Bulk Import

You can create or import users in bulk via the web portal interface using our Bulk Create option within the Users page.

You can download an example CSV file, which you can modify and use for your import. Once you have your CSV file populated according to the template and legend, upload the CSV file from your local file system and then begin the import process.

The system will validate your file and show you any data errors that need to be corrected before your user import can be processed.

Supported Data for Bulk Import File

To bulk import files, you will upload a CSV-formatted file that contains the data for each new user you wish to add. The table below lists each available column.

Column NameDescriptionAcceptable Values
usernameThe login name for the new userRequired - Can be any text
authentication_methodHow the user's credentials are created.password (default), password_with_imported_hash, email_signup, password_and_ssh_key, or any enabled SSO provider (see below)
passwordThe new user's password. Only valid if the authentication_method is passwordAny text that matches your site's password rules
password_validity_daysHow many days a password is valid before the user is required to change it. This overrides the site-wide setting.Any whole number or 0. Can also be blank if not overriding the site-wide setting
require_password_changeShould the user be forced to change their password when the log in the first time?Y or N
require_login_byWhen the user must login for the first time, or be automatically disabled.Text containing a date in ISO 8601 format (YYYY-mm-ddTHH:MM:SS followed by offset from UTC) Example: 2026-03-14T13:27:01-04:00
emailThe user's email address. Required if authentication_method is email_signupA valid email address
full_nameThe user's full name.Text containing at least 2 words separated by a space
companyThe name of the user's associated companyAny text
group_idsWhich groups this user is a member ofComma-separated list of groups. Can be any combination of group names or numeric group IDs.
site_adminIs this user an administrator (who has full access to the entire site and its settings)?Y or N
self_managedDoes this user manage its own credentials (i.e., is NOT a bot/shared user)?Y or N. Can only be Y if authentication_method is email_signup
notesAny notes about this user. Will be visible to all site admins on the users page.Any text
time_zoneWhat time zone the user is inThe time zone name
root_folderRoot folder for FTP (and optionally SFTP if the appropriate site-wide setting is set.) Note that this is not used for API, Desktop, or Web interface.

Text containing a valid path to a folder the user has permission to access, e.g. Customers/ACME or Sales. Does not need leading or trailing slashes.

When a user with a root folder logs in via FTP and the path does not exist (because it has been deleted), it will be automatically created, but the user will not have permissions to the folder.

home_folderStarting folder location for FTP or SFTP. Not used for API, Desktop, or Web interface.

Text containing a valid path to a folder the user has permission to access, e.g. Customers/ACME or Sales. Does not need leading or trailing slashes.

Must be located within the root folder, if user has a root folder.

ip_whitelistA list of IP addresses the user is allowed to connect from.Text containing the IP addresses in CIDR format, separated by newline (\n) characters. You may specify a range in CIDR format, such as 192.168.1.0/27.

Example: 13.115.185.197
13.211.6.58
192.168.17.0/27

If using a spreadsheet program to generate your CSV, make sure you're adding newline characters rather than typing \n in the cell. In Excel, this is done with Alt+Enter or Option+Return.
enforce_ip_whitelistShould this user be required to connect from a site-allowed IP address? If Y, then the "Bypass site IP whitelist" setting for the user will be disabled. If N, then the "Bypass site IP whitelist" setting will be enabled. If the user has their own ip_whitelist configured (see above), that list will still be valid even if this field is set to N.Y or N
ssl_requiredWhether the user is required to use TLS or SSL when connecting via FTP. If this is set to Y, the user cannot connect with an unencrypted FTP connection.Y or N. If left blank, will use the site-wide setting.
access_expiration_dateScheduled Date/Time at which user will be deactivatedText containing a date in ISO 8601 format (YYYY-mm-ddTHH:MM:SS followed by offset from UTC) Example: 2027-03-14T13:27:01-04:00
ftp_permissionWhether the user is permitted to connect via FTP or FTPSY or N
sftp_permissionWhether user can connect via SFTPY or N
dav_permissionWhether user can connect via WebDAV?Y or N
restapi_permissionWhether user can connect via the web UI, Desktop App, or the REST API?Y or N
folder_permissionsPermissions to automatically assign to new usersText containing a list of folders and permissions, separated by pipe symbols (|), to assign to the newly created user.

SSO Providers Authentication Methods

Assign new users to an SSO Provider that is already configured for your site by providing the corresponding authentication_method value.

SSO ProviderValue
Atlassianatlassian
Auth0auth0
Azure Active Directoryazure
Boxbox
Dropboxdropbox
Idaptiveidaptive
Active Directory/LDAPldap
Oktaokta
OneLoginonelogin
SAML (Other Provider)saml
Slackslack

Bulk Import with Folder Permissions

Automatically assign folder permissions to users with the folder_permissions column of the import file. Supply a list of folders and permissions, separated by pipe symbols, to be assigned to the user.

Possible Permission Values

Use the permission values from the table below to limit what actions the user can take for each folder.

ValueDescription
adminCan manage settings for the folder
fullCan read, write, move, delete, and rename files and folders
readonlyCan list and download files and folders
writeonlyCan upload files and create folders
readwriteShorthand for readonly,writeonly
listCan list files and folder, but not download
bundleCan share files and folders via Share Link
historyCan view history of files and folders and create their own email notifications

Example

Sales=readonly|Engineering=readwrite,history|Home/Adam=admin

This defines 3 permissions: Sales=readonly, Engineering=readwrite,history and Home/Adam=admin. The user will be given Read-Only permission on the /Sales folder, Read/Write and History permissions on the /Engineering folder, and Admin permission on the /Home/Adam folder. If any of those folders do not exist, they will be created automatically.

Advanced Usage Notes

Use a slash for the folder name to specify the Root Folder, for example: /=readonly. If a folder name contains a vertical bar, for example Sales|North-America, the vertical bar must be escaped with a preceding backslash: Sales\|North-America=readonly.

If site_admin is enabled for the user, then the value of folder_permissions is ignored, because site administrators have admin access to all folders.

Permissions are applied recursively to all sub-folders. To limit a permission to the specified folder name and not its sub-folders, add an asterisk * after the permission value. For example: Home=admin*

Bulk Import vs Auto Provisioning

Using the bulk import feature to create users is helpful when you are first implementing your Files.com site, and you have many existing users you wish to create. Bulk import can only create new users; it cannot modify existing users nor remove them.

An SSO Provider that supports automatic user provisioning and de-provisioning makes this process even simpler, and can update users and their group memberships.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.