Managing admin users

Customers who have a self-hosted (on-premises) installation of Tonic can designate admin users to perform administrative tasks in Tonic.
A self-hosted customer should designate at least one admin user. However, administrator privileges should be limited to a small number of high-trust users.

Admin user privileges

Admin users have access to the Admin Panel. From the Admin Panel, they can:
Admin users can also see the entire list of workspaces in the instance. They are not automatically granted any access to view or edit workspaces. Each admin user can only view and edit workspaces that they individually own or are granted access to.
However, admin users can:

Designating the first admin users

To establish the first admin users for a new instance of Tonic, you add a variable to your environment configuration.
These users do not have to be Tonic users when you update the environment configuration. They are not created as Tonic users based on the environment configuration.
When Tonic users with these email addresses are created, they are granted administrator access.

Docker deployments

Update your .env file to include the email addresses of the Tonic users who should receive administrator access.
The docker-compose.yaml should contain the TONIC_ADMINISTRATORS environment variable within the tonic_web_server configuration block. If not, pull the newest version.

Kubernetes deployments (includes TIM deployments)

In the values.yaml file, under tonicai.web_server, edit the administrators property to include the email addresses of the Tonic users who should receive administrator access.
To verify that you have the required version of the Helm charts, check that values.yaml contains the administrators line.
tonic-web-server-deployment.yaml should contain a block for the TONIC_ADMINISTRATORS environment variable. If not, pull the newest version from our Github repo.

Viewing the list of admin users

On the User Management tab of the Admin Panel, the Tonic Admins list contains the current list of admin users.
Tonic Admins list on the Admin Panel
To display the Admin Panel, in the Tonic heading, click Admin.
For each admin user, the list shows the name, email address, and when the user was most recently active in Tonic.
To use a column to sort the list, click the column heading. To reverse the sort order, click the column heading again.
You can use the name or email address to filter the list. To filter the list, begin to type text that is in the name or email address of the admin users to display.

Adding an admin user

You can grant administrator privileges to an existing Tonic user.
To add an admin user:
  1. 1.
    Under Tonic Admins, click Add Admin User.
  2. 2.
    From the User dropdown list, select the user to grant administrator privileges to.
  3. 3.
    Click Grant Access.

Removing administrator privileges from admin users

You can remove administrator privileges from an admin user. They are removed from the Tonic Admins list.
They are not removed from the Tonic Users list. They are still Tonic users.
To remove administrator privileges, click the delete icon for the admin user.
For admin users that are configured in the environment variable, there is no delete icon. Instead, there is a lock icon. To remove administrator privileges from those users, you must update the environment variable.