Company Settings
Within the Descope console, configure various items around the company from the Company Settings page. Within this page there are 3 tabs for managing company settings, Descopers, and Management keys.
Settings
Within the settings tab, the following can be configured:
General
- The
Company Name.
Console Access
- Configure SSO for Descope admins by clicking the
Configure SSObutton.
Note
This walks through the Self-Service Provisioning flow. Once completed, the Descope admins will be able to authenticate to the Descope console using SSO.
- Enforce SSO - This will be visible once SSO is configured for the console. Will oblige Decopers to log in through SSO.
- Roles - This will be visible once SSO is configured with SAML. Define what roles the Descoper has in which project(s). Choosing "Granular Permissions" will allow assigning specific SSO groups to specific projects, combined with roles. Once it is set, descopers will be granted the roles associated with their SSO group upon SSO login.
Note
You can associate the "Company Admin" with an SSO group that will provide administrative access to all projects and company settings.
- Enforce MFA - Will oblige Descopers to go through an MFA while letting Descopers choose their preferred MFA method from the following options: Passkeys, OTP vis SMS, or TOTP.
Permissions
- Optionally check the box for
Allow Developer Success to access my data for troubleshooting purposeswhich enables the Descope Developer Success team to capture further information within the project for troubleshooting purposes.
Descopers
Users who have access to your Descope Console are known as Descopers. You can manage these from the Descopers tab in the Console. Here you can create, delete, and manage your Descopers. When creating a new Descoper you can choose whether to send the invitation via email, and can also configure the Descoper role for the user.
Descoper roles
Descopers can be associated to specific projects and roles. When you uncheck the Company Admin checkbox and configure the
user's roles based on project. The users will only have access to the projects that you associate them with, and they will only
have rights within those projects per the below outline of the roles within Descope at a company level.
| Role | Description |
|---|---|
| Company Admin | Company admins have full read/write access across the company and all projects. |
| Project Admin | Descopers associated to project(s) with the Admin role have full read/write access across the projects they are associated with. |
| Project Developer | Descopers associated to project(s) with the Developer role have read/write access across all of the projects they are associated, including the Project-level settings. However, they will not have read/write access to Company-level settings. |
| Project Support | Descopers associated to project(s) with the Support role have access to read the following: Authentication Methods, Flows, Connectors, IdP Apps, Authorization, and Project Settings. These users have full read/write access within the users, access keys, tenants, and audit pages. |
Management keys
Within the Management Keys tab you can create, delete, and manage the Management keys within your company. Review the Management Keys documentation for further details about management keys and how they are used.
Projects
Under this Projects tab, you get an overview of all the projects in your company. With this, users can view for example which Projects come under which region. Upon editing a specific project, the project's page will open where you can make your changes with respect to the selected project. There's also other action options for management of these project which can be viewed by clicking onto the settings icon to the right of the tabular columns. These include Clone, Export (pro plan only) and Delete.
Project information that appears in the table by default are Name, ID, Environment, Region, App URL, Tags. One can choose more columns to be displayed for these projects apart from the default ones shown. These include options like "Block Sign Up Config" column to show which stores
"true" value for all the projects that have been configured to block signups in their settings. Other columns being Custom Domain, Approved Domain. A search filter also provided to filter out
projects based on certain parameters. This filter comes in handy when users have multiple projects, giving them an easy way to navigate between projects. An option to create a project from here is also available with a click of +Project button on the right.
