Admin Users
Admin users are the operators and managers of the SecureLink platform. They access the management UI to configure network infrastructure, manage devices, and oversee VPN services.
Navigate to Administration > Users to manage all user accounts.
User Types
SecureLink has three user types:
- SuperAdmin — Full platform access. Can manage all tenants, users, and system settings. SuperAdmins operate across the entire deployment and have unrestricted access to every feature.
- TenantAdmin — Manages a specific tenant's edges, connectors, VPN users, and network configuration. TenantAdmins are scoped to their assigned tenant and cannot access other tenants or system-wide settings.
- App User (VPN User) — End users who connect via the SecureLink VPN client. App Users do not have access to the management UI.
Tabs
The Users page is organized into tabs. The available tabs depend on your role and tenant context:
SuperAdmin View (No Tenant Selected)
| Tab | Description |
|---|---|
| Super Admins | All SuperAdmin accounts across the platform |
| Tenant Admins | All TenantAdmin accounts across all tenants |
| VPN Users | VPN/App user accounts |
| Invitations | Pending user invitations awaiting registration |
SuperAdmin View (Tenant Selected)
| Tab | Description |
|---|---|
| Tenant Admins | TenantAdmin accounts for the selected tenant |
| VPN Users | VPN/App user accounts for the selected tenant |
| Invitations | Pending invitations for the selected tenant |
TenantAdmin View
| Tab | Description |
|---|---|
| Admins | Admin accounts for your tenant |
| App Users | VPN/App user accounts for your tenant |
| Invitations | Pending invitations for your tenant |
User List
Each user tab displays a table with:
| Column | Description |
|---|---|
| Name | The user's display name |
| The email address used for sign-in | |
| Type | SuperAdmin, TenantAdmin, or App User |
| Tenant | The assigned tenant (visible in SuperAdmin view) |
| Status | Active (email verified and enabled), Inactive (invited but email not yet verified), or Disabled (admin-disabled) |
| Last Login | Timestamp of the most recent login |
First SuperAdmin Protection
The first SuperAdmin account (determined by creation time) is the platform bootstrap admin. This account has special protection:
- Other administrators cannot edit or delete this account
- The bootstrap admin can view all other accounts
- The bootstrap admin can edit their own profile and settings
This prevents accidental lockout of the primary platform administrator.
Creating an Admin User
- Select the target tab on the Users page:
- Super Admins tab — the button reads Invite Super Admins.
- Tenant Admins tab — the button reads Invite Tenant Admins.
- VPN Users tab — the button reads Invite VPN Users (covered in VPN User Management, not this page).
- Click the invite button for the tab you're on.
- Fill in the invitation form:
- Email — The email address of the new user.
- Tenant — Required for TenantAdmin. Select the tenant this user will manage.
- Role — Assign a role that determines the user's permissions.
- Click Send Invitation.
- An invitation email is sent to the user with a unique registration link.
- The user clicks the link and lands on the SecureLink
/accept-invitepage, where they choose a display name and password. - After completing registration, a verification email is sent. The user must click the link in that email before they can sign in.
- Once verified, the user can sign in at the platform URL. The invitation is marked Accepted automatically.
Email verification lifecycle
After accepting an invitation the user's status shows as Inactive until they click the link in the Email Verification email. Once the link is clicked the status automatically flips to Active and the user can sign in.
User row actions
Each user row in the list provides quick-access action buttons:
| Action | Icon | Description |
|---|---|---|
| View | Eye | Open the User Detail page |
| Send password reset email | Send arrow | Sends a SecureLink-branded email with a one-time /reset-password?token=X link |
| Set password | Key | Admin sets a new password directly. An optional "Require user to change on next sign-in" checkbox marks it as temporary in the identity provider |
| Unlock | Padlock open | Clears a brute-force lockout. Appears only when the user's account is locked out by repeated failed attempts |
| Edit | Pencil | Edit name, type, or tenant assignment |
| Delete | Trash | Permanently remove the user |
The Unlock button appears only for users whose accounts have been locked by brute-force protection. Locked users cannot sign in until an admin clears the lockout.
User Detail Page
Click on a user row to open the User Detail page. The page is organized into tabs:
Profile Information
Displays account details in two columns:
- Account Information — Username, full name, email, phone
- Access & Status — User type, status (active/disabled), tenant ID
- Timestamps — Creation date, last update, created by
Activity Log
A chronological log of actions performed by this user:
| Column | Description |
|---|---|
| Timestamp | When the action occurred |
| Action | Action type with color-coded badge (Login, Update, Create, Delete, etc.) |
| Resource Type | What kind of resource was affected |
| Resource | The specific resource |
| IP | Originating IP address |
| Status | Success or failure |
Click Export CSV to download the activity log.
Permissions
Shows the user's role assignment and effective permissions:
- Role Assignment — Current role name, type, and a summary of capabilities
- Permission Details — Create, Read, Update, and Delete permission indicators
To change a user's role, use the Edit Info button in the page header.
SuperAdmin users always have full permissions. The Permissions tab shows a simplified "full access" explanation for SuperAdmin accounts.
Sessions
All active sessions for this user:
| Column | Description |
|---|---|
| IP Address | Session IP address |
| Device | Browser and operating system |
| Created | Session creation time |
| Last Activity | Most recent API call |
| Expires | Session expiration time |
| Status | Active or expired |
Actions:
- Export CSV — Download the sessions list
- Revoke All Active — Revokes all active sessions for this user. The user will receive a 401 response on their next API call and must re-authenticate.
When an admin revokes another user's sessions, the user is not immediately logged out. Instead, their next API call will fail with a 401 error, and the UI will redirect them to the login page. The revoked session token cannot fall back to Keycloak authentication — it is definitively invalidated.
Editing a User
Click Edit Info in the user detail header to open the edit modal. You can:
- Change user type — Promote a TenantAdmin to SuperAdmin, or scope a SuperAdmin down to TenantAdmin.
- Change tenant assignment — Reassign a TenantAdmin to a different tenant.
- Change role — Assign a different role with different permissions.
Changes take effect on the user's next login or token refresh.
Deactivating a User
Click Deactivate in the user detail header (with confirmation) to disable the account:
- The user can no longer log in to the management UI.
- The user's account and configuration history are preserved.
- The user can be re-activated at any time by clicking Activate.
Disabling a SuperAdmin removes their access to all tenants immediately. Any active sessions will be terminated on the next token validation.
Assume Identity (SuperAdmin)
SuperAdmins can temporarily assume the identity of a TenantAdmin to see the platform from their perspective. This is useful for troubleshooting tenant-specific issues without sharing credentials.
How It Works
- Navigate to Administration > Users and find the TenantAdmin account
- Click Assume Identity (available only for TenantAdmin accounts, type 2)
- The UI switches to the TenantAdmin's context — you see their tenant, their permissions, their sidebar
While assuming identity:
- An amber banner appears at the top of every page showing whose identity you've assumed
- All actions are performed as the assumed user (same permissions and tenant scope)
- An audit trail entry is created recording the assumption
- Click Return to Admin in the banner to restore your SuperAdmin session
Security
- Only SuperAdmins can assume identity
- The assumed session uses a real JWT with the TenantAdmin's context plus an
assumedByclaim - Your original SuperAdmin token is stashed locally and restored when you return
- All assumed actions are logged in the audit trail with the original SuperAdmin's identity
Assume Identity is disabled by default and must be enabled via the ENABLE_IDENTITY_ASSUME=true environment variable on the API.