Logo / Docs

Tenant Manager App

FusionAuth Reactor logo

This feature is only available in the Enterprise plan. Please visit our pricing page to learn more.

Available since 1.58.0

Overview

The Tenant Manager is an application designed for a multi-tenant configuration where you assign a tenant to an individual customer. With it you can allow a customer to manage the users in only their tenant. Although the core FusionAuth application includes a role for managing users, it gives access to all tenants.

Accessing Tenant Manager

Granting Users Access to Tenant Manager

The Tenant Manager app is a universal application, and exists in all tenants. Register a user to Tenant Manager o allow them to use it. You must register a user as self-service registration is not available for the Tenant Manager app.

  1. Open Users and find the desired user
  2. Select Manage from the Action menu
  3. Open the Registrations tab and click Add a registration
  4. Select the Tenant Manager application
  5. To enable user administration, select the admin role. Users without this role have read-only access

Browsing to the Tenant Manager App

The Tenant Manager app is hosted on your FusionAuth instance at

/tenant-manager/TENANT_ID

where TENANT_ID is the Id of a user’s tenant. Open Tenants to see a list of tenants along with their Ids.

The Tenant Manager app participates in Single Sign-on (SSO), just as any other application. For a seamless experience, you can link to the app from another application, such as your own Software-as-a-Service (SaaS) app.

Managing Users

The Users View

Users View

The Users view displays a list of users from the same tenant as the logged-in user. The view is paginated, showing 25 users at one time. Navigation buttons enable moving between pages of users.

Configure the data columns shown in the Users view using the Columns button. The chosen setting persists across sessions in the same browser.

Creating Users

To create a user, navigate to the Users view and click Create Enter the new user account details on the New User view that opens.

The Basic information section contains a form for setting user properties. To customize the properties in the Basic information section:

  • Open the FusionAuth Admin application
  • Open Customizations > Forms from the left-hand navigation
  • Create a new Admin User form
  • Open Tenants from the left-hand navigation
  • Edit your tenant
  • Select your new form in the General > Admin user form setting

Both the FusionAuth admin app and the Tenant Manager app will use your new form for editing users in this tenant.

Editing Users

To edit a user, open the Users view and click on the desired user. This opens the edit view with the user’s information, avatar, and other account information.

Users View

The fields shown are determined by the the Admin Registration form that is configured in the FusionAuth Admin application. For the steps to edit that form, see Creating Users.

To change a user’s password use one of password management user actions. See Actions for more detail.

Locking and Unlocking a User

To lock or unlock the current user, click Lock user or Unlock user. A locked user is unable to log in to any application.

Additional Actions

The down-arrow next to Lock User opens a menu of additional actions.

  • Change password on next login: The user is prompted for a new password on their next login
  • Send password change email: Sends an email that contains a password reset link to the address in user.email or user.data.email. You can use this when a user forgets their password.
  • Delete user: This will irreversibly delete the user’s account, and should be done with caution. Locking a user’s account is often a better, non-destructive option.

Roles and Permissions

The default access to Tenant Manager is read-only unless a user is assigned the admin role. Read-only access enables only searching and viewing accounts.

The admin role grants a user full permissions in the Tenant Manager app.

Assign a role to a user by managing their Tenant Manager app registration. See Granting Users Access to Tenant Manager for more information. The following table summarizes the permissions for the roles:

ActionStandard userAdmin user
List usersYesYes
Create userNoYes
Edit userNoYes
Delete userNoYes
Lock / unlock userNoYes
Force password change on next loginNoYes
Send password change emailNoYes
Delete userNoYes

Customization

You can customize the fields used in the Create User and Edit User views by using a custom form. By doing this you can specify exactly the information about a user that a Tenant Manager user can edit. See Creating Users for more information.

You can also provide names for custom fields in a theme. See Theme Localization for more information on editing and localizing default messages.

You cannot visually theme the Tenant Manager app at this time.