- Home
- Skills
- Cameronapak
- Bknd Skills
- Bknd Create User
bknd-create-user_skill
2
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill cameronapak/bknd-skills --skill bknd-create-user- SKILL.md11.8 KB
Overview
This skill shows how to create new user accounts in Bknd programmatically and via the admin UI. It covers seed functions, server-side createUser(), SDK/REST registration, data API admin creation, and role assignment best practices. Use it to reliably provision users with correct password hashing and role configuration.
How this skill works
The skill inspects available methods for user creation and explains when to use each: seed functions run once on an empty DB and are ideal for initial admins; app.module.auth.createUser() handles server-side creation and hashes passwords; the client SDK and REST endpoints allow self-registration and return a JWT; the data API can create records but requires pre-hashed passwords. It highlights configuration options for registration, password hashing, and roles.
When to use it
- Seed function: create initial admin/test accounts on first deploy.
- Server-side createUser(): programmatic provisioning inside plugins, flows, or endpoints.
- SDK/REST registration: allow frontend user sign-ups with automatic login token.
- Admin panel: one-off manual user creation by non-technical admins.
- Data API (admin): bulk or managed creation when you supply hashed passwords.
Best practices
- Use createUser() or SDK registration to ensure passwords are properly hashed.
- Create initial admins in a seed function so they exist on first startup.
- Define roles in config before assigning them to new users.
- Set a strong JWT secret and use bcrypt in production for hashing.
- Avoid writing plain passwords via the data API; never store plain text passwords.
Example use cases
- Seed an admin account during deployment with ctx.app.module.auth.createUser().
- Register a new user from React using api.auth.register and persist the returned token.
- Create managed users as an admin via api.data.createOne when importing pre-hashed credentials.
- Provision users programmatically in a custom endpoint using app.module.auth.createUser({email,password,role}).
- Update additional profile fields after registration by calling the data API to avoid exposing extra fields during signup.
FAQ
No. The data API requires pre-hashed password values. Use createUser() or the registration endpoints to ensure hashing.
How do I assign roles on registration?
Self-registration uses auth.default_role_register. For custom roles on programmatic creation, pass role in createUser() and ensure the role exists in auth.roles.
When does a seed function run?
Seed functions run only on first startup when the database is empty, making them ideal for initial admin user creation.