Account

Manage user, organization & RBAC in Suger Console.


User

  1. Suger use Auth0 as the authentication & authorization provider. Both Sign in and Sign up share the same entry https://console.suger.cloud/login.
  2. Suger supports sso with Google & Microsoft. If you need sso with other identity providers like OKTA, please contact us support@suger.io.

Organization

  1. All Suger resources are organized & managed under organization. Each user must belong to at least one organization. An new user without organization connected will get an enforced dialog to create an organization.
  2. The user who creates the organization has the ADMIN role as default. It is allowed to add new users, edit user role or delete the users. There are 3 roles: ADMIN, EDITOR & READER. Their permission scope is defined below:
User RoleRBAC Permissions
ADMINFull access, including management of users, organizations, API Client & Webhook.
EDITORFull access, except the access to management of users, organizations, API Client & Webhook.
READERCan only access Suger services with read access, no permission to create/edit/delete any resources
  1. The email domain of the organization inherits from the user who created it.
  2. For security purpose, only the users who has the same email domain as the organization can be added to the organization.