See also: How to manage users

In Juju, a user is any person able to log in to a Juju controller.

Juju users are not related in any way to the client system users.

Users can be created in two ways: Implicitly by bootstrapping a controller into a cloud or explicitly by adding a user to a controller (juju add-user).

A user logs in to a Juju controller using a username and a password. The user created implicitly gets the username admin and is prompted to create a password the first time they attempt to log out. A user created explicitly gets the username assigned to them when being added (via juju add-user) and is prompted to create login details when they register the new controller with their Juju client.

A user’s username and password are entirely different from the credentials referenced in juju commands such as add-credential—those are about access to a cloud, whereas these are about access to a Juju controller.

Multiple users can be accommodated by the same Juju client. However, there can only be one user logged in at a time.

Every user is associated with an access level. The default level for the user created implicitly (admin) is the controller superuser access level, which means they can do everything at the level of the entire controller. The default level for a user created explicitly is the controller login level, which means they can do nothing on the controller other than register it with their client and log in to it – for anything more they must be granted a higher level explicitly.

See more: User access levels