User Management
Centralised hub for managing all system users, approving new registrations, configuring roles, and maintaining user information.
1 What's on this page
The User Management page displays comprehensive user information across three main tabs: Users (active users register), Pending Users (registration approvals), and User Fields (custom field configuration). The page supports powerful filtering, role assignment, password management, and user activation controls.
What you see here
- Users tab: Complete register of active and deactivated users with details, roles, and management actions
- Pending Users tab: New registration requests awaiting approval with approval/rejection controls
- User Fields tab: Custom field configuration for capturing additional user information
- Search and filters: Quick search by name, email, employee number, plus advanced filtering by roles and positions
- Active/Deactivated toggle: Switch between viewing active users and deactivated user accounts
- Role assignment: Visual role badges with direct access to role allocation
- Password management: Reset password functionality for user accounts
- User creation: Add new users directly or approve pending registrations
Who uses this page
- System administrators: Staff responsible for user account management and system access
- IT support: Technical staff who handle user access issues and password resets
- HR administrators: Human resources personnel managing staff onboarding and offboarding
- Security officers: Staff responsible for access control and user permissions
Critical permission required: This page requires full user management permissions. Only authorised administrators can access this page. Unauthorised access attempts will display a "Not Authorised" message.
Security responsibility: User management actions directly affect system security and access control. Always verify user identity before approving registrations or making account changes. Follow your organisation's security policies for user management.
Page layout
The page is organised into three distinct tabs:
Users
Main register showing all active or deactivated users with complete details, role assignments, and management controls. Toggle between Active and Deactivated views to manage user lifecycle.
Pending Users
Registration requests awaiting approval. A badge with count appears on the tab when pending users exist. Review details, assign roles, and approve or reject registrations.
User Fields
Configure custom fields for capturing additional user information beyond standard fields. Define field types, labels, validation rules, and visibility settings.
2 Approve pending user registrations
When new users register for Musket accounts, their registration requests appear in the Pending Users tab awaiting administrator approval. Review each request, assign appropriate roles, and approve or reject the registration.
Review pending registrations
- Navigate to Pending Users tab: Click "Pending Users" in the tab bar. A badge shows the count of pending requests.
- Review user details: Check the user's name, email address, request date, and request method (Registration or Manual request).
- Verify identity: Confirm the registration is legitimate and the user should have access to your system.
Assign roles before approval
- Click the role allocation button: Button shows a badge with the current role count (typically 0 for new registrations).
- Select appropriate roles: In the role allocation window, select all roles that should be assigned to the user.
- Save role assignments: Click Save to assign the roles. The badge updates to show the assigned role count.
Tip: Hover over the role allocation button to see a preview of assigned roles. You can assign roles before or after approval, but it's recommended to assign roles before approving to ensure proper access on first login.
Approve the registration
- Click the Approve button: Green approval button in the Approve column.
- System activates account: User account is activated and moved to the Active Users register.
- User receives notification: An email is sent to the user confirming account approval and providing login instructions.
Result: The user can now log in to Musket with their registered credentials. They will have access to features permitted by their assigned roles.
Reject a registration (when needed)
- Click the Reject button: Red rejection button in the Reject column.
- Provide rejection reason: In the rejection window, enter a clear reason for rejection (required).
- Confirm rejection: Click Reject to complete the action.
- System sends notification: The user receives an email notification with the rejection reason.
Note: Rejected registrations are removed from the pending list and the user must re-register if they require access in the future.
Security best practice: Always verify the legitimacy of registration requests before approval. Check with your HR department or the requesting user's manager if you're unsure about a registration. For external users or third-party access, follow your organisation's verification procedures.
3 Add a new user manually
Administrators can create new user accounts directly without requiring self-registration. This is useful for onboarding staff who haven't self-registered, or for creating accounts on behalf of users.
Create the user account
- Click "Add new user" button: Button appears in the top-right of both Users and Pending Users tabs.
- Complete user details section:
- Name fields: Enter first name, surname, and optionally middle names
- Gender and date of birth: Select gender and enter date of birth
- Email address: Enter and confirm the user's email address (required)
- Identity documents: Enter national identity number and/or passport number
- Nationality: Select the user's nationality from the dropdown
- Contact details: Enter phone number and residential address
- Employee details: Enter employee number and employment start date
- Add crew/staff details (if applicable):
- Select crew positions if the user is flight crew or cabin crew
- Select endorsed aircraft types
- Assign base locations
- Set staff-specific fields like seniority and initials
- Complete additional details: Fill in any custom user fields configured in the User Fields tab.
- Save the user: Click Save at the bottom of the window.
Assign roles and activate
After creating the user account:
- Find the user: New user appears in the Pending Users tab or Active Users tab depending on configuration.
