Team Management
The Team Management section lets administrators view and manage authorized team members who are accessing your LoginRadius Admin Console. This feature provides a comprehensive list of team members. Administrators can edit roles and permissions, send password reset emails, log team members out of active sessions, and delete accounts. Roles and permissions can be customized for each team member to align with organizational needs.
Configurations
The Team Members section allows you to add new team members to your LoginRadius account. These team members are granted the ability to manage LoginRadius services for your website and use customer management tools and analytics.
Admins or account owners can quickly add new team members by following the below steps.
- Add Team Member
- Manage Team Members
- Multi-Tenant Access
- Log into the LoginRadius Admin Console.
- Navigate to Tenant Settings > Team Members section.
- Click the Add Team Member button, and a dialog box will appear.
- Fill in the fields as required and click the Save button.
- Name (Optional): Enter the team member's name (if applicable).
- Email ID (Mandatory): Provide the team member’s email address.
- App Name: Select from the dropdown list (required). If left blank, an error message will appear: "App Name is required."
- App Roles: A dropdown list for selecting one or more roles assigned to the team member within the app.
- Additional Permission (Optional): This field allows you to specify additional permissions for the team member. These permissions can be specific to certain tasks or actions within the application.
The newly added team member will receive an invitation email with a Set My Password Now button, which will allow them to create a password for future logins.
Assigning appropriate roles ensures they have the necessary permissions to perform their responsibilities effectively.
For more details and support, administrators can refer to the Role Access Permissions documentation.
The Team Members section also provides a comprehensive list of team members. Administrators can edit roles and permissions, send password reset emails, logout team members out of active sessions, and delete accounts. This flexibility allows roles and permissions to be customized for each team member, aligning with the evolving organizational needs.
An administrator can follow the steps below to perform any of the aforementioned actions.
-
Log into the LoginRadius Admin Console and navigate to Tenant Settings > Team Members section.
-
Click the action button in the Action column next to the desired team member in the team member list and select the desired action.
- Edit - To reassign app roles and additional permissions.
- Delete - To remove the team member from a specific tenant.
- Resend Password - To send a password reset email containing a Reset Your Password button, allowing the team member to reset the password.
- Logout this User - To revoke all the active sessions of the team member.
- Transfer Ownership—This option is available when signed in with the owner role and can be used to assign ownership.
A team member may be assigned the same or different roles across multiple tenants in certain scenarios. Each tenant functions independently, maintaining its user base and configurations. To streamline access, team members with permissions in multiple tenants can follow the steps outlined below to navigate directly to any tenant they can access.
- Log into the LoginRadius Admin Console.
- Click on the field displaying the current tenant's name in the top-left header bar, click on the name, and select the Switch Tenant.
- A list will open, displaying Owned Tenants (where the assigned role is of an Owner), Shared Tenants, and a Get All Tenants button.
- Select a tenant from the list to navigate to it.
Alternatively, after selecting the Get All Tenants option, a team member can navigate directly to a specific section of any accessible tenant by choosing the relevant section from the dropdown under the Navigate column in the available list. The team members can also click the Leave Tenant button to remove themselves from the respective tenant.
This ensures efficient management of tenant-specific tasks and seamless transitions between environments.
Role Access Permissions
When adding a new team member, you can assign them a role to determine their access permissions within the Admin Console.
Note: After the Site Owner updates a team member’s role, the team member must log out and log back in for the changes to take effect in the Admin Console.
