{{define "title"}}{{.Title}}{{end}} {{define "content"}} {{$page := .Page}}
Dashboard/ Settings/ Users/ {{if eq $page.Mode "new"}}new{{else if eq $page.Mode "setup-link"}}setup link{{else}}{{$page.Username}}{{end}}

{{if eq $page.Mode "new"}}New user {{else if eq $page.Mode "setup-link"}}Setup link for {{$page.Username}} {{else}}Edit {{$page.Username}}{{end}}

{{/* Re-enable banner — fires when the admin tried to add a user whose name already exists in a disabled state. We were redirected here from /settings/users/new with ?reenable=1. */}} {{if and $page.Reenable $page.Disabled}}
Username already exists (disabled)

A user with this name was created previously and then disabled. Re-enable them to restore access (their existing role + email are kept), or pick a different name.

Pick a different username
{{end}} {{if eq $page.Mode "setup-link"}} {{if eq $page.Error "expired"}}
Link expired or already used

This user's setup token is no longer valid. Open their Edit page and click Regenerate setup link to issue a new one.

Open edit page
{{else}}

Send this link to the user. It expires at {{absTime $page.SetupExpAt}} UTC (~1 hour from now). This is the only time you'll see it — if you lose it, regenerate from the Edit page.

{{$page.SetupURL}}
Done
{{end}} {{else}} {{/* new + edit form. */}} {{if and (eq $page.Mode "edit") (eq $page.AuthSource "oidc")}}
This user is provisioned via OIDC. Username, role, and email are managed by your IdP and refreshed on each sign-in. Disable / Enable / Force logout still work locally.
{{end}}
Lowercased automatically.
{{if $page.Error}}
{{$page.Error}}
{{end}}
Cancel
{{if eq $page.Mode "edit"}} {{/* Side actions: regenerate setup link, disable / re-enable, force logout. */}}
Other actions
{{if ne $page.AuthSource "oidc"}}
{{end}}
{{if $page.Disabled}}
{{else}}
{{end}}
{{end}} {{end}}
{{end}}