The Add New Admin feature in Trio enables privileged users to elevate standard users to administrative roles. This process is essential for scaling access management within large organizations while maintaining strict role-based control.
Prerequisites
To access and utilize this functionality, the user must be logged in with a role that includes permission to manage administrators, typically a Super Admin or similarly privileged role.
The target user must already exist in the organization’s user directory. Adding a new admin does not create a new user; it simply promotes an existing one.
Access the feature by navigating to:
Settings → Admins → Admins and Permissions → Add new
Step-by-Step Guide
Step 1: Launch the Add Admin Dialog
From the Admins and Permissions section under Settings, click on the “+ Add new” button in the top-right corner. This opens a two-step modal interface where you begin by selecting a user and then assigning an administrative role.
Step 2: Select User
You will see a list of users fetched from the organization’s directory. This list includes:
User names and email addresses
Their current state: Active, Suspended, Staged, or Deleted
User group affiliation (e.g., Sales, Engineering)
MFA (Multi-Factor Authentication) status for each user
Only users in an Active or Staged state should be selected. Suspended and Deleted users may be listed for context, but cannot perform admin functions.
You can filter users based on name, state, user group, or MFA status. Select the checkbox next to the desired user(s), then proceed by clicking Next.
Step 3: Assign Role
In the second step, you are prompted to assign a role to the selected user. This role governs what permissions they will have as an admin. Available roles include default ones like Super Admin and IT Admin L1, as well as any custom roles previously defined.
The role selector is a drop-down menu. Only one role can be assigned per user during this flow.
After assigning the appropriate role, confirm by clicking Save.
Step 4: Confirmation
Once the role is assigned, the system processes the update and displays a green success notification:
“A new admin has been added.”
The newly assigned admin appears in the All Company Admins list, showing:
Their name and email
The assigned admin role
Current state (Active or Suspended)
MFA configuration
Last login time
Suspended users will remain listed but cannot access admin functionality until reactivated.
System Behavior Notes
The admin role is immediately effective after saving. Backend APIs update the user’s permissions based on the role definition.
If MFA is not enabled for the user, no enforcement is applied by default unless a security policy requires it. You may want to separately ensure MFA is configured via the Users section.
This operation does not trigger an email notification or alert to the user. Communication must be handled manually or via external notification systems.
Troubleshooting
If a user cannot be selected, they may be in a deleted state or may not meet the requirements for MFA. Roles may also be restricted by permission levels—if a role doesn't appear, the current admin may lack the rights to assign it.
If saving fails, check for expired session tokens or stale state in the frontend. Refresh and retry if needed.
If you have more questions, please contact Trio.