Skip to content

Managing Administrators

Administrators within Non-Employee are responsible for the configuration and management of your tenant within the admin console. Because administrators have access to all settings and features, consider carefully before assigning the administrator role to a user.

The System User account available out of the box should only be used for your initial tenant setup.

To grant users access to the admin console:

  • Assign a unique group or entitlement within your identity provider to the users you want to make administrators. This must be within the groups attribute in the SAML assertion.
  • Create a role within Non-Employee to assign to administrators in your tenant.

Creating the Administrator Role

Prerequisite:

  • Within your identity provider, assign a unique group or entitlement to all users you intend to mark as administrators within Non-Employee. This allows them to be granted the administrator role automatically the first time they sign in.

    For example, you might name this group Non-Employee Admins.

To create the administrator role:

  1. Begin creating a new role as described in Managing User Roles.

    Best Practice

    When creating the administrator role, use a descriptive name to indicate that this role grants administrative access.

  2. During role creation, in the Directory groups field, select the group from your identity provider you configured in the prerequisite, corresponding to the users that will be granted admin access.

  3. In the PERMISSIONS section, under the Application header, select the Yes radio button beside admin.

    This grants users with this role access to the admin console.

  4. Review the rest of the permissions available for Non-Employee roles and grant them as appropriate.

  5. Select the Create button.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.