If you are an administrator of a Wildfly server, you may need to add new users to the server for authentication and authorization purposes. This short tutorial will teach you how to Add a management user with WildFly Application Server.
The add-user.sh script is a command-line tool that allows you to add new users to Wildfly, including specifying their roles and credentials. this script is in the JBOSS_HOME/bin folder.
Launch the script:

- Select the default option βaβ to add a Management user.
- This user will belong to the ManagementRealm. Therefore it will be able to perform management operations using the web-based Admin Console or the CLI (command-line interface). The other choice, b, adds a user to the ApplicationRealm,
- Enter the username and password.
- Then, enter group information.
- Add the group or groups to which the user belongs. If the user belongs to multiple groups, enter a comma-separated list. Leave it blank if you do not want the user to belong to any groups.
- Review the information and to confirm type yes.
Here is a transcript which summarizes these steps:
$ ./add-user.sh
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Using realm 'ManagementRealm' as discovered from the existing property files.
Username : admin123
Password recommendations are listed below. To modify these restrictions edit the add-user.properties configuration file.
- The password should be different from the username
- The password should not be one of the following restricted values {root, admin, administrator}
- The password should contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), 1 non-alphanumeric symbol(s)
Password :
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]:
About to add user 'admin123' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'admin123' to file '/home/francesco/jboss/wildfly-16.0.0.Final/standalone/configuration/mgmt-users.properties'
Added user 'admin123' to file '/home/francesco/jboss/wildfly-16.0.0.Final/domain/configuration/mgmt-users.properties'
Added user 'admin123' with groups to file '/home/francesco/jboss/wildfly-16.0.0.Final/standalone/configuration/mgmt-groups.properties'
Added user 'admin123' with groups to file '/home/francesco/jboss/wildfly-16.0.0.Final/domain/configuration/mgmt-groups.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? yes
To represent the user add the following to the server-identities definition <secret value="UGFzc3dvcmQxMjM=" />
Adding a WildFly User in non-interactive ways
It is also possible to add management and application users just by running a shell command. For example:
How to create a management user in the Default Realm
$ ./add-user.sh -u 'adminuser1' -p 'password1!'
How to create an Application user belonging to a single group:
$ ./add-user.sh -a -u 'appuser1' -p 'password1!' -g 'guest'
Create an Application user belonging to multiple groups:
$ ./add-user.sh -a -u 'appuser1' -p 'password1!' -g 'guest,app1group,app2group'
How to create an Application user belonging to single group using alternate properties files:
$ ./add-user.sh -a -u appuser1 -p password1! -g app1group -sc /home/username/userconfigs/ -up appusers.properties -gp appgroups.properties
Management users using other Realms
This tutorial discussed the basics of adding an user with the default FileSystem Security Realm. In realm world cases, you will probably be using a more robust Realm to store your management users.
To learn how to secure the Management interfaces using other realms (such as Database Realm) we recommend checking this article: Securing JBoss / WildFly Management Interfaces: the easy way