- Assign roles: Use the role allocation button to assign appropriate roles (see "Assign roles before approval" section above).
- Set initial password: Use the Reset Password button to set the user's initial password (see "Reset a user password" section below).
- Activate if needed: If the user appears as pending, approve the account following the approval workflow.
Email confirmation: When you save a new user, Musket sends an automatic email notification to the user's email address. Ensure the email address is correct before saving. The user will receive login instructions and password setup information.
4 Edit user details
Update existing user information when details change, such as contact information, employment status, or crew qualifications.
Steps to edit
- Locate the user: Use search or filters to find the user in the Active Users or Deactivated view.
- Click the Edit button: Pencil icon button in the first column (only available for active users).
- Modify fields as needed: Update any user details, crew assignments, or additional fields.
- Save changes: Click Save to apply the updates.
Result: User details are immediately updated in the system. Changes affect the user's profile, crew assignments, and available system features.
Cannot edit deactivated users: User details can only be edited while the account is active. To update a deactivated user's information, first reactivate the account, make the changes, then deactivate again if needed.
5 Assign or modify user roles
Roles control what features and pages users can access in Musket. Each user can have multiple roles assigned. Modify role assignments when a user's responsibilities change or when correcting initial role assignments.
Assign roles to a user
- Locate the user: Find the user in the Active Users list or Pending Users tab.
- Click the role allocation button: Button with user icon and badge showing current role count.
- Select roles: In the role allocation window, tick the checkboxes for all roles this user should have.
- Review role implications: Hover over role names to see which permissions each role grants.
- Save role assignments: Click Save to apply the role changes.
Result: The user's role count badge updates immediately. Changes take effect on the user's next page load or login. They will gain access to features permitted by the new roles and lose access to features no longer permitted.
View assigned roles
See which roles are currently assigned to a user:
- Assigned Roles column: Shows truncated role names. Full text appears if you hover over role badges.
- Role count badge: Number on the role allocation button indicates how many roles are assigned.
- Hover for details: Hover over the role allocation button to see a popover with full role list.
Role assignment best practice: Assign only the roles necessary for the user's job function. Excessive permissions increase security risk. Review role assignments periodically to ensure they remain appropriate. When users change positions, update their roles accordingly.
6 Reset a user password
Reset passwords when users forget their credentials or when you need to set an initial password for newly created accounts.
Reset the password
- Locate the user: Find the user in the Active Users list.
- Click the Reset Password button: Key icon button in the Reset Password column.
- Enter new password: In the reset password window, enter the new password twice for confirmation.
- Review password requirements: Password must meet security requirements (displayed in the window).
- Confirm reset: Click Save to reset the password.
Result: The user's password is immediately changed. They can log in using the new password. The system does not send an automatic email with the new password—you must communicate the new password to the user through a secure channel.
Security reminder: Never share passwords via insecure channels like email or messaging apps. Communicate new passwords to users verbally or through secure channels. Advise users to change the password immediately after their first login. For sensitive accounts, consider requiring password change on next login.
7 View login history
Track when users accessed the system for security auditing and troubleshooting access issues. Login history records each time users access Musket from any platform, including browser logins and mobile app launches.
Access login history
- Locate the user: Find the user in the Active Users list.
- Check Last login column: Shows the most recent login date and time in UTC.
- Click login history button: Clock icon button next to the last login timestamp (only appears if login events exist). Badge shows total login event count.
- Review login events: Window displays a table of all recorded login events with timestamps and source information.
Understanding login sources
The login history table includes a Source column that identifies where each login occurred:
Browser
Standard web browser login to the Musket portal. Includes desktop browsers and mobile web browsers accessing the main Musket website.
Mobile App
Login from the Musket Mobile App (Android or iOS). Recorded each time a user opens the mobile app with network connectivity in normal user mode (not Aircraft Mode).
Login tracking: Login history helps verify account activity and identify unusual access patterns. If a user reports they cannot log in but login history shows recent successful logins, investigate for account sharing or credential compromise.
Source tracking: Use the Source column to distinguish between browser and mobile app usage. This helps with user support (understanding which platform users primarily use), security monitoring (detecting unusual access patterns across platforms), and usage analytics.
8 Deactivate or reactivate users
Deactivate user accounts when staff leave the organisation or no longer require system access. Reactivate accounts if users return or access is reinstated.
Deactivate a user
- Locate the user: Find the user in the Active Users list.
- Click the Deactivate button: Red ban icon button in the last column.
- Confirm deactivation: System may prompt for confirmation before deactivating.
Result: The user account is immediately deactivated. The user can no longer log in to Musket. The account moves to the Deactivated view. All user data and history are preserved and can be viewed by switching to the Deactivated view.
