HomeGuidesAPI ReferenceChangelog
Log In
Guides

Global Administrator

Global Admin v/s Administrator Role

There are two types of administrator accounts within RegScale. They are described below:

  • Global Admin - a "break glass" account, admin, that is used for initial login, setup of Tenants within the enterprise edition, and provisioning of the user account for the first system administrator. Once the first system administrator account is created, this account should not be used for any other administrative tasks. It is only intended for initial setup and for managing tenants. This account should never be deleted or de-activated. IMPORTANT - once you set your admin password, please secure it in a safe place as this password is not retrievable by RegScale. The customer is solely responsible for securely managing this password.
  • Administrator - god-mode account within a given tenant. It should be used for creating all addtionial users and configuring tenant settings.

The key differences between these accounts are shown below:

  • The admin account has god-mode across multiple tenants and can create new tenants.
  • The admin account will not show in the user list like other administrator roles (which is a privilege assigned to individual accounts).
  • There is only one admin account per RegScale install. The administrator role can be applied to many users in each tenant based on business need.
  • The admin role has limited access within the RegScale application that is primarily centered on creating tenants and the first administrator account.

Resetting the Global Admin Account

RegScale will not have access to the Global Admin account and cannot recover the password. In some cases, customers have lost this password, mistyped it, or otherwise become locked out of the account. For this reason, we have built in a reset system to restore the password to the default. The following steps will allow you to reset the Global Admin password:

  • Add a new Environment Variable as follows AtlasityReset='true'
  • Stop the RegScale container
  • Apply the new environment variable (locally or in the config files)
  • Restart the RegScale container
  • When the app restarts, it will reset the Global Admin password to the default 51mpl3Compliance$ password (NOTE: Copy and paste this password to be precise as numbers and letters can be easily confused)
  • Login as admin with the password in the previous step
  • Change the password to something secure and store it in a safe place
  • Stop the RegScale container
  • Remove the AtlasityReset environment variable or set the flag to false (NOTE: If already set, manually remove it from memory on the server/laptop or reapply with the false setting)
  • Restart the container without the reset flag set

The app is now secure again and the admin password is reset. Customers must ensure that only trusted administrators have access to the server or infrastructure where RegScale is hosted. Access to the Global Admin account applies god mode permissions to the given user (including the ability to create other system administrators). Customers should NEVER leave the Global Admin account in a configuration where it leverages the default password. The default should always be changed immediately.