Refer to the list below for a breakdown of each available role and its corresponding permissions.
| Permission Name | Owner | Admin | Customer Service | Developer | External User | Finance | Manager | Marketing |
|---|---|---|---|---|---|---|---|---|
| UserManagement View | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| UserManagement Edit | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| UserManagement Admin | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| UserInsights View | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| UserSegmentation View | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| UserSegmentation Export | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| DataExport Export | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| API ViewConfiguration | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API EditConfiguration | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API AdminConfiguration | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API ViewCredentials | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API EditCredentials | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
| API ViewAdditionalCredentials | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API AdminAdditionalCredentials | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API ViewThirdPartyCredentials | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API EditThirdPartyCredentials | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| API SyncConfiguration | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
| SecurityPolicy View | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ |
| SecurityPolicy Edit | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ |
| SecurityPolicy Admin | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ |
| Billing View | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ |
| Billing DownloadInvoice | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ |
| Billing Edit | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ |
| Support Tickets | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| ThirdPartyIntegration View | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ |
| ThirdPartyIntegration Edit | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ |
| ThirdPartyIntegration Admin | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ |
| Audit View | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ |
Note: The team members having the same Role can't manage each other. For example, a team member having the role of Admin can't manage other Admin team member.
See below for the list of permissions and the features that they grant:
| Permission name | Location | Sections | Description |
|---|---|---|---|
| UserManagement View | Customers → Manage Customers | All of the Manage customer sections | Provides the ability to search and view team member profiles |
| UserManagement Edit | Provides access to edit and reset password | ||
| UserManagement Admin | Provides access to block/unblock and delete team member profile | ||
| UserInsights View | Customer Analytics | All of the Customer Insights | Provides access to view all charts |
| UserSegmentation View | Insights → Customer Segmentations | All Options in segment users. | Provides access to search, query and view team member profiles |
| UserSegmentation Export | Provides access to the scheduled export section | ||
| Data Export | Insights → Data Export | Complete Data export section | Enables capability to export data |
| API ViewConfiguration | Branding → Configuration, Api Configuration, Data Storage, Integration → SSO Management, Tenant settings → Web & Mobile, Tenant Setting → Configuration Deploy | Data Storage, Authentication Configuration, Mobile Apps, Web Apps, Access Management | Provides access to view all development related options except provider's key secret and custom objects |
| API EditConfiguration | Provides access to edit the development options (excluding certain high level options such as setting a custom object schema) | ||
| API AdminConfiguration | Provides access to add new/edit and delete the development options | ||
| API ViewCredentials | API credentials | Provides access to view key/secret (LoginRadius credentials) | |
| API EditCredentials | Allows the team member to reset the API Secret | ||
| API ViewAdditionalCredentials | Additional LR credentials, Additional secrets | Provides access to view additional LR credentials, additional secrets | |
| API AdminAdditionalCredentials | Allows the team member to create or delete additional API secrets | ||
| API ViewThirdPartyCredentials | social providers, integrations, SMTP, SAML | Provides access to view third party credentials like social providers, integrations, SMTP, SAML etc. | |
| API EditThirdPartyCredentials | Provides access to manage third party credentials like social providers, integrations SMTP. SAML etc. | ||
| API SyncConfiguration | Configuration Swap | Allows syncing of configurations between LoginRadius site environments | |
| SecurityPolicy View | Security | All of the Account Protection section | Provides access to view Login, Registration, Password management, MFA and RBA etc. |
| SecurityPolicy Edit | Allows editing existing setup policies | ||
| SecurityPolicy Admin | Ability to add/remove policies | ||
| Billing View | Billing | All of the Billing options | Ability to view billing |
| Billing DownloadInvoice | Ability to download invoice | ||
| Billing Edit | Ability to update billing info | ||
| Support Tickets | Support | All of the support options | Ability to access LoginRadius support tickets |
| ThirdPartyIntegration View | Integration → 3rd Party Software, Integration → Data Sync | 3rd Party Software and Data Sync | Provides access to view 3rd Party Software and Data Sync |
| ThirdPartyIntegration Edit | Access to make changes to existing 3rd Party Software and Data Sync | ||
| ThirdPartyIntegration Admin | Full access for making changes in the 3rd Party Software and Data Sync | ||
| Audit View | Audit | Complete Audit area | Access to Audit area |