memgraph · andrejtonev · Jul 17, 2025
@@ -25,4 +25,8 @@ authentication and access control using Memgraph's auth module.
 ## [Impersonate user](/database-management/authentication-and-authorization/impersonate-user) (Enterprise)
 
 Learn how the impersonate user feature enables authorized users to execute
-queries with the full permissions and context of another user.
+queries with the full permissions and context of another user.
+
+## [User profiles](/database-management/authentication-and-authorization/user-profiles) (Enterprise)
+
+Learn how to manage user profiles and set resource limits for users and roles to control resource consumption and prevent abuse.
@@ -2,5 +2,6 @@ export default {
     "users": "Users",
     "role-based-access-control": "Role-based access control",
     "auth-system-integrations": "Auth system integrations",
-    "impersonate-user": "Impersonate user"
+    "impersonate-user": "Impersonate user",
+    "user-profiles": "User profiles"
 }
@@ -18,7 +18,7 @@ role, enhancing security and minimizing risks.
 With role-based access control, a database administrator can assign various
 privileges to roles, but for even more control over who can access certain
 data, Memgraph Enterprise offers [fine-grained access
-control](#fine-grained-access-control). 
+control](#fine-grained-access-control). Additionally, you can use [user profiles](/database-management/authentication-and-authorization/user-profiles) to set resource limits for roles and users. 
 
 ## User roles 
 
@@ -75,6 +75,36 @@ To list all defined user roles run:
 SHOW ROLES;
 ```
 
+## User profiles for roles
+
+You can assign user profiles to roles to control resource limits for all users with that role. This allows you to set consistent resource limits across multiple users.
+
+To assign a profile to a role:
+
+```cypher
+SET PROFILE FOR role_name TO profile_name;
+```
+
+To view the profile assigned to a role:
+
+```cypher
+SHOW PROFILE FOR role_name;
+```
+
+To clear a role's profile:
+
+```cypher
+CLEAR PROFILE FOR role_name;
+```
+
+To see all roles assigned to a profile:
+
+```cypher
+SHOW ROLES FOR PROFILE profile_name;
+```
+
+For detailed information about user profiles, see the [User profiles](/database-management/authentication-and-authorization/user-profiles) documentation.
+
 ## Privileges
 
 At the moment, privileges are confined to users' abilities to perform certain

@@ -0,0 +1,125 @@
+---
+title: User profiles
+description: Learn how to manage user profiles and set resource limits for users and roles.
+---
+
+# User profiles
+
+User profiles allow you to set resource limits for users and roles in Memgraph Enterprise. You can define limits on the number of sessions and transaction memory usage to control resource consumption and prevent abuse.
+
+## Overview
+
+User profiles provide a way to:
+- Set resource limits for individual users or roles
+- Control the number of concurrent sessions per user
+- Limit memory usage
+- Monitor resource consumption
+
+## Creating profiles
+
+You can create a profile with default unlimited limits:
+
+```cypher
+CREATE PROFILE profile_name;
+```
+
+Or create a profile with specific limits:
+
+```cypher
+CREATE PROFILE profile_name LIMIT sessions 10, transactions_memory 100MB;
+```
+
+### Available limits
+
+- **sessions**: Maximum number of concurrent sessions (default: unlimited)
+- **transactions_memory**: Maximum memory usage per transaction (default: unlimited)
+
+### Limit values
+
+You can specify limits in different formats:
+
+- **Unlimited**: `UNLIMITED` (default)
+- **Quantity**: A number (e.g., `10`)
+- **Memory**: A number with unit MB/KB (e.g., `100MB`, `512KB`)
+
+## Managing profiles
+
+### Update a profile
+
+```cypher
+UPDATE PROFILE profile_name LIMIT sessions 5, transactions_memory 50MB;
+```
+
+### Drop a profile
+
+```cypher
+DROP PROFILE profile_name;
+```
+
+### Show all profiles
+
+```cypher
+SHOW PROFILES;
+```
+
+### Show a specific profile
+
+```cypher
+SHOW PROFILE profile_name;
+```
+
+## Assigning profiles to users and roles
+
+### Set a profile for a user
+
+```cypher
+SET PROFILE FOR username TO profile_name;
+```
+
+### Set a profile for a role
+
+```cypher
+SET PROFILE FOR role_name TO profile_name;
+```
+
+### Clear a profile
+
+```cypher
+CLEAR PROFILE FOR username;
+```
+
+## Viewing profile assignments
+
+### Show profile for a user or role
+
+```cypher
+SHOW PROFILE FOR username;
+```
+
+### Show users assigned to a profile
+
+```cypher
+SHOW USERS FOR PROFILE profile_name;
+```
+
+### Show roles assigned to a profile
+
+```cypher
+SHOW ROLES FOR PROFILE profile_name;
+```
+
+## Monitoring resource usage
+
+### Show resource usage for a user
+
+```cypher
+SHOW RESOURCE USAGE FOR username;
+```
+
+This command shows the current resource consumption for the specified user, including:
+- Number of active sessions
+- Current transaction memory usage
+
+## Combining profiles defined for the user and roles
+
+# TODO Update for multi-role users
@@ -12,8 +12,9 @@ In Memgraph, users and their passwords can be created with a simple Cypher
 query. This level of security is supported within the Community version of
 Memgraph. For more advanced security features within Memgraph Enterprise, check
 out [role-based access
-control](/database-management/authentication-and-authorization/role-based-access-control)
-and [auth system integrations](/database-management/authentication-and-authorization/auth-system-integrations).
+control](/database-management/authentication-and-authorization/role-based-access-control),
+[auth system integrations](/database-management/authentication-and-authorization/auth-system-integrations),
+and [user profiles](/database-management/authentication-and-authorization/user-profiles).
 
 ## Administer users
 
@@ -96,6 +97,39 @@ SHOW USERS;
 
 If no users exist, `SHOW USERS` returns no results.
 
+## User profiles (Enterprise)
+
+In Memgraph Enterprise, you can assign user profiles to control resource limits for users. User profiles allow you to set limits on:
+
+- Number of concurrent sessions
+- Transaction memory usage
+
+To assign a profile to a user:
+
+```cypher
+SET PROFILE FOR username TO profile_name;
+```
+
+To view the profile assigned to a user:
+
+```cypher
+SHOW PROFILE FOR username;
+```
+
+To clear a user's profile:
+
+```cypher
+CLEAR PROFILE FOR username;
+```
+
+To see all users assigned to a profile:
+
+```cypher
+SHOW USERS FOR PROFILE profile_name;
+```
+
+For detailed information about user profiles, see the [User profiles](/database-management/authentication-and-authorization/user-profiles) documentation.
+
 ### Password encryption algorithm
 
 Memgraph offers multiple password encryption algorithms:

@@ -19,6 +19,7 @@ The following Memgraph features are only available in Enterprise Edition:
 - [Role-based access control](/database-management/authentication-and-authorization/role-based-access-control)
 - [Label-based access control](/database-management/authentication-and-authorization/role-based-access-control#label-based-access-control)
 - [Impersonate user](/database-management/authentication-and-authorization/impersonate-user)
+- [User profiles](/database-management/authentication-and-authorization/user-profiles)
 - [High availability](/clustering/high-availability) and [automatic failover](/clustering/high-availability#failover)
 - [Time to live](/querying/time-to-live)
 - [Query sharing](/data-visualization/user-manual/query-sharing) in Memgraph Lab