Users

On this Page
Docs Menu

The Users page lists all of the user accounts on your Looker instance. Users consist of two types:

  1. Regular (human) users who login via their email address and a password
  2. API users, which you use to access your Looker instance programmatically

Viewing and Searching Users

The table of users that appears on the page shows basic information about your users:

Column Definition
ID A user ID assigned by Looker at the time of user creation
Name The actual name of the user that they enter when they initially sign up
Credentials The user name of the user, which is an email address for normal users, and an API key for API users
Groups A list of groups that the user belongs to
Roles A list of roles assigned to the user
Actions Actions you can take for a user

You can sort the table by either the ID or Name column by clicking on those column’s headers.

You can also search the Name or Credentials column by entering a search term into the search box in the upper right, then pressing [Enter].

Adding Users

To add a user, simply click the Add Users or Add API User button in the upper left of the page.

Regular Users

If you choose to add regular users, you’ll be brought to a dialog where you can type or paste in a comma-separated list of email addresses, and select the roles that will be assigned to those users. Remember to click the Add Users button when you’re done to create the users and send sign-up emails (if you’ve chosen the Send setup emails checkbox).

API Users

If you choose to add an API user, the user is created immediately when you click the Add API User button, even if you don’t click the Save button in the following dialog. You’ll be brought to the edit screen for that user where you can see the API values you’ll need, and adjust other user settings as described below. When you’re done configuring the user, remember to click Save.

Editing Users

To edit a user, click the Edit button on the right hand side of their row. There you’ll be able to adjust many settings:

Account

Choose to enable or disable a user. You may want to consider disabling users in favor of totally deleting them.

First Name

The first name of the user, if applicable. You aren’t required to add a value here, but it is useful for organizational purposes.

Last Name

The last name of the user, if applicable. You aren’t required to add a value here, but it is useful for organizational purposes.

Email

The email address of the user. For regular users, this will serve as their username when they login. It is not required for API users.

Timezone

If you’ve configured user specific timezones on your Looker instance, you can select the timezone that will be used when this user runs a query in Looker.

Password

If you need to reset a password, you can send a reset link to the email address specified above by clicking the Send reset link button. The reset URL that is sent to the user will be displayed.

API 3 Keys

To generate API keys and turn this user into an API user, click the API 3 Keys button.

Individual Roles

Enables you to select the roles this user should have, if you want to assign roles individually. See the Roles page for more information on configuring roles, or the Permissions Management page for a broader discussion of Looker permissions.

We generally suggest assigning roles to groups instead of assigning roles directly to individual users.

Roles from Groups

If the user is assigned to any groups they may have inherited some roles from those groups. These roles are listed here.

Groups

Enables you to select the groups this user should belong to. Users can also be added to groups on the groups page.

Access Filter Fields

Access filter fields allow you to limit the data that a user will have access to. It requires several setup steps, including changes to your LookML. You can read about how to create these limits on the access_filter_fields page.

Deleting Users

To delete a user, click the Delete button on the right hand side of their row. You’ll receive a confirmation dialog before you delete the user. When you delete a user, all of their saved Looks, dashboards, and some detail from Looker’s usage history is deleted.

Deleting a user is irreversible. Consider your organization’s compliance and security needs before doing so. A great alternative is to edit the user account and disable it instead. This prevents a user from being able to login, but their information and content remain intact.

Impersonating (sudo-ing) Users

“Sudo” is a unix term that means to emulate the permissions of another user. When you sudo as a user (by clicking the Sudo button on the right hand side of their row), you can see what their experience of Looker is like. This is a good way to validate that you’ve properly configured permissions and other features. Sudo-ing is also a useful way to see a user’s LookML devleopment before they’ve committed and pushed their changes.

When you sudo you’ll see a bar at the top of the screen that warns you that you’re in a sudo-ed state, and that enables you to exit the sudo-ed state. Keep in mind that any changes you make while in this state will impact the user that you’re emulating.

Still have questions?
Go to Discourse - or - Email Support
Top