My co-worker created the tenant (we’re on developer-pro right now), and added me as admin. I can update/configure everything in the dashboard. Now we want to enable user-management (among other things) for some support employees, but after adding them as admins they don’t have any rights to do so.
Neither the tenant account owner nor me see any way to configure these new admin accounts. We’ve also tried deleting and adding them again. I also read the documentation about this (https://auth0.com/docs/get-started/dashboard/manage-dashboard-users) but frankly, I don’t see how the support-only users are able to handle issues with users having authentication issues, by just creating new tickets? We already have our own ticketing system, just exposing the user management to support colleagues should be enough.
So long story short: why do admins not get admin rights?
After several attempts of deleting the admin, and adding them again, it looks like we finally found the steps to fix this: after deleting the admin we had to make sure that the admin is then logged out before accepting the new invite. Also it seems like they have to have access to all applications, not just the one that they have to manage.
I still have some questions about how this works, which we cannot find in the documentation or it’s unclear about. If you (or someone else) could answer those that would really help us.
We have two applications: 1 for the web app with just the API permissions needed, such as read/create users. The other application has more permissions and is used as a machine-to-machine app to configure the other application via code (we have a deployment script with all settings and prompt translations, etc.). Only having access to all applications will enable an admin to actually manage users. Is this always the case?
One thing I thought about was that maybe our web app did not have enough permissions by itself for an admin to do user management. But it can create/update users, and these admins did not see a “create user” button. Are the permissions of admins derived from application permissions, or are they defined somewhere else?
Another suggestion was that maybe this admin also had a user account for the application itself, with the same email address, and that that was blocking permissions to do admin stuff. Are admin users completely separated from application users, or do they relate to each other somehow?
The documentation says we can configure admins, but I don’t see any edit/configure link or button anywhere. Just a button to create/delete them. Is the documentation wrong or are we missing something?