Admin Roles & User Management

The Frends API Portal provides different levels of administrative control to manage organizations, users, and access. Understanding these roles and their capabilities helps ensure your portal is properly governed and maintained.

Administrative Roles

The API Portal has two distinct administrative roles with different scopes of control: API Portal Administrators and Organization Administrators.

API Portal Administrators have global control over the entire portal instance. They can manage all organizations, view all activities, configure portal-wide settings, and perform any administrative action across the portal. Portal administrators are typically employees of the company operating the portal and are responsible for its overall operation and governance.

Organization Administrators have control over a single organization and its members. They manage who can join their organization, what API products the organization has access to, and how their organization's tokens are managed. Organization administrators are typically employees or designated representatives of the organization using the portal.

This separation of roles ensures that while your customers and partners can manage their own organizations autonomously, you maintain oversight and control over the portal as a whole.

API Portal Administrator Capabilities

As an API Portal Administrator, you have comprehensive capabilities to manage the entire portal. You can view and manage all organizations in the portal, regardless of who created them or which users belong to them. This includes viewing organization details, managing their members, and overseeing their API product access.

Portal administrators can manage tokens for any organization. If an organization reports issues with their access or needs assistance with token management, you can view their tokens, revoke them if necessary, or help troubleshoot authentication problems. This is particularly useful when providing support to portal users who may not be familiar with token management.

In more severe cases, portal administrators can delete entire organizations. This permanently removes the organization, all its members' associations with that organization, and all tokens issued to that organization. Organization deletion should be used carefully, typically only in cases of policy violations, account closure, or other circumstances requiring complete removal.

One action that portal administrators cannot perform is deactivating organizations. If you need to temporarily restrict an organization's access without permanently deleting it, you can revoke their tokens or remove their access to specific API products instead.

Portal administrators can also create new organizations directly without going through the normal user registration flow. This is useful when onboarding enterprise customers or partners where you want to set up their organization in advance and then invite their users to join.

Organization Administrator Capabilities

Organization administrators have full control over their own organization but cannot affect other organizations or portal-wide settings. When you create a new organization, you automatically become its administrator. Additional administrators can be designated by inviting users and assigning them administrative roles.

As an organization administrator, you manage your organization's membership. You can invite new users to join your organization by sending them invitation emails. When users accept invitations, they become members of your organization and can access the same API products and tokens.

You can also remove users from your organization if they should no longer have access. Removing a user doesn't delete their portal account, but it removes their association with your organization and their ability to access your organization's resources.

Organization administrators manage their organization's API product access. When your organization needs access to a new API product, administrators can request that access on behalf of the organization. You can also view all pending access requests and track their status.

Token management is another key responsibility of organization administrators. You can view all tokens issued to your organization for different API products, copy tokens to use in your integrations, revoke tokens when necessary, and refresh tokens to generate new values. Proper token management is essential for maintaining security and ensuring your integrations continue to function correctly.

If your organization uses Single Sign-On, organization administrators configure the SSO settings. This includes specifying your identity provider and configuring the necessary integration parameters. SSO configuration requires coordination with your organization's IT team to ensure proper setup.

User Management

Beyond the administrative roles, regular users in the portal have limited capabilities focused on consuming APIs rather than managing the portal. Users can view API products they have access to, test APIs using provided tokens, and manage their personal profile settings.

Users can belong to multiple organizations if they receive invitations from different organization administrators. This is common for consultants, contractors, or employees who work with multiple companies. When a user is part of multiple organizations, they can switch between them using the profile menu. Switching organizations changes which API products and tokens are visible and available to the user.

Each user has a personal profile where they can manage their account settings. This includes changing their email address, updating their password (if not using SSO), and managing notification preferences. Users are responsible for keeping their contact information current and their credentials secure.