Organization administrators
Organization administrators (org admins) have org-wide permissions for most user management and policy settings. While org admin permissions are frequently combined with the app admin permissions to set up social authentication, we recommend combining them with a custom role for more granular access control.
Org admin restrictions
Org admins have many of the same permissions as super admins, with a few exceptions. Org admins can't perform the following actions:
- Manage other admins
- Manage applications
- Manage authorization servers
- Manage profile mappings
- Manage hooks
- Create OIDC apps
- Manage Authenticators
- Enable self service registration
- Enable Early Access and beta features