A user is a resource that represents an individual person or entity for the purposes of access control. A user can be associated with zero or more accounts. A user authenticates to Boundary through an associated account and must be associated with at least one account before they can access Boundary.

A user is also a principal which allows it to be assigned to roles. A user receives all the permissions of the roles assigned directly to the user and all the permissions of roles assigned to groups the user is in.

Users can be defined at either a Global or Organization scope. A user can only be associated with accounts from an auth method configured in the same scope.


A user has the following configurable attributes:

  • name - (optional) If set, the name must be unique within the user's immediate parent scope.

  • description - (optional)

»Referenced By

»Service API Docs

The following services are relevant to this resource: