{ if (o) { formError = ''; formErrors = {}; focusFirstInput(); } }}> {#if isEditing} Edit user {:else} Add user {/if}
{#if formError} {formError} {/if} {#if user?.isSso}

SSO user - profile synced from identity provider

{/if}

User details

formErrors.username = undefined} /> {#if formErrors.username}

{formErrors.username}

{/if}
{#if !user?.isSso}

Password

{#if isEditing} {:else} {/if} formErrors.password = undefined} /> {#if formErrors.password}

{formErrors.password}

{/if}
{#if isEditing} {:else} {/if} formErrors.passwordRepeat = undefined} /> {#if formErrors.passwordRepeat}

{formErrors.passwordRepeat}

{/if}
{/if} {#if isEnterprise && isEditing && user && !user.isSso}

Two-factor authentication

MFA status

{#if user.mfaEnabled} User has MFA configured {:else} User has not configured MFA {/if}

{/if} {#if isEnterprise} {@const systemRoles = roles.filter(r => r.isSystem)} {@const customRoles = roles.filter(r => !r.isSystem)}

Assign roles to this user. Environment scope is configured on the role itself.

{#if systemRoles.length > 0}

System roles

{#each systemRoles as role} {@const isAssigned = formRoleAssignments.some(a => a.roleId === role.id)} {@const RoleIcon = getRoleIcon(role.name)} {/each}
{/if} {#if customRoles.length > 0}

Custom roles

{#each customRoles as role} {@const isAssigned = formRoleAssignments.some(a => a.roleId === role.id)} {@const envCount = role.environmentIds?.length ?? 0} {@const isGlobal = role.environmentIds === null} {@const RoleIcon = getRoleIcon(role.name)} {/each}
{/if} {#if roles.length === 0}
No roles defined yet
{/if}
{:else}

All users have full access to all environments.

Upgrade to Enterprise for role-based access control.

{/if}
{#if isEditing} {:else} {/if}