Is distributed administration possible ? #2673
Labels
question
Further information is requested
Comments
|
Hi, this is currently a bit hard to answer. authentik uses an object-based permission system internally so naturally the answer would be yes; however this is currently exposed as an API and cannot be configured. Currently, you can simply configure groups to be admin or not; but things like outpost service accounts already use this permission system. I am currently working on adding a role system, where a role can have permissions assigned to it, roles are assigned to groups and all permissions in all groups a user is member in will be added. I don't like putting timelines on things but this should be included in the near future. |
Closed
|
closed by #6806 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe your question/
currently we are searching for an sso solution. besides the functions and features statet on your website we want to know if we can build a scenario where different (sub)admins can administrate users of specified groups
Relevant infos
We are an NGO with about 250000 members about 20000 of them are active members and contribute to our goals.
The members are widely spread across the country and organised in local groups. The groups themself are hierarchical structured.
Our requirement is, that we have a solution where local (sub)admins can administer the members of the local group and assign permissions (group memberships) to the groups belonging to the local oranisation and thier apps as well as the next level admin can assign permissions to users needing more permissions/apps on the next level of applications.
Is this possible with authentik and if yes how can we achive this ?
The text was updated successfully, but these errors were encountered: