Breadcrumbs

Adding Admins

A quick guide to set the correct permissions to add new admin users


To access the Super Admin, your users need to be updated with the correct Custom Claims. We use custom claims to verify they can access the super admin.

We do so by setting the role property to super-admin.

json{
  "role": "super-admin"
}

You can provide more roles for your super admin users - but we only use super-admin by default, which is equipped with all permissions.

If you're using the emulator, the user test@nextkit.app is set up with super admin permissions by default.

Setting your user as Super Admin

To set a user's custom claims against a production environment, we need to run an SQL query from the Supabase dashboard and set the correct claims for your user.

  1. Navigate to the SQL Query runner: From the Supabase dashboard, navigate to the SQL Query page - where we can run arbitrary commands against our Postgres Database.
  2. Grab the ID of your user: Now, copy this code below in a text editor and replace <user_id> with your real user's ID.
sqlUPDATE auth.users SET raw_app_meta_data = '{"role": "super-admin"}' WHERE id='<user_id>';

Once copied the full query with your correct user ID, run the query in the Supabase query runner. Your user is now a super-admin and can access the Super Admin panel in your app.

Your user may need to log out and log in again to see the changes.

Enforce MFA

For added security, you can enforce the admin to be signed out using MFA by toggling the constant ENFORCE_MFA to from false to true.

src/app/admin/utils/is-user-super-admin.ts
tsconst ENFORCE_MFA = true;