Non-registered frontend users are referred to as visitors – this article is not about them (unless you want to register them as users).

Registered users are a core part of all modern web solutions. Almost everyone – from website administrators to customers – require or benefit from a user account. A user account generally consists of a username and a password, as well as a number of other (optional) fields and settings for storing data about the user. Users are typically placed inside one or more user groups, which can be used to organize users into e.g. customers, web editors, etc.

Users and user groups are managed from the Users area (Figure 1.2), which features:

  • A tree (1) for navigating between user groups and tools
  • A content pane (2) where content is displayed, in this case user lists & user details
Figure 1.2 The Users-area

User accounts can be created in several ways:

  • From the backend using the built-in tools of the Users area
  • From the frontend using the Extranet app
  • During an import from an external system

This section will focus on non-remote scenarios – integration is covered elsewhere.

To create new user accounts from the backend:

  • Go to the Users area
  • Right-click an existing user group and click New user in the context menu (Figure 2.1)
Figure 2.1 Click 'new user' to start creating a new user

After a user is created, the user details ({figueref}) are shown in the content pane – they consist of:

  • A ribbon bar with various user-related tools (1)
  • A set of user fields (2)
Figure 2.2 User details

Other user-related action – moving, deleting, deactivating, etc. – take place from the user list view.

A user account consists of a set of standard fields and optionally custom fields for storing data related to the user – at the very least a user name and a password (Figure 3.1).

Figure 3.1 The User Info fields

As you can see, you can never see the existing password – and we thoroughly recommend that you encrypt any password created from the backend. You can set up default password encryption under Settings > Control Panel > Users. You can also use the cogs-icon to generate a random password for a user.

If the user has a valid email in the email field, you can send them a password recovery email via the ’Send recovery mail’ link (Figure 3.2).

Figure 3.2 Password recovery emails

This action stores a recovery token on the user. In the email setup, select a page with an attached extranet app, and link the user to a sign-in page using RecoveryToken=[token] in the URL to load the password recovery template from the extranet app.

Below the user name and password fields is a long list of fields for storing information about the user. These are explained below – the fields containing simple string values are described with a ’-’.

The personal fields contain personal details about the user:










First name



Middle name



Last name




A valid email address

Use checkmark-icon to validate the format, domain, and mail server record.


An image

This image can be updated by the user via the extranet app

Email permission


If this field is false, the standard Dynamicweb Users recipient provider will not allow you to send emails to this user


Lists consents associated with the user

Consents can be used in conjunction with the email permission field to implement GDPR-compliant procedures

The Address and Phone fields contain information about contacting the user:







Address 2



House number



Zip code






State or region


Value should be a valid region code - e.g. CA and not California

Billing/Shipping country

Select a country

The default payment & shipping methods for the selected country will be used in place of the default country in the website settings




Phone (private)



Mobile phone






The Ecommerce fields contain data related to Ecommerce:




Customer number


Typically used to link users from the same company with each other, for use in e.g. the price matrix or a live integration.

External id


Typically used for linking the user with an external service, e.g. a CRM system, as a part of a user integration.


Select a currency

The selected currency overrules the default set in the website Ecommerce settings. Takes effect after logout & login.

Stock location

Select a stock location

The selected stock location overrules the default set in the website Ecommerce settings. Takes effect after logout & login.

Shop id

Enter a valid shop ID

Only present when the checkbox ’Include shop id in extranet login’ is checked in the Ecommerce settings. This checkbox is used to differentiate two otherwise identical users when they log into frontend.

The Work fields are used to store work-related information about the user.










Job title



Phone (business)



VAT reg number

A valid VAT number for the user’s country

A VAT reg number is an id used for tax purposes – in denmark this is called a CVR number, in Germany a Ust-ldNr, in the UK a VAT Reg No, and so on.

Reverse charge for VAT true/false Enables reverse VAT charges for this user

The Geolocation & Start Page fields can be used to store a geolocation for a user.





Latitude coordinates

Click the ’Show location on map’ button to manually select and save a set of coordinates.


The ’Get location from API’ button attempts to retrieve coordinates based on address information on the user.


Longitude coordinates

Click the ’Show location on map’ button to manually select and save a set of coordinates.


The ’Get location from API’ button attempts to retrieve coordinates based on address information on the user.



This setting indicates whether this is a custom location (set via ’show location on map’) or not (set via ’Get location from API’).


An image file

This image can be used to replace the standard maps marker when rendering geolocations on a map (this is automatic if the Maps app is used).

Start Page

Select a custom start page for this user


On some solutions, various System Fields are also present. These fields are generated by the system when various parts of the system are in use, e.g. certain tax providers for the US market. You may also have access to one or more custom user fields – these fields are typically used to store data from an external system.

Below these, a Groups selector allows you to manage group membership for this user – you can see which groups the user is a member of, and add or remove the user from user groups.

If the solution uses live integration an option for disabling live prices for this particular user is also present. This field is typically not managed via the backend, but set and removed from a remote system as a part of the integration.

Finally, you can see audit information related to the user:

  • Created on
  • Updated on
  • Created by
  • Updated by
  • Email permission updated on
  • Last login on

In the footer, you can see the User id.

The User ribbon bar contains several advanced or specialized tools and features which can be useful in some scenarios. These are described below.

A user account can have more than one address associated with it – they are accessed by clicking the Addresses button in the ribbon bar view (Figure 5.1).

This view lists all addresses associated with the user account (1), and also makes it possible to add more addresses to the list (2).

Figure 5.1 The addresses view

Both primary and secondary addresses can be edtited from frontend via the Extranet app set to the ’Edit Profile’ mode. You can set either of the addresses as the Default address and use this value to preselect it in the shopping cart in frontend.

Registered users are often heavily involved with the rest of the system – Ecommerce, Email Markeing, etc. – and in the ribbon bar (Figure 6.1) you can access information related to those parts of the system.

Figure 6.1 The user information buttons

Using the Information buttons you can:

At times, you may want to only provide a user with access to a website or the administration for a limited time. In those cases, you can use the Options tab to set a publication period on the user (Figure 7.1).

Figure 7.1 Accounts can be set to inactive after a certain time

When the publication period is up, the user will be set to be inactive.

There are three native user types in Dynamicweb, representing different levels of access to the solution.

  • Administrator
  • Admin
  • Default

Administrators and admins have backend access by default – but for default user you must provide them with explicit backen access using the allow backend login toggle in the ribbon bar (Figure 8.1).

Figure 8.1 Allow backend login

Admins have access to semi-critical settings such as:

  • General system and solution settings
  • Search index settings
  • Editor configuration settings
  • Customization of URLs
  • Security settings concerning spam and SQL injection etc.
  • Access to the Control panel – including advanced app settings
  • The ability to generate image URLs and Navigation XML

Administrators have access to all of the above plus:

  • Global settings
  • Upgrading the solution
  • Host header setup
  • Database tools

If your solution uses the new Permissions model introduced in Dynamicweb 9.4, there is no difference between admins and administrators; both use the permissions set for the system role Administrators.

Of course, you can always create an Admin group manually and provide it with permissions matching the old model.

Finally, you also have access to various other settings (Figure 9.1).

Figure 9.1 The user-specific custom settings are accessed by clicking the appropriate button in this menu

With these settings you can:

  • Select a custom editor configuration for the user.
  • Send the user details to someone
  • Allow (or disallow) backend login for the user
  • Open the impersonation window for the user
  • Select an item type to extend the user properties of this user with.

Most of these settings can also be configured on the group level – read more here.


These are the tables relevant for Users and User groups in the Dynamicweb database:


Contains all the users and groups in Dynamicweb

Field name Data type Length
AccessUserId int 4
AccessUserParentId int 4
AccessUserUserName nvarchar 255
AccessUserPassword nvarchar 255
AccessUserName nvarchar 255
AccessUserDepartment nvarchar 255
AccessUserEmail nvarchar 255
AccessUserPhone nvarchar 255
AccessUserFax nvarchar 255
AccessUserGroups nvarchar 255
AccessUserType int 4
AccessUserValidFrom datetime 8
AccessUserValidTo datetime 8
AccessUserPages nvarchar 255
AccessUserAreas nvarchar 255
AccessUserSettings nvarchar Max
AccessUserModules nvarchar Max
AccessUserInformation nvarchar Max
AccessUserMyFolder nvarchar 255
AccessUserAddress nvarchar 255
AccessUserAddress2 nvarchar 255
AccessUserZip nvarchar 255
AccessUserCity nvarchar 255
AccessUserCountry nvarchar 255
AccessUserJobTitle nvarchar 255
AccessUserCompany nvarchar 255
AccessUserPhonePriv nvarchar 255
AccessUserMobile nvarchar 255
AccessUserCustomerNumber nvarchar 255
AccessUserRedirectOnLogin nvarchar 255
AccessUserCurrencyCharacter nvarchar 3
AccessUserRead bit 1
AccessUserAdsiMap nvarchar 255
AccessUserPasswordDate datetime 8
AccessUserLastName nvarchar 255
AccessUserMiddleName nvarchar 255
AccessUserActive bit 1
AccessUserImage nvarchar 255
AccessUserBusiness nvarchar 255
AccessUserInitials nvarchar 255
AccessUserComment nvarchar Max
AccessUserLevel int 4
AccessUserInheritAddress bit 1
AccessUserWeb nvarchar 255
AccessUserSort int 4
AccessUserStatus int 4
AccessUserStatusBegin datetime 8
AccessUserStatusEnd datetime 8
AccessUserStatusComment nvarchar 255
AccessUserEditorConfigurationId int 4
AccessUserHideStat bit 1
AccessUserCartId nvarchar 50
AccessUserAllowBackend bit 1
AccessUserApprovalKey nvarchar 50
AccessUserShopId nvarchar 50
AccessUserExternalId nvarchar 250
AccessUserSortXML nvarchar Max
AccessUserGeoLocationLat float 8
AccessUserGeoLocationLng float 8
AccessUserGeoLocationIsCustom bit 1
AccessUserGeoLocationImage nvarchar 255
AccessUserGeoLocationHash nvarchar 32
AccessUserNewsletterAllowed bit 1
AccessUserCreatedOn datetime 8
AccessUserUpdatedOn datetime 8
AccessUserCreatedBy int 4
AccessUserUpdatedBy int 4
AccessUserEmailPermissionGivenOn datetime 8
AccessUserEmailPermissionUpdatedOn datetime 8
AccessUserState nvarchar 255
AccessUserVatRegNumber nvarchar 20
AccessUserDisableLivePrices bit 1
AccessUserLastLoginOn datetime 8
AccessUserPointBalance float 8
AccessUserAdministratorInGroups nvarchar Max
AccessUserTitle nvarchar 255
AccessUserFirstName nvarchar 255
AccessUserHouseNumber nvarchar 255
AccessUserLastOrderDate datetime 8
AccessUserPasswordRecoveryToken nvarchar 128
AccessUserPasswordRecoveryTokenExpirationTime datetime 8
AccessUserGroupSmartSearch nvarchar 50
AccessUserGroupSmartSearchLastCalculatedTime datetime 8
AccessUserExported datetime 8
AccessUserItemType nvarchar 255
AccessUserItemId nvarchar 255
AccessUserDefaultUserItemType nvarchar 255
AccessUserStockLocationID bigint 8
AccessUserCountryCode nvarchar 2
AccessUserAddressTitle nvarchar 255
AccessUser_VIPContactMail bit 1
AccessUser_ContentMarketingAndEcommerceDeveloperExpire datetime 8
AccessUser_C0Certified bit 1
AccessUser_C0CertifiedExpire datetime 8
AccessUser_C1Certified bit 1
AccessUser_C1CertifiedExpire datetime 8
AccessUser_C3Certified bit 1
AccessUser_C3CertifiedExpire datetime 8
AccessUser_C2Certified bit 1
AccessUser_C2CertifiedExpire datetime 8
AccessUser_C4Certified bit 1
AccessUser_C4CertifiedExpire datetime 8
AccessUser_DWEmployee bit 1
AccessUser_ErpSystem nvarchar Max
AccessUser_EmailAddressValid bit 1
AccessUser_NaceCode nvarchar Max
AccessUser_MVP bit 1
AccessUser_Owner nvarchar Max
AccessUser_ParentCountry nvarchar Max
AccessUser_PamNewsletter bit 1
AccessUser_ParentCategory nvarchar Max
AccessUser_ParentPartnerType nvarchar Max
AccessUser_PrimaryLineOfBusiness nvarchar Max
AccessUser_PartnerAccountNumber nvarchar Max
AccessUserUserAndGroupType nvarchar 255
DefaultPermission int 4
AccessUser_GDPRNewsletterConsent bit 1
AccessUser_GDPRNewsletterConsentTimestamp datetime 8
AccessUser_GDPRNewsletterConsentAcquiredBy nvarchar Max
AccessUser_FinancialInformation bit 1
AccessUser_C5Certified bit 1
AccessUser_C5CertifiedExpire datetime 8
AccessUser_C6Certified bit 1
AccessUser_C6CertifiedExpire datetime 8
AccessUserInformationSent datetime 8
AccessUserReverseChargeForVat bit 1
AccessUserProfileCreatedDate datetime 8


For users with multiple defined addresses extra addresses are defined here and linked via AccessUserId.

Field name Data type Length
AccessUserAddressId int 4
AccessUserAddressUserId int 4
AccessUserAddressType bit 1
AccessUserAddressCallName nvarchar 255
AccessUserAddressCompany nvarchar 255
AccessUserAddressName nvarchar 255
AccessUserAddressAddress nvarchar 255
AccessUserAddressAddress2 nvarchar 255
AccessUserAddressZip nvarchar 255
AccessUserAddressCity nvarchar 255
AccessUserAddressCountry nvarchar 255
AccessUserAddressPhone nvarchar 255
AccessUserAddressCell nvarchar 20
AccessUserAddressFax nvarchar 255
AccessUserAddressEmail nvarchar 255
AccessUserAddressCustomerNumber nvarchar 255
AccessUserAddressUId nvarchar 25
AccessUserAddressState nvarchar 255
AccessUserAddressIsDefault bit 1
AccessUserAddressExported datetime 8
AccessUserAddressPhoneBusiness nvarchar 255
AccessUserAddressDefaultAddressCustomFields bit 1
AccessUserAddressCountryCode nvarchar 2


Contains AccessUserId of users (AccessUserSecondaryRelationUserID) who can log in on behalf of other users (AccessUserSecondaryRelationSecondaryUserId) (i.e. Impersonate them).

Field name Data type Length
AccessUserSecondaryRelationUserId int 4
AccessUserSecondaryRelationSecondaryUserId int 4
AccessUserSecondaryRelationAutoId int 4


Contains definitions of custom fields on users

Field name Data type Length
CustomFieldSystemName nvarchar 50
CustomFieldTableName nvarchar 255
CustomFieldType nvarchar 50
CustomFieldName nvarchar 255
CustomFieldOptions nvarchar Max
CustomFieldSort int 4
CustomFieldAutoId int 4