Accounts & Profiles

Understanding the distinction between Accounts and Profiles is fundamental to configuring and managing your UNA community effectively. UNA employs a unique architecture where these two concepts are separate yet interconnected. This separation provides enhanced security, flexibility, and allows users to maintain multiple community identities under a single login.

  • Account: Represents the core user record used primarily for authentication (logging in) and system identification. Think of it as the key to the building.
  • Profile: Represents a user's identity or persona within the community frontend. Think of it as the specific office or role someone has inside the building.

This guide explains how Accounts and Profiles work, their relationship, how different profile types emerge, and how you, as an Operator, manage their configuration within UNA Studio, with a specific focus on the global settings affecting all accounts.

Understanding Accounts

An Account is the central record associated with each registered user on your UNA platform. It's the anchor for a user's interaction with the system at a technical level.

Key Characteristics of Accounts:

  1. Authentication Hub: The primary purpose of an Account is to authenticate a user, verifying their identity via email/password, social login, or other configured methods.
  2. Core User Record: Each Account has a unique ID (account_id), stores the primary email address, encrypted password, status (active, pending, suspended), creation date, and last login information.
  3. Security Boundary: Account-level settings like email confirmation status, two-factor authentication (if enabled), and password policies apply directly to the Account.
  4. Operator Status: The crucial "Operator" flag, granting access to UNA Studio, is tied to the Account, not a Profile.
  5. Profile Container: An Account acts as a container that can hold one or multiple associated Profiles.

Operator Perspective: Accounts are primarily managed for authentication, status control, and security settings within Studio. Individual account management occurs in the Accounts app, while global rules are set in Studio > Settings > Global > Account.

Understanding Profiles

A Profile represents how a user appears and interacts within the community frontend. It's their public or semi-public face, the entity that creates content, joins groups, and connects with others.

Key Characteristics of Profiles:

  1. Community Identity: This is the name, avatar, cover image, and detailed information users share with the community.
  2. Content Ownership: All content created (posts, photos, comments, etc.) is associated with a specific Profile, not directly with the Account.
  3. Interaction Point: Profiles connect with other Profiles (friending, following), join Contexts (Groups, Events), receive notifications, and engage with content.
  4. Membership Level Association: Each Profile is assigned a Membership Level (defined in Studio > Permissions) which dictates what that specific identity can see and do on the site.
  5. Type-Dependent: The nature and available fields of a Profile depend on its Type (e.g., Personal, Organization). Profile Types are determined by the specific Profile Modules installed on your site.

Operator Perspective: While direct editing of profile content (like changing a name or bio) is usually done by the user or a frontend Admin/Moderator, the structure and rules governing profiles (fields, permissions, types) are configured by the Operator in Studio.

The Account-Profile Relationship: One Account, Multiple Profiles

A core strength of UNA is that one Account can be associated with multiple Profiles. This 1:N (one-to-many) relationship offers significant advantages:

  1. Flexibility: Users can maintain different personas (e.g., a personal identity and a business identity) under a single login, easily switching between them.
  2. Security: The login credentials (Account) are separate from the community identities (Profiles). Compromising one profile doesn't automatically compromise the core account or other profiles linked to it.
  3. Role Separation: A user might have a standard 'Personal' Profile for social interaction and an 'Organization' Profile for representing their company, each with potentially different Membership Levels and permissions.
  4. Simplified Management: Users manage only one set of login credentials for all their community interactions.

Example: Jane Doe signs up, creating an Account (jane.doe@email.com).

  • She first creates a 'Personal' Profile named "Jane D".
  • Later, using the same Account login, she creates an 'Organization' Profile named "Doe Corp Marketing".
  • She can switch between interacting as "Jane D" or "Doe Corp Marketing" from her user dashboard on the frontend.

Profile Types (People, Organizations, etc.)

The types of Profiles available on your UNA site are determined by the specific Profile Modules you have installed and enabled via Studio > Apps Market.

  1. Personal Profiles (bx_persons module): Represents individual people. Managed via the "People" app.
  2. Organizational Profiles (bx_organizations module): Represents businesses, institutions, etc. Managed via the "Organizations" app.
  3. Custom Profile Types (Advanced/Development): Possible via custom modules.

Operator Perspective: You control which profile types are available by installing/uninstalling the corresponding modules. The fields available for each type are configured via Studio > Forms.

Managing Accounts in Studio (Operator Tasks)

Operators manage individual Accounts through the Accounts app within UNA Studio (Studio > Accounts) and set the global rules affecting all accounts via Studio > Settings > Global > Account.

Managing Individual Accounts (Studio > Accounts)

  • Viewing & Searching Accounts: Find users by email, ID, status.
  • Managing Account Status: Set accounts to Active, Pending, or Suspended.
  • Manual Email Confirmation: Force-confirm an account's email if needed.
  • Viewing Associated Profiles: See which Profiles belong to an Account.
  • Assigning Operator Status: Grant/revoke Studio access (Operator Roles are managed in Studio > Roles).
  • Account Export Tool: Export user data.

Configuring Global Account Settings (Studio > Settings > Global > Account)

This crucial section defines the default behavior and rules for all accounts on your site. Settings are grouped below based on function:

Registration & Activation

  • Automatic account activation after creation: (Checkbox) If checked, new accounts become active immediately after registration, bypassing any confirmation steps. If unchecked, activation depends on the 'Account is confirmed when' setting.
  • Account is confirmed when: (Dropdown) Determines what triggers an account's confirmed status. Common options include:
    • email is confirmed: User must click a link sent to their email.
    • admin approves: An operator/admin must manually approve the account (requires additional workflow/module).
    • instantly: Confirmation happens immediately (use with caution, minimal verification).
  • Disable join form: (Checkbox) If checked, completely disables the standard registration/sign-up form on your site. Useful if you only allow registrations via invitations or social login.

Profile Association & Limits

  • Automatic profile creation from account name: (Checkbox) If checked, UNA attempts to automatically create a default profile (using the type selected below) based on the information provided during account registration (e.g., using the username part of the email). If unchecked, users are typically prompted to create their first profile after logging in.
  • Default profile type: (Dropdown) Selects the type of profile (e.g., 'Persons', 'Organizations') that is created by default, either automatically (if the above setting is checked) or when a user manually creates their first profile. This depends on which profile modules are installed.
  • Limit number of profiles: (Number) Sets the maximum number of profiles a single account can create. Enter 0 for no limit. Setting this to 1 effectively removes the multi-profile capability for users.
  • Hide profiles which have unconfirmed account: (Checkbox) If checked, profiles linked to accounts that haven't met the confirmation requirement (e.g., email not verified) will not be visible on the frontend site.

Security & Login

  • Enable 2 Factor Authentication: (Checkbox) Enables Two-Factor Authentication for accounts. This usually requires an integration module (like Twilio) to be installed and configured for sending codes via SMS or authenticator app.
  • 2FA code lifetime, in seconds: (Number) If 2FA is enabled, this sets how long the generated code is valid. 0 might imply the code is sent upon each login attempt rather than having a timed validity (verify specific module behavior).
  • Max number of logins attempts: (Number) Sets the maximum number of failed login attempts before an account is temporarily locked or requires additional verification. Enter 0 for no limit (less secure).
  • Reset password key lifetime (in seconds): (Number) Defines how long the link sent to a user's email for resetting their password remains valid. (e.g., 259200 seconds = 3 days).
  • Number of stored old passwords: (Number) Specifies how many previous passwords the system should remember for a user. If set to a value greater than 0 (e.g., 5), users cannot reuse their last 5 passwords. 0 means no password history is stored.
  • Force password change after password expiration: (Checkbox) If checked, and if password expiration rules are configured elsewhere (often tied to Membership Levels or security policies), users will be required to change their password after it expires.
  • Disable login form: (Checkbox) If checked, disables the standard email/password login form. Useful if you only want users to log in via social providers or SSO.
  • Allow to use plus sign ('+') in email address: (Checkbox) Allows users to register with email addresses containing a plus sign (e.g., user+tag@domain.com), often used for filtering emails. Enabling this increases flexibility but check compatibility if integrating with systems that don't support it.
  • Default value for 'Remember me' feature: (Checkbox) Sets whether the "Remember me" checkbox on the login form is checked by default.

Account Maintenance (Pruning)

  • Accounts pruning: (Section with Checkboxes) Allows you to enable automatic cleanup rules for inactive or incomplete accounts. Options typically include:
    • Delete accounts with no login within N days: Removes accounts that haven't logged in for the specified period.
    • Suspend accounts with no login within N days: Temporarily disables inactive accounts instead of deleting them.
    • Delete accounts which didn't confirm email within N days: Removes accounts that failed to verify their email address within the specified period after registration.
    • Delete accounts which didn't created any profiles within N days: Removes accounts that registered but never created a profile to participate.
  • Accounts pruning period (in days): (Number) Sets the value 'N' (number of days) used in the pruning rules selected above. Caution: Use pruning rules carefully. Ensure users are adequately warned (if possible) before deletion, and consider the implications for data retention policies.

Redirection & User Experience

  • Online status timeframe (minutes): (Number) Defines how long (in minutes) a user is considered 'online' in presence indicators after their last activity on the site.
  • Redirect after reset password to: (Dropdown) Determines where users are sent after successfully resetting their password. Options usually include 'Home page', 'Login page', 'Dashboard', or 'Custom Page'.
  • URL for 'Custom Page' redirect (Password Reset Context): (Text Input) If 'Custom Page' is selected above, enter the specific URL path (e.g., /welcome-back) where users should be redirected after a password reset.
  • Redirect after profile switch to: (Dropdown) Determines where the user is taken after switching between their different profiles. Options often include 'Current page' (stay where they are), 'Dashboard', or 'Custom Page'.
  • URL for 'Custom Page' redirect (Profile Switch Context): (Text Input) If 'Custom Page' is selected for profile switching, enter the URL path here.

Managing Profiles in Studio

Operators configure the structure, rules, and types of Profiles via Studio.

  1. Configuring Profile Fields (Studio > Forms): Edit forms like "Person Profile Add/Edit/View" or "Organization Profile Add/Edit/View".
  2. Assigning Default Membership Levels (Studio > Permissions).
  3. Managing Profile Modules (Studio > App Store).
  4. Configuring Module-Specific Settings (Studio > Settings > [Profile Module Name]).
On This Page