Access control documented
This commit is contained in:
@@ -1 +1,31 @@
|
||||
# Admins
|
||||
Admins are users who are not tied to specific companies and are responsible for administering Sentri.
|
||||
## View admin
|
||||
To view admins, you need the `admin-access-admins` RO permission.
|
||||
|
||||
In the admins list, click the **view** icon to open an admin and see additional details.
|
||||
## Add admin
|
||||
To create a new admin, you need the `admin-access-admins` RW permission.
|
||||
|
||||
Complete the form and click **Add admin**. The admin will be created in a **Pending** state.
|
||||
|
||||
After creation, an invitation email is sent. The recipient must verify their account and set a password. Once completed, the admin becomes **Active**.
|
||||
## Modify admin
|
||||
To manage admins, you need the `admin-access-admins` RW permission.
|
||||
|
||||
You can edit an admin by clicking the **edit** icon in the admin list or by selecting **Edit** while viewing the admin details.
|
||||
### Send password reset email
|
||||
To send a password reset email, you need the `admin-access-admins-resetpassword` RW permission.
|
||||
|
||||
Open the admin details and click **Send password reset email** in the user management section.
|
||||
### Disable two factor authentication
|
||||
To disable two-factor authentication for another admin, you need the `admin-access-admins-mfa` RW permission.
|
||||
|
||||
Open the admin details and click **Disable two-factor authentication** in the user management section.
|
||||
# Admin status
|
||||
An admin can have one of the following statuses:
|
||||
|
||||
- **Active** – The admin is active and can log in.
|
||||
- **Pending** – The admin has been created but has not yet verified their account or set a password via the invitation email.
|
||||
- **Banned** – The admin is blocked due to suspicious or policy-violating behavior and cannot log in.
|
||||
- **Inactive** – The admin account is disabled and cannot log in.
|
||||
Reference in New Issue
Block a user