Admin Widgets

Descope Admin Widgets provide powerful components that enable administrators to manage their organization's users, roles, access keys, and audit logs. These widgets allow administrators to handle various management tasks directly within your application.

In order for a user to use the admin widgets they must be assigned to a role that has the "User Admin" permission for the specific tenant (you can use the built-in "Tenant Admin" role)

Overview

Admin Widgets are designed to handle different aspects of administrative management:

User Management Widget: Enables administrators to manage user accounts, including creating, editing, and managing user access.
Role Management Widget: Allows administrators to create and manage roles and their associated permissions.
Access Key Management Widget: Provides tools for managing machine-to-machine access keys.
Audit Widget: Offers visibility into user actions and system events through comprehensive audit logs.

The User Management Widget provides administrators with comprehensive tools to manage user accounts within their organization. This widget enables administrators to:

Create new user accounts
Edit existing user information
Activate or disable user accounts
Reset user passwords
Remove user passkeys
Delete user accounts

Note

Custom fields will also appear in the user management table.

import { UserManagement } from '@descope/react-sdk';
...
  <UserManagement
    widgetId="user-management-widget"
    tenant="tenant-id"
  />

The Role Management Widget enables administrators to create and manage roles within their organization. This widget allows administrators to:

Create new roles
Modify existing role permissions
Delete roles

Note

Delegating permission and role creation to tenant admins requires having delegation roles created and associated to the tenant admin. An example can be shown here.

Notes

The Editable field is determined by the user's access to the role - meaning that project-level roles are not editable by tenant level users.
You need to pre-define the permissions that the user can use, which are not editable in the widget.

import { RoleManagement } from '@descope/react-sdk';
...
  <RoleManagement
    widgetId="role-management-widget"
    tenant="tenant-id"
  />

The Access Key Management Widget provides administrators with tools to manage Access Keys for machine-to-machine authentication. This widget enables administrators to:

Create new access keys
Activate or deactivate existing access keys
Delete access keys

import { AccessKeyManagement } from '@descope/react-sdk';
...
  <AccessKeyManagement
    widgetId="access-key-management-widget"
    tenant="tenant-id"
  />

The Audit Widget provides administrators with visibility into user actions and system events. This widget includes all tenant authentication events and custom audit events, allowing administrators to:

Monitor user activities
Track system events
Review authentication attempts
View custom audit events

import { AuditManagement } from '@descope/react-sdk';
...
  <AuditManagement
    widgetId="access-key-management-widget"
    tenant="tenant-id"
  />

Create Audit Events

The tenant authentication events are displayed in the widget by default. You can create additional audit events using the management api. Here's an example in Node.JS:

await descopeClient.management.audit.createEvent({
  action: 'user.updated',
  type: 'info', // info/warn/error
  actorId: 'UXXX',
  tenantId: 'tenant-id',
  data: {
    some: 'data',
  },
});

Was this helpful?

On this page