Tenant Member Management
Team Owners are able to centrally manage access of all existing and new dashboard users of tenants under the team. We support adding tenant members through the Team dashboard, while removing and updating members access and roles to one or more tenants still occurs from within the tenant through the Auth0 Dashboard.
Turning on Tenant Member Management allows for greater security control on who has access to tenants and what actions they are permitted to carry out on the tenants. Team Owners are able to delegate tenant administrators the ability to add, remove, and update tenant members from within the Auth0 Dashboard.
Turn on Tenant Member Management
Tenant Member Management can be activated by going into the Settings section of the Teams dashboard, selecting the check box and clicking Save.
What to expect when the Tenant Member Management is activated
A background process is started to replicate all current tenant members as team members with the contributor role.
If user already exists as a Team Member the role with the higher privileges is maintained.
Assign Team Member to Tenants with Tenant Member Management
Select Members on the left side of the Teams Dashboard.
Select the Team Member name you will like to assign to a Tenant to open up the Member details page.
Click on the Add Tenant Access button on the top right to open up the Add Tenant Access window.
Start typing the Tenant name if known within the search window or click the dropdown icon to list tenants.
Tab to complete if typing or select the tenant from the drop down list. You can select one or more tenants up to 5 from the list of tenants.
Select one or more of the desired roles to assign to the Team Member for each selected tenants.
Click on the Assign button when done to grant access.
Edit Tenants Membership with Tenant Member Management
To edit tenant membership, use the Auth0 Dashboard.
Delete Tenants Membership with Tenant Member Management
If you want to delete a team member's access to one or more tenants, go to the Team Member's details page.
Navigate to the Members section on the left side of the Teams Dashboard, then locate the team member.
Click the team member's name or email address to access their detailed view. You can also use the search bar to look up the team member's name or email address.
Locate the desired tenant and select the ellipsis to reveal more options. Choose Remove Access. You can also use the search bar to look up the tenant of interest.
After you confirm the removal, you will be presented with a toast notification confirming the successful removal of tenant access.
If you want to remove the team member from all tenants associated with the team, removing them from the team automatically removes the team member from all tenants.
Alternatively, if you want to delete tenant membership without using the tenant member management feature, you can use the Auth0 Dashboard.
Tenant Membership invite Delegation
Teams owners are able to delegate team and tenant membership invites to Tenant admins through the Just In Time Membership feature under the Security Policies - SSO Enforcement configuration menu.
Just In Time allows for team members accounts to be auto created in Teams based on successful login using the enterprise IdP connection. Thereby tenant admins can continue to invite dashboard users from within the Auth0 Dashboard. Users are able to accept the invite and successfully login using the enterprise IdP.
Teams owners have the option to restrict new team member account creation by toggling off the Just In Time feature for each enterprise IdP. This prevents auto creation of team member accounts.
Managing Connections
The Tenant Member Management feature allows for managing the connection used to accept invite and authenticate dashboard users through Security Policies.