Tenant Member Management

Team Owners are able to centrally manage access of all existing and new dashboard users of tenants under the team. We support adding tenant members through the Team dashboard, while removing and updating members access and roles to one or more tenants still occurs from within the tenant through the Auth0 Dashboard.

Turning on Tenant Member Management allows for greater security control on who has access to tenants and what actions they are permitted to carry out on the tenants. Team Owners are able to delegate tenant administrators the ability to add, remove, and update tenant members from within the Auth0 Dashboard.

Tenant Member Management can be activated by going into the Settings section of the Teams dashboard, selecting the check box and clicking Save.

• A background process is started to replicate all current tenant members as team members with the contributor role.

• If user already exists as a Team Member the role with the higher privileges is maintained.

1. Select Members on the left side of the Teams Dashboard.

2. Select the Team Member name you will like to assign to a Tenant to open up the Member details page.

3. Click on the Add Tenant Access button on the top right to open up the Add Tenant Access window.

4. Start typing the Tenant name if known within the search window or click the dropdown icon to list tenants.

5. Tab to complete if typing or select the tenant from the drop down list. You can select one or more tenants up to 5 from the list of tenants.

   Specific Apps option is not presented if more than one tenant is selected. Select individual Tenant to assign Editor -Specific Apps role.

6. Select one or more of the desired roles to assign to the Team Member for each selected tenants.

7. Click on the Assign button when done to grant access.

To edit tenant membership, use the Auth0 Dashboard.

If you want to delete a team member's access to one or more tenants, go to the Team Member's details page.

1. Navigate to the Members section on the left side of the Teams Dashboard, then locate the team member.

2. Click the team member's name or email address to access their detailed view. You can also use the search bar to look up the team member's name or email address.

3. Locate the desired tenant and select the ellipsis to reveal more options. Choose Remove Access. You can also use the search bar to look up the tenant of interest.

4. After you confirm the removal, you will be presented with a toast notification confirming the successful removal of tenant access.

If you want to remove the team member from all tenants associated with the team, removing them from the team automatically removes the team member from all tenants.

Alternatively, if you want to delete tenant membership without using the tenant member management feature, you can use the Auth0 Dashboard.

Teams owners are able to delegate team and tenant membership invites to Tenant admins through the Just In Time Membership feature under the Security Policies - SSO Enforcement configuration menu.

Just In Time allows for team members accounts to be auto created in Teams based on successful login using the enterprise IdP connection. Thereby tenant admins can continue to invite dashboard users from within the Auth0 Dashboard. Users are able to accept the invite and successfully login using the enterprise IdP.

Teams owners have the option to restrict new team member account creation by toggling off the Just In Time feature for each enterprise IdP. This prevents auto creation of team member accounts.

The Tenant Member Management feature allows for managing the connection used to accept invite and authenticate dashboard users through Security Policies.