Stash is now known as Bitbucket Server.
See the

Unknown macro: {spacejump}

of this page, or visit the Bitbucket Server documentation home page.

Stash comes with an internal user directory already built-in that is enabled by default at installation. When you create the first administrator during the setup procedure, that administrator's username and other details are stored in the internal directory.

Stash Admins and Sys Admins can manage users and groups in Stash as described on this page. You can also set up Stash to use external user directories.

Note that:

On this page:

Creating a user

In the administration area, click Users (under 'Accounts') and then Create user (on the 'Users' screen)

Once you've created a user, click Change permissions to set up their access permissions.

See Global permissions for more information.

Creating a group

In the administration area, click Groups (under 'Accounts') and then Create group. Enter the name for the new group, and click Create group (again):

Now you can add users to your new group:

Adding users to groups

You can add users to groups in two ways:

  • add a particular user to multiple groups, from the user account page in the admin area.
  • add multiple users to a particular group, from the group's page.

From the user account

To add a user to a group from the user account page, go to Users in the Administration section, and use the filter to find the user:

On the account page for the user, click Add to Group to go to the list of available groups:

You can use the filter to find the group you want to add the user to. Hover to the right of the group name and click Add Group to make the user a member of the group.

Click Done when you have finished.

From the group page

To add a user to a group from the group's page, go to Groups (under "Accounts') in the administration area, and use the filter to find the group:

On the page for the group, click Add Users to go to the list of available users.

In the users list, use the filter to find a user. Hover to the right of the user's name and click Add user to make them a member of the group:

Click Done when you have finished.

Deleting users and groups

You can delete a user or group from Stash's internal user directory, or the external directory from which Stash sources users, such as an LDAP, Crowd or JIRA server.

When a user or group is deleted from such a directory, Stash checks to see if that user still exists in another directory:

  • If the user or group does exist in another directory, Stash assumes the administrator intended to migrate the user or group between directories and we leave their data intact.
  • If the user or group does not exist in another directory, Stash assumes the intent was to permanently delete them, and we delete the users permissions, SSH keys and 'rememberme' tokens.
  • If an entire directory is deleted Stash always assumes it is a migration and does nothing to clean up after users and groups.
  • Content which might be of historical interest (comments, pull requests, etc.) is not deleted when a user or group is. Only authentication, authorisation and data which serves no purpose to a user who can no longer log in is removed.
  • In some situations, reordering the directories will change the directory that the current user comes from, if a user with the same username happens to exist in both. This behaviour can be used in some cases to create a copy of the existing configuration, move it to the top, then remove the old one. Note, however, that duplicate usernames are not a supported configuration.
  • You can enable or disable a directory at any time. If you disable a directory, your configuration details will remain but Stash will not recognise the users and groups in that directory.
  • You cannot edit, disable or delete the directory that your own user account belongs to. This prevents administrators from locking themselves out of Stash, and applies to internal as well as external directories.
  • You cannot remove the internal directory. This limitation aligns with the recommendation that you always keep an administrator or sysadmin account active in the Stash internal directory, so that you can troubleshoot problems with your user directories.
  • You have to disable a directory before you can remove it. Removing a directory will remove the details from the database.
  • No labels