Multi-user mode transforms AnythingLLM from a personal AI assistant into a shared platform for your entire team. Once enabled, every person who accesses the instance must authenticate with their own username and password. An admin controls which workspaces each user can see and what actions they can perform. User activity is tracked individually, and daily message limits can be applied per account to manage costs.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Mintplex-Labs/anything-llm/llms.txt
Use this file to discover all available pages before exploring further.
Enabling Multi-User Mode
Enable multi-user mode
Toggle Multi-User Mode on. You will be prompted to confirm — this action migrates existing single-user data (chats, memories) to the admin account.
Roles and Permissions
AnythingLLM defines three roles. Every user is assigned exactly one role.| Capability | Admin | Manager | Default |
|---|---|---|---|
| Access all workspaces | ✅ | ✅ | ❌ |
| Create workspaces | ✅ | ✅ | ❌ |
| Delete workspaces | ✅ | ✅ | ❌ |
| Manage workspace documents | ✅ | ✅ | ❌ |
| Create users | ✅ | ✅ | ❌ |
| Delete users | ✅ | ❌ | ❌ |
| Change user roles | ✅ | ❌ | ❌ |
| Manage system settings | ✅ | ❌ | ❌ |
| Generate invite links | ✅ | ✅ | ❌ |
| Chat in assigned workspaces | ✅ | ✅ | ✅ |
| View their own chat history | ✅ | ✅ | ✅ |
Admin
Admin
Full access to everything: system settings, user management, workspace creation and deletion, LLM and embedding configuration, and all workspaces. There must always be at least one admin account.
Manager
Manager
Can manage workspaces and users but cannot change system-level settings (LLM provider, vector DB, API keys) or promote another user to admin. Suitable for team leads who need to onboard colleagues without having full system access.
Default
Default
Can only access workspaces they have been explicitly granted access to. They can chat, view their own history, and manage their own profile and memories. They cannot create or delete workspaces or manage other users.
Managing Users
- Create a user manually
- Invite link
Fill in details
Enter a username (lowercase, 2–64 characters, starting with a letter), password, and select a role.
Workspace-Level Access Control
In multi-user mode, Default users only see workspaces they have been explicitly granted access to. Admins and Managers can access every workspace regardless of explicit assignment. To grant a Default user access to a workspace:- Navigate to Settings → Users.
- Click the user you want to edit.
- Under Workspace Access, check the workspaces this user should be able to use.
- Click Save.
Daily Message Limits
You can cap how many LLM messages a single user can send per day. This is useful for controlling costs in shared environments.- Set
dailyMessageLimiton a user (via Settings → Users → Edit User) - Set to
nullto allow unlimited messages - The limit resets at midnight UTC
Password Recovery
If a user forgets their password, an admin can reset it from Settings → Users by editing the user and providing a new password. There is no self-service email-based recovery — password resets are always admin-initiated.Simple SSO Passthrough
For teams with an existing identity provider, AnythingLLM supports a Simple SSO mechanism that lets an external system log users in via a short-lived token. Enable it by setting theSIMPLE_SSO_ENABLED environment variable. Once enabled, your identity provider can call the /api/v1/users/:id/issue-auth-token API endpoint (with a valid API key) to obtain a temporary login URL for a user:
To disable the standard username/password login form entirely (so users can only log in via SSO), also set the
SIMPLE_SSO_NO_LOGIN environment variable. This prevents users from bypassing SSO by going directly to the login page.