Ability to control select users who can create/promote users as administrators
being evaluated
A
Adrian Godoy
Currently, any EchoVideo Administrator can grant Administrator access to other users. Whilst institutions can establish internal governance processes around administrator access, these ultimately rely on trust, as once a user is granted Administrator access, they can elevate other users as admins without oversight or approval from the system owners.
We would like the ability to restrict this capability to a designated subset of trusted users only, either through a dedicated "Super Administrator" role or a granular permission that controls whether an Administrator can assign Administrator privileges to others.
This would provide stronger access governance, support least-privilege principles, and reduce the risk of unauthorised privilege escalation while still allowing administrators to perform their day-to-day operational responsibilities.
This feature request is different though would be a great value add in addition to https://echo360.canny.io/echo360-feature-requests/p/custom-role-types
The status was updated to
being evaluated
Marc Jennings
updated the status to
received
G
Gina Scott
I think this goes with roles in general and how it is an all or nothing way. The ability to select what a role can or can't do would be helpful, even with a delegated administrator.
A
Adrian Godoy
Additionally, to the above, whether if a user is granted administrator privleges, if a select group of users (system owners) can be notified of this event.