Each user belongs to exactly one organization and also has exactly one role.
For security reasons, only users with the origin "Internal" can reset their password.
Roles and rights
Basic User
A normal user can create applications, subscribe to APIs and much more. However, he is not allowed to change any settings.
Admin
The admin is also allowed to change all settings within his organization.
Global Admin
Although the global admin is assigned to an organization. But he can set everything across all organizations. He can also move everything that belongs to an organization to another.
Origin of the user
Internal User Management
Users are managed using the administration portal that can be used to invite additional users as well. If the self-registration feature of the developer portal is used all users that registered themselves are stored within the internal user system.
Connect to your organization’s LDAP
The API Control Plane can connect to any user directory that makes use of LDAP. Logins to the administration portal are then forwarded to the directory. Using this option, no passwords are stored within the API Control Planes databases. However, you should always keep at least one global administrator stored in the internal user database, in case the connection to your LDAP is not available or needs reconfiguration.
Connect to a SAML identity provider
Single Sign On (SSO) is really popular with a lot of companies. Using SAML you can connect the API Control Plane to a wide variety of Identity Providers like Okta, Ping or Azure AD.