This guide goes over how you can provision other administrators onto your team.
Table of contents
Inviting administrators
Accepting invite to Team
Roles and delegation
Inviting administrators
This step is not necessary if your team uses SAML, because users will join the team and automatically consume the seat after their first login via SAML. If your team uses SAML, skip to the roles and delegation section. If you've already manually invited someone that will use SAML, we recommend revoking the invite to avoid the administrator consuming two seats.
After the initial administrator has activated their account, they can begin inviting other administrators - it's super easy! Simply browse to the Members & Invites section of the admin portal and follow the steps below:
- Click the 'Invites' tab, then 'Invite Team Members'
- Provide the email addresses separated by a comma, space, or new line. The following example is a comma delimited list. Optionally, we can pre-assign administrators to a group. Click 'Send Invites'.
-
- Please note, adding a user to a group does not delegate any admin permissions. Groups will be used to set connection policies. We will cover delegation of admin roles and permissions below.
- Please note, adding a user to a group does not delegate any admin permissions. Groups will be used to set connection policies. We will cover delegation of admin roles and permissions below.
- Pending invites can be resent or cancelled from the 'Invites' tab.
Accepting invite to Team
After an administrator sends an invite, the invitee must accept before any roles can be delegated through via role based access control (RBAC). Follow the steps below to accept your invite!
- Click 'Join Your Team Now' in your Parsec for Teams email invite.
- Provide a username. Click 'Next'.
- Create a password. Click 'Create Account'.
- Configure a TOTP based authenticator application such as Authy or 1Password. After installing your authenticator app, scan the QR code with the authenticator app or manually provide the private key. Enter the 6 digit code provided by your authenticator app and a recovery email to recover your account in the event credentials and/or codes are lost or forgotten. Click 'Enable 2FA'.
- Click 'Join Team'.
Roles and delegation
Roles can be either Global or scoped to a Group. All teams can assign predefined Global roles. Enterprise teams can also create custom Global and Group roles. There are three predefined roles available for all teams. These roles can be assigned to team members but they can not be edited.
Multiple roles can be assigned to the same user in which case functionality is enabled when any of the assigned roles allow it. For additional information on roles, please visit the Roles article. To delegate role(s), follow the steps below:
- On the Admin Roles page select a role.
- Click 'Role Admins' tab.
- Click 'Assign Role'.
- Search for the user(s) who should have the selected role. Click 'Confirm'.