New User fields not editable for non admins

simonflick · May 14, 2025, 1:52pm

Hi,

I have updated a Directus instance to 11.6.1, where the new permission model was introduced.

There was also an issue with one of the new fields (“external identifier”). The workaround is to enter something, save, delete the value and save again.

But our customer can’t do that. Their accounts are not admin users and the new fields “policies”, “provider” and “external identifier” are greyed out.

I went into their access policy and checked all the new fields but they are still greyed out. Is it by design that non admins cannot edit these fields?

I can give them admin access but I would prefer to have another solution.

bryantgillespie · June 14, 2025, 2:47pm

Hi there! Welcome to the community

The external identifier field is specifically used for single sign-on (SSO) functionality in Directus.

By default, non-admin users don’t have permissions to edit these SSO-related fields for security reasons. This includes:

External identifier
Provider fields
Other authentication-related metadata

Not great if regular users can just adjust their own permissions to do whatever they want.

All that said you can adjust this sort of stuff if you like. Just edit the access policy that you’re assigning to the role for those users.

Topic		Replies	Views
/uses/me or /users/{id} didn't include policies in 11.8.0? Help	2	23	June 23, 2025
Directus user read permissions on specific users Help	1	23	May 21, 2025
Creation permission based on relation? Help	4	19	June 29, 2025
Using Directus permissions and access policies in existing Node backend Help	1	52	April 30, 2025
SSO with Directus Cloud Help authentication	1	20	June 13, 2025

New User fields not editable for non admins

Related topics