Sub-users let other people manage your server without ever touching your Falix account. You invite someone, tick the permissions they should have, and they get their own login that reaches only your server and only the parts you allowed. Open Sub-users from your server menu to add one.
| At a glance | |
|---|---|
| You need | A Falix server you own; the invitee's email address (a Falix account helps but isn't required) |
| Time | Ten minutes |
Invite someone
Enter an email address or a Falix username:
- An email with no Falix account gets an email invitation valid for 7 days. They sign up and accept it, and the account's email must match the one you invited.
- An existing account — by email or username — is added instantly and notified.
There are sensible limits so nothing gets out of hand: up to 10 pending invites per server, and 20 invites per day per person inviting.
What the invited person sees
If they already have a Falix account, your server simply appears in their server list the next moment they look — no steps needed. If they don't, they get an email with a link; they follow it, sign up or sign in, and press accept. One guard rail: they have to accept while signed in with the same email you invited, so a forwarded link can't be claimed by someone else. Either way, they land on your server with exactly the permissions you ticked — nothing more.
🎯 Good to know: A sub-user is scoped to this one server only. They can't see your billing, your account settings, or any of your other servers — those belong to your account, and a sub-user has their own account entirely. Sharing a server never shares your account.
Choose permissions
Permissions are grouped by the part of the panel they unlock. Tick only what the person needs:
| Group | Unlocks |
|---|---|
| Server Control | The console: send commands, start, stop, restart |
| Files | The File Manager and editor, including SFTP — also governs the Packages page (read to view dependencies, update to install them); no separate Packages permission |
| Databases | Create and manage databases |
| Backups | Create, restore, download, delete |
| Ports / Allocations | The server's ports |
| Startup | The startup variables and Docker image |
| Instances | The isolated profiles on the server |
| Settings | The Settings page |
| Schedules, Git, Activity, Monitoring, Firewall, Reverse Proxy, Support | Each unlocks its matching page |
| Sub-users | Manage other sub-users — hand this one out carefully; it lets someone invite others |
Each sub-user gets their own SFTP login, built from their own username, so file access is tracked per person and you never share one password. See Connect over SFTP for how that login works.
🎯 Good to know: If your account has two-factor authentication on, every sub-user change asks for your 2FA code to confirm — a nice guard against someone quietly adding accounts.
Presets worth copying
You don't have to invent a permission set from scratch. A few that work well:
- Co-owner — nearly everything: Server Control, Files, Backups, Databases, Settings, Startup, Schedules, Ports, Reverse Proxy. Someone you trust as much as yourself. (Leave Sub-users off unless they truly need to manage the team.)
- Moderator — Server Control only. They can run console commands (kick, ban, whitelist, restart) and watch the game, but can't touch files or settings. Perfect for community staff who keep the peace.
- Developer — Files, Git, and Startup. They can edit code, deploy from the repo, and adjust variables, without control over backups or settings.
💡 Tip: Start narrow — you can always tick more boxes later.
Revoke access
Open the sub-user's entry and remove them, or edit their permissions any time. The moment you do, their access to your server is gone — they keep their own Falix account, but your server drops off their list and their per-server SFTP login stops working. Nothing they touched (files, worlds, databases) leaves with them; it's your server.
See who did what
Every action a sub-user takes is recorded. The Activity page keeps an audit log — who did what, and when — filterable by category (Files, Server, Settings, Backups, Users, and more). That's the honest way to run a shared server: hand out access freely, and if something changes unexpectedly you can always trace back who changed it. It also makes the permissions above less scary to grant, because nothing anyone does is invisible.
Troubleshooting
- They never got the invite — no-account invites go out by email and expire after 7 days; check the address matches exactly, and have them look in spam.
- "Account email doesn't match" — an emailed invite must be accepted by an account using that same email. Invite their actual account email or username instead.
- They can see the console but not files (or vice-versa) — permissions are per group; tick Files for the File Manager, Server Control for the console.
- A change won't save — with 2FA on your account, each sub-user change needs your current 2FA code.