Note: You cannot deactivate your own account. The deactivate button is disabled for your account with a tooltip explanation.
Reactivate a user
- Switch to Deactivated view: Select the "Deactivated" radio button to view deactivated users.
- Locate the user: Find the user in the Deactivated Users list using search or filters.
- Click the Activate button: Green activate button in the last column.
- Confirm reactivation: System may prompt for confirmation.
Result: The user account is reactivated and moved back to Active Users. The user can log in immediately using their previous credentials. All previous role assignments, details, and history are restored.
Deactivation vs deletion: Musket deactivates user accounts rather than deleting them. This preserves all historical data, audit trails, and associations with flights, reports, and other records. Deactivated users can be reactivated if they return to the organisation.
9 Search and filter users
Quickly locate specific users or groups of users using search and advanced filtering options.
Quick search
Search by user details
Use the search box at the top of the page to find users by:
- Name: First name, surname, initials, or middle names
- Contact: Email address or phone number
- Identifiers: Employee number, identity number, or passport number
- Staff details: Any searchable staff information
Click the information icon next to the search box to see all searchable fields. Results update automatically as you type. Search is debounced (waits 500ms after you stop typing) for performance.
Advanced filters
Click to expand the filter section for more targeted searches:
Role filters
Filter by system roles assigned to users. Select multiple roles to show users with any of the selected roles. Useful for finding all users with specific permissions or responsibilities.
Crew position filters
Filter by crew positions (Captain, First Officer, etc.). Shows only users endorsed for the selected positions. Useful for crew management and scheduling tasks.
Aircraft type filters
Filter by aircraft types that users are endorsed on. Shows only users with endorsements for the selected aircraft. Helpful for identifying qualified crew for specific aircraft.
Country filters
Filter by nationality or associated countries. Useful for compliance reporting, nationality-based crew requirements, or geographic crew distribution.
Combining filters: Search and filters work together. Apply multiple filters simultaneously to narrow results. Clear filters using the filter controls or clear all button. Active filters persist while navigating between Active and Deactivated views.
10 Export user data
Generate reports containing user details for external analysis, compliance reporting, or record-keeping.
Generate staff details export
- Click the export button: Chart icon button in the top-right of the Users card (left of the "Add new user" button).
- Select report type: The report generation window opens showing "User Access And Policies Report" options.
- Configure export settings:
- Section filter: Select which Musket sections to include (leave blank for all sections)
- Staff members: Select specific users (leave blank to include all active non-system users)
- Roles: Select specific roles (leave blank to include all roles and their users)
- Generate report: Click Generate and Preview Report to create the report.
- Download or view: Export to Excel or PDF using the export buttons above the preview.
Result: Export includes user access permissions and policies for the selected users and roles. The report displays access levels color-coded (green for Full/Edit, blue for View, white for No Access), with each cell indicating which role grants the access or if it's a direct assignment.
Quick access from User Management: The User Access And Policies Report is accessible directly from this page for convenience when reviewing user permissions. You can also access this report from the Analytics & Exports page or from the Role Management page.
Generate other staff reports
For comprehensive staff details exports beyond access policies:
- Navigate to Administration → Analytics & Exports
- Find and open "Staff Details All Export" from the reports library
- Configure export settings to include personal information, contact details, employment details, and custom fields
- Generate and download the export
Export privacy: User exports may contain sensitive personal information. Handle export files according to your organisation's data protection policies. Restrict access to exported data and delete exports when no longer needed.
11 Configure custom user fields
The User Fields tab allows you to define additional fields for capturing custom user information beyond the standard fields. Configure field types, labels, visibility, and validation rules.
Add a custom user field
- Navigate to User Fields tab: Click "User Fields" in the tab bar.
- Click Add Field button: Opens the field configuration window.
- Configure field properties:
- Field label: User-friendly name displayed in forms
- Field type: Text, number, date, dropdown, checkbox, etc.
- Required: Whether the field must be completed
- Visibility: Who can see and edit this field
- Validation rules: Constraints on acceptable values
- Save the field: Click Save to add the field to user forms.
Result: The new field appears in the "Additional details" section of the Add/Edit User window. The field is available immediately for all users.
Edit or delete custom fields
Modify existing custom fields or remove fields that are no longer needed:
- Edit: Click the edit button next to the field, modify properties, and save changes.
- Delete: Click the delete button next to the field. Confirm deletion when prompted.
Note: Deleting a custom field removes it from user forms and may delete existing data. Consider deactivating fields instead of deleting them to preserve historical data.
Custom field use cases: Use custom fields to capture organisation-specific information like cost centres, departments, clearance levels, training certifications, or any other user attributes relevant to your operation. Keep field labels clear and provide help text for complex fields.
