Enable sub-account management
When you have multiple tenants, and wish to grant them the ability to manage their own sub-accounts, you need to enable that option via the portla.
Step 1: Giving accounts the sub-account management capability
Two possible ways to give accounts a sub-account management capability are by API or via the Frontegg Dashboard.
Sub-account management via API
To make an account an MSP or reseller, you need to invoke a PUT
request to the following API and include the tenantId of the account you want to give this ability to:
https://api.frontegg.com/tenants/resources/tenants/v1/:tenantId
In the body of the request, include the following parameter:
{
"isReseller": true
}
Frontegg Dashboard
- Navigate to Backoffice —> Accounts
- Go to the account you want to enable the feature for
- Go to the Actions menu, and press the Enable sub-account management option
Step 2: Assigning permissions
To access the All Accounts tab in the Admin Portal, users must be assigned specific roles with corresponding Permissions:
-
Read Access to Sub-Accounts:
To view the "All Accounts" tab, users must have the role that grants them the "Read sub-accounts" permission:fe.account-hierarchy.read.subAccount
. This permission allows them to view sub-account information. -
Create or Update Sub-Accounts:
If users need to create or update sub-accounts, they should be assigned a role with the "Create or update sub account" permission:fe.account-hierarchy.write.subAccount
. This permission enables users to add new sub-accounts or modify existing ones. -
Delete Sub-Accounts:
To delete sub-accounts, users must have a role with the "Delete sub-accounts" permission:fe.account-hierarchy.delete.subAccount
. With this permission, users can remove unwanted sub-accounts from the system. -
Grant Access to Sub-Accounts:
If users need to provide access to sub-accounts within the account hierarchy, they should be assigned a role with the "Give access to sub-accounts" permission:fe.account-hierarchy.write.subAccountAccess
. This permission allows users to assign access rights to other users for specific sub-accounts.
By ensuring users have the appropriate roles and permissions, you can control their access levels and actions within the Admin Portal effectively.
Updated 25 days ago