Company Settings
Within the Descope console, configure various items around the company from the Company Settings page. Within this page there are 3 tabs for managing company settings, Descopers, and Management keys.
Settings
Within the settings tab, the following can be configured:
General
- The
Company Name.
Console Access
- Configure SSO for Descope admins by clicking the
Configure SSObutton.
Note
This walks through the Self-Service Provisioning flow. Once completed, the Descope admins will be able to authenticate to the Descope console using SSO.
- Enforce SSO - This will be visible once SSO is configured for the console. Will oblige Decopers to log in through SSO.
- Roles - This will be visible once SSO is configured with SAML. Define what roles the Descoper has in which project(s). Choosing "Granular Permissions" will allow assigning specific SSO groups to specific projects, combined with roles. Once it is set, descopers will be granted the roles associated with their SSO group upon SSO login.
Note
You can associate the "Company Admin" with an SSO group that will provide administrative access to all projects and company settings.
- Enforce MFA - Will oblige Descopers to go through an MFA while letting Descopers choose their preferred MFA method from the following options: Passkeys, OTP vis SMS, or TOTP.
Permissions
- Optionally check the box for
Allow Developer Success to access my data for troubleshooting purposeswhich enables the Descope Developer Success team to capture further information within the project for troubleshooting purposes.
Descopers
Users who have access to your Descope Console are known as Descopers. You can manage these from the Descopers tab in the Console. Here you can create, delete, and manage your Descopers. When creating a new Descoper you can choose whether to send the invitation via email, and can also configure the Descoper role for the user.
Descoper roles
Descopers can be associated to specific projects and roles. When you uncheck the Company Admin checkbox and configure the
user's roles based on project. The users will only have access to the projects that you associate them with, and they will only
have rights within those projects per the below outline of the roles within Descope at a company level.
| Role | Description |
|---|---|
| Company Admin | Company admins have full read/write access across the company and all projects. |
| Project Admin | Descopers associated to project(s) with the Admin role have full read/write access across the projects they are associated with. |
| Project Developer | Descopers associated to project(s) with the Developer role have read/write access across all of the projects they are associated, including the Project-level settings. However, they will not have read/write access to Company-level settings. |
| Project Support | Descopers associated to project(s) with the Support role have access to read the following: Authentication Methods, Flows, Connectors, IdP Apps, Authorization, and Project Settings. These users have full read/write access within the users, access keys, tenants, and audit pages. |
Management keys
Within the Management Keys tab you can create, delete, and manage the Management keys within your company. Review the Management Keys documentation for further details about management keys and how they are used.