YetaWF Documentation



A Superuser has complete authorization and can perform any available action without restrictions. Superuser status should be assigned to users carefully. Permissions for pages, modules and resources can be assigned to users and roles without providing Superuser status.

When YetaWF is installed, a Superuser (with login super@user, password SuperuserPassword) is automatically added. The name of the Superuser should be changed after installation and secured with a new password.

Default Login: super@user / SuperuserPassword

After installing YetaWF, the Superuser login should be changed. The login name is defined in your AppSettings.json file (see below). The password can be changed by logging in as the Superuser and selecting User > Change Password.

Additional Superusers can be defined using Admin > Panel > Identity Settings > Users tab (standard YetaWF site) by adding a new user and assigning the Superuser role. The default Superuser cannot be deleted.

The default (main) Superuser is defined in the YetaWF instance's AppSettings.json.


    "P": {
      . . .
      "YetaWF_Identity": {
        . . .
        "SuperUserName": "super@user",
        . . .

When changing the Superuser's name (default super@user), you must update the AppSettings.json file used whe deploying the site to match.

If the Superuser is somehow deleted or not working, please see Panic Mode - I Can't Log In for information how to recover.