Managing admin users

Customers who have a self-hosted (on-premises) installation of Tonic can designate admin users to perform administrative tasks in Tonic.
A self-hosted customer should designate at least one admin user. However, administrator privileges should be limited to a small number of high-trust users.
Admin user privileges
Admin users have access to the Admin Panel. From the Admin Panel, they can:
​Designate other admin users​
Remove and reset passwords for Tonic users, if the instance does not use single sign-on (SSO)
Manage and update the Tonic instance​
​Update the Tonic license key​
View summary usage metrics
Admin users can also see the entire list of workspaces in the instance. They are not automatically granted any access to view or edit workspaces. Each admin user can only view and edit workspaces that they individually own or are granted access to.
However, admin users can:
​Grant non-owner access to any workspace​
​Transfer ownership of any workspace​
​Create a copy of any workspace​
Copy any workspace identifier
​
Designating the first admin users
To establish the first admin users for a new instance of Tonic, you add a variable to your environment configuration.
These users do not have to be Tonic users when you update the environment configuration. They are not created as Tonic users based on the environment configuration.
When Tonic users with these email addresses are created, they are granted administrator access.
Docker deployments 
Update your .env file to include the email addresses of the Tonic users who should receive administrator access.  
 [email protected],[email protected]
The docker-compose.yaml should contain the TONIC_ADMINISTRATORS environment variable within the tonic_web_server configuration block. If not, pull the newest version.
Kubernetes deployments (includes TIM deployments)
In the values.yaml file, under tonicai.web_server, edit the administrators property to include the email addresses of the Tonic users who should receive administrator access. 
administrators: [email protected],[email protected]
To verify that you have the required version of the Helm charts, check that values.yaml contains the administrators line.
​tonic-web-server-deployment.yaml should contain a block for the TONIC_ADMINISTRATORS environment variable. If not, pull the newest version from our Github repo.
Viewing the list of admin users
On the User Management tab of the Admin Panel, the Tonic Admins list contains the current list of admin users.
Tonic Admins list on the Admin Panel
To display the Admin Panel, in the Tonic heading, click Admin.
For each admin user, the list shows the name, email address, and when the user was most recently active in Tonic.
To use a column to sort the list, click the column heading. To reverse the sort order, click the column heading again.
You can use the name or email address to filter the list. To filter the list, begin to type text that is in the name or email address of the admin users to display.
Adding an admin user
You can grant administrator privileges to an existing Tonic user.
To add an admin user:
1.Under Tonic Admins, click Add Admin User.
2.From the User dropdown list, select the user to grant administrator privileges to.
3.Click Grant Access.
Removing administrator privileges from admin users
You can remove administrator privileges from an admin user. They are removed from the Tonic Admins list.
They are not removed from the Tonic Users list. They are still Tonic users.
To remove administrator privileges, click the delete icon for the admin user.
For admin users that are configured in the environment variable, there is no delete icon. Instead, there is a lock icon. To remove administrator privileges from those users, you must update the environment variable.

SAML

Managing Tonic users

Last modified 2mo ago