New User fields not editable for non admins

Hi,

I have updated a Directus instance to 11.6.1, where the new permission model was introduced.

There was also an issue with one of the new fields (“external identifier”). The workaround is to enter something, save, delete the value and save again.

But our customer can’t do that. Their accounts are not admin users and the new fields “policies”, “provider” and “external identifier” are greyed out.

I went into their access policy and checked all the new fields but they are still greyed out. Is it by design that non admins cannot edit these fields?

I can give them admin access but I would prefer to have another solution.

1 Like

Hi there! Welcome to the community :waving_hand:

The external identifier field is specifically used for single sign-on (SSO) functionality in Directus.

By default, non-admin users don’t have permissions to edit these SSO-related fields for security reasons. This includes:

  • External identifier
  • Provider fields
  • Other authentication-related metadata

Not great if regular users can just adjust their own permissions to do whatever they want.


All that said you can adjust this sort of stuff if you like. Just edit the access policy that you’re assigning to the role for those users.