Users, Tenants & Permission Commands

This page covers users, orgs, tenants, subject domains, kanban resources, and authorization flows. It aligns most closely with hbi-user-mgmt, hbi-indicator-center, and hbi-permission.

user

Purpose: manage user accounts.

Common subcommands:

• list get
• create update delete
• enable disable
• reset-password
• roles

user-group

Purpose: manage user groups.

Common subcommands:

• list get
• create update delete

org

Purpose: manage org trees and external synchronization.

Common subcommands:

• list get get-by-code
• trees
• sync

user-attr

Purpose: manage user attributes.

Common subcommands:

• list get
• create update delete
• values

tenant

Purpose: manage tenants and tenant administrators.

Common subcommands:

• list get
• create update delete
• enable disable
• users
• engine-config
• reset-password reset-admin
• statistics

subject

Purpose: manage subject domains and the metrics attached to them.

Common subcommands:

• list show
• create update delete
• add-metrics remove-metrics
• toggle-online
• list-metrics
• tokenize

kanban

Purpose: manage analysis kanbans.

Common subcommands:

• list show
• create update delete duplicate
• add-metric
• export

permission

Purpose: inspect permissions in a read-only way.

Common subcommands:

• folder-list folder-get
• app-list app-get
• app-rules

authorize

Purpose: perform real grant and revoke actions.

Common subcommands:

• get
• grant
• revoke

For higher-risk authorization changes, it is still a good idea to pair this family with --dry-run.

Where to drill down next

Scenario	Start with
users and user groups	user / user-group
org trees and org sync	org
user attributes and value lists	user-attr
tenants, administrators, and engine config	tenant
subject domains and attached metrics	subject
kanban resources	kanban
inspect permissions in read-only mode	permission
perform real grant or revoke actions	authorize

When you need exact flags and examples, use that command tree's --help in the terminal.