new groups and assign users.
Groups can be managed from User management > View All Groups. From there, you can create groups and assign users.
Each project manager can authorize the access to a set of groups from the project permissions page.
The external id is mainly used for external group providers. Kanboard provides an LDAP group provider to automatically sync groups from LDAP servers.
To add a new user, you must be an administrator.
When you create a local user, you have to specify at least those values:
For remote users, only the username is mandatory.
When you go to the users menu, you have the list of users, to modify a user click on the edit link.
From the users menu, click on the link remove. This link is visible only if you are an administrator.
If you remove a specific user, tasks assigned to this person will be unassigned after the operation.
Each user can enable the two-factor authentication. After a successful login, a one-time code (6 characters) is asked to the user to allow access to Kanboard.
This code has to be provided by a compatible software usually installed on your smartphone or a different device.
Kanboard use the Time-based One-time Password Algorithm defined in the RFC 6238.
There are many software compatible with the standard TOTP system. For example, you can use these applications:
This system can work offline and you don’t necessarily need to have a mobile phone.
A new secret key is generated each time you enable/disable this feature.