Managing admin users

Customers who have a self-hosted (on-premises) installation of Tonic can designate admin users to perform administrative tasks in Tonic.
A self-hosted customer should designate at least one admin user. However, administrator privileges should be limited to a small number of high-trust users.
Admin user privileges
Admin users have the following privileges:
Access to the Admin Panel. From the Admin Panel, they can:
​Designate other admin users​
Remove and reset passwords for Tonic users, if the instance does not use single sign-on (SSO)
Manage and update the Tonic instance​
​Update the Tonic license key​
View summary usage metrics
Access to all of the workspaces in the instance. Admin users can:
​Grant non-owner access to any workspace​
​Transfer ownership of any workspace​
​Create a copy of any workspace​
Copy any workspace identifier
Admin users are not granted any other automatic access to workspaces. They can only view and edit workspaces that they own or are granted access to.
Designating the first admin users
To establish the first admin users for a new instance of Tonic, you add a variable to your environment configuration.
These users do not have to be Tonic users when you update the environment configuration. They are not created as Tonic users based on the environment configuration.
When Tonic users with these email addresses are created, they are granted administrator access.
Docker deployments 
Update your .env file to include the email addresses of the Tonic users who should receive administrator access.  
 [email protected],[email protected]
The docker-compose.yaml should contain the TONIC_ADMINISTRATORS variable within the tonic_web_server configuration block. If not, pull the newest version.
Kubernetes deployments 
In the values.yaml file, edit the administrators line to include the email addresses of the Tonic users who should receive administrator access. 
administrators: [email protected],[email protected]
To verify that you have the required version of the Helm charts, check that values.yaml contains the administrators line.
​tonic-web-server-deployment.yaml should contain the block around the TONIC_ADMINISTRATORS variable. If not, pull the newest version from our Github repo.
Viewing the list of admin users
On the User Management tab of the Admin Panel, the Tonic Admins list contains the current list of admin users.
Tonic Admins list on the Admin Panel
To display the Admin Panel:
1.Click the actions menu at the top right of the Tonic application.
2.Click Admin Panel.
For each admin user, the list shows the name, email address, and when the user was most recently active in Tonic.
To use a column to sort the list, click the column heading. To reverse the sort order, click the column heading again.
You can use the name or email address to filter the list. To filter the list, begin to type text that is in the name or email address of the admin users to display.
Adding an admin user
You can grant administrator privileges to an existing Tonic user.
To add an admin user:
1.Under Tonic Admins, click Add Admin User.
2.From the User dropdown list, select the user to grant administrator privileges to.
3.Click Grant Access.
Removing administrator privileges from admin users
You can remove administrator privileges from an admin user. They are removed from the Tonic Admins list.
They are not removed from the Tonic Users list. They are still Tonic users.
To remove administrator privileges, click the delete icon for the admin user.
For admin users that are configured in the environment variable, there is no delete icon. Instead, there is a lock icon. To remove administrator privileges from those users, you must update the environment variable.

Okta

Next - Administering Tonic

Managing Tonic users

Last modified 21d ago

Copy link

Outline

Admin user privileges

Designating the first admin users

Docker deployments

Kubernetes deployments

Viewing the list of admin users

Adding an admin user

Removing administrator privileges from admin users