Help Center Home > Admin and User Management > Scope MSP Admins to Organizations

Scope MSP Admins to Organizations

Users can select specific permission and access levels for their Multi-Service Provider (MSP) admins within the Multi-Tenant Portal (MTP). This establishes more structured security for IT admins to service their customers to their exact preferences.

When MSP’s have multiple customers or contracts with external vendors and need their employees to have restricted access to some accounts, this feature allows individual access to be granted.

Prerequisites:

An admin must have the Admin with Billing role to grant themselves access to an organization, otherwise, that access has to be provided by someone with the Admin with Billing role in the MSP.

Considerations:

When admins log in, they will only see the orgs that they have access to.
- Note: At least one org needs to be selected for MTP admins to see which orgs they have access to.
Suspended admins won’t have any access to our consoles or orgs.

Editing Existing Admins’ Permissions and Access

To edit the permissions and access of existing admins:

Log in to your MTP Dashboard: https://console.jumpcloud.com.
Click the Administrators tab and select the admin you want to edit. The Edit Administrators side window displays.
Click the Permissions & Access tab.
In the Permissions field, click the Role* dropdown menu and reassign the admin role as needed.
In the Organization Access field, select which orgs you want the admin to be added to. See JumpCloud’s Admin Portal Roles to learn more.
Click Save.

Adding Permissions and Access for New Admins

To add permissions and access for new admins:

Log in to your MTP: https://console.jumpcloud.com.
Click on the Administrators tab, then click the Plus icon ( + ). The Create New Administrator side window displays.
On the Details tab, enter the First Name, Last Name, and Administrator Email Address fields, then click the Permissions & Access tab.
In the Permissions field, click the Role* dropdown menu and assign the admin role as needed.
In the Organization Access field, select which orgs you want the admin to be added to. You need to have at least one org selected to be able to create an admin. See JumpCloud’s Admin Portal Roles to learn more.
Click Save.

Removing Admins from an Org

To remove an admin from an org:

Log in to your MTP: https://console.jumpcloud.com.
Click the Organizations tab, then select an org to view its details. The Manage Organization side window displays.
Scroll down to Administrators and click on the trashcan icon to the right of the admin you want to remove from the org.
Click Save.

FAQs

Will a new MTP admin have access to all organizations by default?

When you create a new admin, that admin will not automatically be given access to any organization. This is a shift from existing behavior to provide more security.

Why am I only seeing 2 organizations when I login and I am an Admin w/ Billing?

It’s possible that another Admin w/ Billing role user has restricted your access to specific organizations to limit exposure or other organizational reasons. Please work with your main admin to restore your access.

Can suspended admins have access to organizations?

No, as always suspended admins won’t have any access to our consoles.

Does my Role-Based Access Control (RBAC) change after this feature addition?

No, the role based access remains the same. The only difference is that you have organizational access in addition.

If I am an Admin with Billing, can I add myself to an organization?

Yes!

If I add a new organization to the MTP dashboard, will that org automatically be added to all my existing admins?

No, you will need to edit your admins to give them access to that new org.

Interested in our Integrations? Learn more:

Back to Top