12 Field reference
Detailed explanation of all standard fields available in user records.
Personal information fields
| Field | Purpose | Required? | Notes |
|---|---|---|---|
| First name | User's given name | Yes | Used in display names and communications |
| Surname | User's family name | Yes | Used in display names and official documents |
| Middle names | Additional names | No | Optional, used for formal identification |
| Gender | User's gender identity | No | Used for reporting and crew configurations |
| Date of birth | User's birth date | No | Used for age-related compliance and reporting |
| Email address | Primary contact email and login username | Yes | Must be unique. Used for system notifications and password reset |
| National identity number | Government-issued ID number | No | For formal identification and compliance |
| Passport number | International travel document number | No | Important for international crew operations |
| Nationality | User's country of citizenship | No | Used for visa requirements and crew nationality compliance |
| Phone number | Primary contact phone | No | Used for emergency contact and notifications |
| Residential address | User's home address | No | Used for correspondence and official documents |
Employment fields
| Field | Purpose | Required? | Notes |
|---|---|---|---|
| Employee number | Unique employee identifier | No | Links to HR systems and payroll |
| Employment start date | Date user commenced employment | No | Used for seniority calculations and reporting |
System fields (automatic)
| Field | Purpose | Updated by |
|---|---|---|
| Last login (UTC) | Most recent login timestamp | System (automatic on login) |
| Assigned roles | Security roles granting permissions | Administrators via role allocation |
| User status | Active or Deactivated | Administrators via activation controls |
13 Understanding user roles
Roles are collections of permissions that determine what features and pages users can access in Musket. Each user can have multiple roles, and their effective permissions are the combination of all assigned roles.
How roles work
Role-based access control
- Multiple roles per user: Users can have several roles simultaneously, each granting different permissions.
- Additive permissions: If any assigned role grants access to a feature, the user can access it.
- Role labels: Each role has a descriptive label indicating its purpose (e.g., "Flight Crew", "Operations Manager").
- Immediate effect: Role changes take effect on the user's next page load or login.
Common role scenarios
Crew members
Flight crew and cabin crew typically need roles for viewing their roster, accessing flight briefings, submitting reports, and updating personal documents. Combine crew-specific roles with general user access roles.
Operations staff
Operations managers need roles for flight planning, crew scheduling, dispatch, and oversight functions. May also need reporting and analytics roles for operational monitoring.
Administrators
System administrators require comprehensive roles including user management, system configuration, and full administrative access. Typically the highest level of permissions in the system.
External users
External users or third-party personnel may need limited roles for specific tasks like submitting reports, viewing documentation, or accessing specific modules. Keep external user permissions minimal.
Role management best practice: Assign roles based on job function, not individual preferences. Create standard role combinations for common positions. Document which roles are required for each position in your organisation. Review role assignments quarterly to ensure they remain appropriate.
14 Troubleshooting
Common issues and solutions
Cannot see pending users tab
Cause: Full user management permissions are required to access pending users.
Solution: Verify you have the correct user management permissions assigned. Contact your system administrator if you should have access but cannot see the tab.
User cannot log in after approval
Possible causes:
- User doesn't have any roles assigned (system prevents login)
- User's email address was entered incorrectly
- User hasn't received the approval notification email
- Password hasn't been set or user doesn't know their password
Solution: Check the user has at least one role assigned. Verify email address is correct. Use Reset Password to set a known password and communicate it to the user through a secure channel.
Cannot deactivate a user
Cause: You're trying to deactivate your own account, which is not permitted.
Solution: Ask another administrator to deactivate your account if necessary. This security measure prevents accidental self-lockout.
User's name displays incorrectly
Cause: Name fields may have extra spaces, incorrect capitalisation, or missing values.
Solution: Edit the user's details and correct the name fields. Remove any leading/trailing spaces. Ensure first name and surname are entered correctly.
Role assignments not taking effect
Cause: Role changes require the user to refresh their page or log in again.
Solution: Ask the user to refresh their browser or log out and log in again. Role permissions are loaded at login time and page load.
Cannot find a specific user
Possible causes:
- User is deactivated and you're viewing active users
- Active filters are excluding the user
- User is still pending approval
- Search term doesn't match user's details exactly
Solution: Clear all filters and check both Active and Deactivated views. Try searching by different fields (email, employee number, name). Check Pending Users tab if they may not be approved yet.
Email confirmation not received
Possible causes:
- Email address was entered incorrectly
- Email is in spam/junk folder
- Organisation's email system is blocking Musket emails
- Email service is experiencing delays
Solution: Verify the email address in user details. Ask the user to check spam folders. Contact IT support to ensure Musket emails are not being blocked. Use Reset Password to allow the user to access the system without waiting for the email.