Audit Users with Administrator access

Steps to audit the Users with Admin access in your platform:

1 Identify current Administrators
2 Update Administrator access (optional)
3 Remove Administrator access (optional)
4 FAQs

Related Help Guide Pages

Learn how to report on the Administrator Users in your platform, and make changes if needed

It’s important to regularly audit who has 'Administrator' access in your platform to make sure only the right people have access to your key settings, customer data, and actions such as updating your Courses. Keeping this access restricted helps maintain security and prevent accidental changes!

This guide will walk you through how to review your current Administrators, what to look out for, and how to make updates if any changes are needed.

Identify current Administrators

This step shows you how to get a list of all active administrators, and then view (per Admin) which Accounts they have Administrator access for.

Please see below for the steps to:

View a list of active administrators in your platform
View which Accounts an Admin can access

View all current Administrators

Open the ‘Users’ DataGrid from your main navigation menu on the left
In the Users DataGrid, click to create a new Filter
Create your new DataGrid Filter using the following criteria:
1. Main Role ID - Is In - Super Administrator + Training Administrator
2. Status - Is In - Active, Locked
  These Filter conditions will create a Filter that shows you all Users that have the main role of Super Admin or Training Admin, and their status is currently ‘active’ or they have locked their account (but they have not been deleted or set to inactive).
Provide your Filter with a name (such as ‘Active Admins’) and click ‘Save’ to create it and apply it to your DataGrid
Your DataGrid will now be filtered to Active Admins only!
In this case we can see that there are 23 admins based on the ‘23 items’ at the bottom-left of the DataGrid

Please note

If your own Administrator access is limited, e.g. you only have Admin Access over a small selection of Accounts, then you will not see any Admins that are outside of that selection.

We recommend included the following columns in your DataGrid View for Admins
- First Name
- Last Name
- Main Role
- Last Logged on
- Date Created
- Main Account Name
- Status
Sorting by ‘Last logged on’ makes it easy to see who has not used your Platform in a long time!

Top tip!

Do you need to share this information with others before you update or remove access?

Use the ‘Export’ option on the DataGrid to download a copy of these User details.

View which Accounts an Admin can access

Once you have your Users DataGrid filtered to only show you Active Admins, you can check individual Admins to see what the scope of their access it

Right-click on an Admin User to view the Context Menu
Click on the ‘Roles’ option
In your User Roles DataGrid, make sure that you have the columns ‘Account Name’ and ‘Account Group Name’ included
If the Admin Role doesn’t have an ‘Account Name’ or ‘Account Group Name’ assigned, it means the role applies across the entire platform & all Training Providers with no restrictions. In this case, the user has Administrator access to all Accounts.
If the Admin role has an Account Name assigned, the Administrator only has access to that specific Account
If the Admin role has an Account Group Name assigned, the Administrator only has access to the Accounts within that group
If a user has multiple Admin roles, their access combines, meaning they’ll have Administrator permissions for all associated Accounts

Update Administrator access (optional)

If an admin has access to more or less Accounts than they should, follow these steps to correct their Admin role

Once you have your Users DataGrid filtered to only show you Active Admins, you can update an individual Admins' access

Right-click on an Admin User to view the Context Menu
Click on the ‘Roles’ option
Identify the role that needs to be updated
Right click on this Role and select ‘Edit’ from the Context Menu
From the ‘User Role Details' page, update their role to include/exclude any Account or Account Group exclusivity
If a user has multiple Admin roles that are not required, you can remove those that are not needed by using the ‘Delete’ option at the top left of the DataGrid

Remove Administrator access (optional)

If an admin should not have Admin access, follow these steps to prevent them from accessing Administrator pages

There are two possible routes to take to remove Admin access, please follow the guidance that applies to your situation:

An Administrator has left the business

If someone has left your team and does not require access to your platform anymore, you can stop them from logging in by changing their status to ‘Inactive’.

Make sure you have the ‘Status’ column included in your Users DataGrid
Find the User in your DataGrid and click the ‘Quick Edit’ button for them
Change their status to ‘Inactive'
Click ‘Save & Close’ to save your changes

An Administrator needs to be changed to an Individual role

If someone has left your team but still requires access to your platform, e.g. they have moved department and may still book Courses with you, you can update their access level to ‘Individual’.

Right-click on an Admin User to view the Context Menu
Click on the ‘Roles’ option
Find their Admin role
Right click on this Role and select ‘Edit’ from the Context Menu
From the ‘User Role Details' page, update their role to ‘Individual’ and remove any Account exclusivity
Click ‘Save & Close’ to save your changes

FAQs

How frequently should we audit Admin access?

We recommend putting a process in place to review and update platform access whenever an employee leaves your business or changes role, ensuring their permissions are updated/removed immediately.

It’s also important to run an access review after any organisational changes, such as team restructures.

In addition, we recommend carrying out a full Administrator access audit at least quarterly to keep your platform secure and up to date!

What’s the difference between a Training Administrator and a Super Administrator?

Training Administrators can manage most areas of the platform, while Super Administrators have full access, including configuration and security settings. You can read more about the two roles here:

Should Trainers have Admin access?

Typically, no. Trainers usually have the role of Individual, with their Trainer permissions granted through their linked Resource record.

However, because Trainer access is an add-on role, it can be combined with any other Main Roles where needed! For example, if a Trainer also manages scheduling, customers, and bookings, they can be an Administrator and a Trainer.

Can I export a list of all Administrators?

Yes! Follow the steps listed higher up in this guide:Audit Users with Administrator access | 🔍 Identify current Administrators

Then use the ‘Export’ option within your DataGrid to download an export of your Admin Users.