When you create a new website, a good security measure is to not use a default 'admin' user to log into Episerver. It is a much better practice to give each content editor their own individual log-in. One common issue developers face when setting up new users for the first time, is that those accounts get blocked from logging in. If you find yourself in the same boat, read on.
Why Can't My Episerver User Log-in?
In order to create a valid Episerver account, you need three things. First, you need to go into the Episerver admin UI and create a user. That user will also need to be assigned to the correct role before they log in. After a fresh Episerver installation, some of these roles are not added by default, so it's very easy to forget to include them 🤪🤪🤪
The two roles you specifically need with Episerver are
CmsAdmin roles. I always forget this, so on most projects, I tend to waste 10 minutes wondering why the new accounts I just created don't work. The manual way of adding roles is to go into the Episerver admin UI and go to the 'Administrator Roles' page. Click the 'Add' button and add the roles manually.
Manually adding config kinda sucks, especially if you want to create tear-up scripts so you can build a website from scratch. A better approach is to add the roles in a custom start-up script (initialization module). This can be done using this snippet:
This code is hopefully pretty obvious to understand. If the roles don't exist yet in the database, it creates it. You can run this snippet on the application start without worrying that it will break anything. After you've done this, you need to add a user to the group, like so:
Usually on a new build, if your Episerver SQL users can't log in, it's because you've forgotten to add the roles. As you have seen you can add the roles in code or via the admin UI. Once a user has a valid role they should be able to log in! Happy Coding 🤘