Managing users is a very important aspect of running a Figshare for Institutions repository. Effectively managing users within your portal ensures streamlined and secure management of research outputs which, in turn, enhances the overall efficiency of data handling within your organisation. By maintaining well-organised user access and permissions, administrators can safeguard sensitive information, comply with institutional policies, and provide tailored support to various user groups. 

This document will outline how to create, view and manage users. If you have any questions or would like further guidance, please raise a support ticket and we will be happy to help.

Viewing users and user details

To view the users in your portal, navigate to the Administration area. The second tab is the ‘Users’ tab. This tab provides information on all users in your portal. By default twenty users are displayed. You can use the ‘show more’ button to extend the number of users displayed in the table. 

The users table displays a number of different user properties. 

Name - Displays the first and last name of the user. 

Group - Displays the Group that the user is associated with.

Projects - Displays the number of ‘Individual projects’ the user owns. This will not include any Group projects that the user is a collaborator on, even in the event that a user is a group owner (these are shown in the Groups tab).    

Storage - The first value displays the amount of date the user has used by uploading files and the second value displays the quota that the user has been allocated. The quota is the same value displayed to users in their ‘My data’ tab. 

Action - The actions menu provides options to impersonate a user and download a user report.

It is possible to search users by name using the search bar at the top of the page. The table can be sorted by these user properties. In the case of the ‘Group’ property you can filter the set of users based on the Group they belong to, so that you can quickly return the set of users that belong to a specific Group. 

Inactive users are greyed out and  be marked with a strikethrough symbol next to their name. These are users your institution has deactivated via whatever system your institution uses for managing user accounts (e.g. HR feed, SSO, manual). You can filter out inactive users by selecting “All users” and then “Active users”.

Creating accounts

There are three ways accounts can be created in Figshare: 

  • Accounts can be created through an HR Feed OR through first login via single sign-on (SSO). 

  • And/or accounts can be created manually.

Accounts must be managed using the method by which they were created. How accounts are created in your repository will be determined during implementation. However, you can create manual accounts at any point. More information about implementing an HR feed can be found in this support article.

Creating manual accounts via the API 

Creating manual accounts via the API is a method for easily creating manual accounts in cases where the HR Feed or account creation at first login processes are not suitable or possible. Any API client can be used for creating such accounts. Here we outline a simple and fast way of creating a manual account without the prerequisites of needing programming knowledge, by using the Figshare documentation - available at https://docs.figshare.com

Accounts can be created in this way on both staging (figsh.com) and production (figshare.com) environments. This document will refer only to the production environment. If your staging environment is needed, the API documentation resides under https://docs.figsh.com and the token needs to be generated from the staging institutional admin account. 

In order to manually create an institutional Figshare account, the following steps need to be followed:

  1. Generate a Personal Figshare token from an institutional Figshare account which has institutional administration privileges. This value can be retrieved by accessing the Account menu and selecting the ‘Applications’ option from the dropdown. You can find more on how a personal token is created in this support articleOnce the value is retrieved, please store it in a secure place, as you won’t have the chance to see it again.

  2. Open the Figshare API documentation on the ‘Create a new institutional account API’ endpoint page.

  3. Add the generated token to the Token section of the Figshare documentation page, available on the left-side corner of the page.

  4. Fill the Account section with the required information. A sample dictionary with the needed values that can be added for the new account creation is displayed on the Body Sample area (right-side menu), together with the Body Schema (this contains info such as whether the attribute is mandatory or not). A comprehensive description of these attributes is outlined here:

  • email - Mandatory value. Represents the email address of the account which will be created. The provided email address needs to be valid. 

  • first_name - Optional value. First name of the account owner. 

  • last_name - Mandatory value. Last name of the account owner. 

  • group_id - Optional value. Without being specified, the user is created at the top-level group. There are two ways into which the group id can be retrieved:

    • Using the API specific endpoint: By using the private account institution groups endpoint, available at https://docs.figshare.com/#private_institution_groups_list 

    • Through the Figshare administrator interface: by going to the configuration page for the group and getting the id from the URL.

  • institution_user_id - Optional value. This value is required if the login needs to be performed via a Single Sign-On service 

  • symplectic_user_id - Optional value. The Symplectic user id value associated with the account

  • quota - Optional value. The amount of quota which will be allocated to the newly-created account in bytes. Without specifying this param, the quota value will be 0

  • is_active - Optional value. Can have true and false values. By default, the true value is applied  

  1. Complete the creation process by pressing the ‘Try’ button, displayed under the ‘Parameters’ section. If the 201 status code is returned, the account has been successfully created. A list of the possible response message values is also displayed below the ‘Try’ button.

Login considerations 
If the account has been created via the API without the institution_user_id param, the forgotten password procedure needs to be used to create a password. 

If the account has been created using ‘first login via single sign-on’ or via a feed, with the institutional_user_id param, the login needs to be performed by pressing the ‘Login’ button on your institutional instance of Figshare. In this case, the forgotten password procedure is not needed.

Updating manual accounts
It is possible to update the ‘active/inactive’ status and the ‘group id’ values of a manual account using the ‘Private institution accounts update’ API endpoint. 
If there are any issues or concerns regarding this matter, don’t hesitate to contact us by submitting a support ticket on our platform or send us an email at support@figshare.com.

User report

Downloading individual user reports

You can produce reports on users from the user tab. Once you have located the user that you are interested in running a report on, click on the ‘Action’ menu and select ‘Download user report’, this will download a CSV file containing information on the user’s details and their overall figshare usage.  This report includes:

  • Profile details 

  • Details of Items, Projects, and Collections (and the associated views)

  • Quota details (allocated and used)

  • Views and Downloads 

  • Ongoing Submission details


Bulk downloading user reports 



You can also download user reports for a number of users at once. To download a report for multiple users, select all the users that you wish to include in the report. This will then reveal a dropdown where you can choose to “Download selected” this will download a user report for all the selected users, or “Download all”, this will download a user report for all users.


Impersonating Users

Impersonating users allows Administrators to access and operate as if they were logged in as that user. It enables Administrators to make amendments to metadata, troubleshoot, and edit or upload on behalf of a user. Administrators at the institution level can impersonate any user. Group Administrators and Group Owners can only impersonate users within their Group and not any subgroups. 

To impersonate a user (either active or inactive), select ‘Impersonate this user’ from the Actions menu. When impersonating a user you will be redirected to their ‘My data’ tab and a banner will indicate that you are impersonating a user. You can select ‘leave this account’ to stop impersonating the user. When impersonating a user, all the actions performed by the Administrator are added to the audit log. The actions will be attributed to the user rather than indicating that it has been performed by the Administrator.

Note: When an Administrator impersonates a user, Administrators are able to see confidential files. Therefore, if a file is highly confidential, we recommend that users upload a ‘metadata only’ record.