Skip to main content

Administration

Operating an Erde installation comes down to two questions: who can do what, and how the system is configured. This section covers both — the accounts and roles that govern access, the settings that tune authentication, email, file storage, and integrations, the license the server requires, and the shared lookups every other area depends on.

Most of this work is reserved for the Administrator role and lives under the Administration area (route /admin), which only Administrators can open. The exception is reference data, which Data Stewards (Administrators and Data Managers) curate from the separate Reference Data area (route /reference-data).

In this section

  • The administration dashboard — the Admin landing page: installation statistics, license status, system health, the audit summary, and storage use.
  • Users and roles — create accounts and assign the four global roles (Administrator, Data Manager, Manager, Staff); lock, reset, and delete users from Administration → User Management.
  • Manage your account — self-service for any signed-in user: update your own profile, change your password, and set your notification preferences (distinct from the admin-only user management above).
  • Permissions and scoping — how the four authorization policies and per-Site/per-Project membership roles combine to decide access, plus the role-by-action matrix.
  • System settings — the Email, Authentication, File Storage, and Integrations tabs under Administration → System Settings. The Integrations tab holds the optional ArcGIS API key that enables the map views across the product: the Map analysis tool, the Home dashboard map, and the Map tabs on Sites and Locations.
  • Configure single sign-on — enable and set up Windows or OpenID Connect (OIDC / Entra ID) sign-in, covering both what to configure on your identity provider or Windows domain and the settings in Erde.
  • Licensing — activate and renew the license Erde requires; what happens when it is missing or expired, and how to manage it from setup, the Administration area, or the command line.
  • Managing reference data — curate the shared catalogs (Analytes, Methods, units, Matrices, and more) that the rest of the system draws from; a job for Data Stewards.
  • Audit logs — review the system audit trail under Administration → System Audit Log, which records who changed what and when.
  • Seed and clear demo data — load a realistic evaluation dataset and later clear it; an Administrator task under Administration → Demo Data.
Two layers of access

Global roles decide what a user can do across the whole installation. Per-Site and per-Project membership roles decide what they can do on specific records. Permissions and scoping explains how the two fit together.

For the concepts behind this section — the role model and how records are scoped — see Users, roles, and permissions in Core Concepts. For installing and running the server itself, see Deployment.