Invenio user management and authentication.


  • User and role management.

  • User registration, password reset/recovery and email verification.

  • Administration interface and CLI for managing users.

  • Session based authentication with session theft protection support.

  • Strong cryptographic password hashing with support for migrating password hashes (including Invenio v1.x) to new stronger algorithms.

  • Session activity tracking allowing users to e.g. logout of all devices.

  • Server-side session management.

  • JSON Web Token encoding and decoding support useful for e.g. CSRF-protection in REST APIs.

Invenio-Accounts relies on the following community packages to do all the heavy-lifting:

Further documentation is available on

User’s Guide

This part of the documentation will show you how to get started in using Invenio-Accounts.

API Reference

If you are looking for information on a specific function, class or method, this part of the documentation is for you.

Additional Notes

Notes on how to contribute, legal information and changes are here for the interested.