There are four main user types in the platform:

  • Main user

  • Account management portal users (either the same as the main user or a newly create one)

  • Cloud management portal user (the same as the main user)

  • API users (setup from the cloud management portal)

The main user is the user you registered when signing up for the service. It will be an e-mail address, probably of the person that setup the account. The main user can be used to login to both the account management portal and the cloud management portal but cannot be used for either Horizon, the OpenStack terminal client or the API which all require an API user.

For more details, see information on each section below.

Account management portal

You are able to add users and contacts in the account management portal.

To add a user, from the home screen press “Update” under the “Your info” dialog to the right. Then press “User management” and finally “Invite new user”. Here you are able to select what permissions the new user should have in the account management portal or just go with all permissions. Input the users e-mail address and the user will get invited to register its login to the portal.


Users created in the account management portal are not synced to the cloud management portal, see below.

To add a contact (mainly usable if you want to for instance send invoices directly to a billing department, etc), from the home screen press “New contact” under the “Contacts” dialog to the right. You will get to choose what e-mails the new contact should recieve.

Cloud management portal

The cloud management portal has only one user (as opposed to the account management portal) which is the main user. It can login with its credentials directly or use single sign on. If you setup multiple users in the account management portal, each user will use single sign on to the main user in the cloud management portal.


Because you may want to limit access to your infrastructure to the essential personell, a good first step is to setup additional users in the account management portal and reserve the main login for those that need access to the infrastructure in the cloud management portal.

API users

In the cloud management portal, you are able to setup API users under “Access and Security” in the main menu. An API user is a native OpenStack Keystone user that has access to your project, you can use it in the OpenStack Horizon Dashboard or to connect to any of the OpenStack API endpoints. An API user, however, cannot login directly to the cloud management portal.


Provided you want to only use the Horizon interface or work via API, its possible to setup API users as personal users for the people managing the infrastructure. The main user should then be limited to the super admin which would use it, only to provision API users.