Account Management Overview

Frontegg is built with multi-tenancy in mind, allowing the creation and management of multiple accounts (tenants) within an environment. This section provides an overview of relevant API endpoints, organized into Management and Self-Service categories, supporting the creation of accounts, hierarchies, and sub-accounts.

Management Endpoints: Require environment-level authorization and offer full control over resources, including SSO (SAML and OIDC) configurations, account hierarchies, and sub-accounts.

Self-Service Endpoints: Accessible with a user token (JWT), enabling users with the appropriate permissions to create, update, and delete sub-accounts from ah hierarchy.

Download OpenAPI description

Users, Auth and Security

Servers

EU Region

https://api.frontegg.com/tenants/

US Region

https://api.us.frontegg.com/tenants/

CA Region

https://api.ca.frontegg.com/tenants/

AU Region

https://api.au.frontegg.com/tenants/

Frontegg sub-domain for use with user tokens

https://{domain}.frontegg.com/tenants/

Accounts

Operations

Sub-accounts and hierarchy

Operations

Account migration

Operations

Account settings

Operations

Get account settings

Request

Get account settings of an account (tenant). An account is determined by a given user token when using a user token and by the **frontegg-tenant-id** when using a vendor token. A user token or vendor token are required for this route. A user token can be obtained after user authentication. A vendor token is required for this route, it can be obtained from the vendor authentication route.

Headers

frontegg-tenant-idstringrequired

The tenant ID identifier

curl -i -X GET \
  https://api.frontegg.com/tenants/resources/account-settings/v1 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'frontegg-tenant-id: string'

Responses

When tenant with given ID does not exist.

Update account settings

Request

Update account settings of an account (tenant). There has to be at least one setting passed on the body. An account is determined by a given user token when using a user token and by the **frontegg-tenant-id** when using a vendor token. A user token or vendor token are required for this route. A user token can be obtained after user authentication. A vendor token is required for this route, it can be obtained from the vendor authentication route.

Headers

frontegg-tenant-idstringrequired

The tenant ID identifier

Bodyapplication/jsonrequired

object(AccountSettingsUpdateRequest)

curl -i -X PUT \
  https://api.frontegg.com/tenants/resources/account-settings/v1 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'frontegg-tenant-id: string' \
  -d '{}'

Responses

When: a) given parameters do not pass validation b) empty object is passed in request content

Get public settings

Request

Get account public settings of an account (tenant). An account is determined by a given user token when using a user token and by the **frontegg-tenant-id** when using a vendor token. A user token or vendor token are required for this route. A user token can be obtained after user authentication. A vendor token is required for this route, it can be obtained from the vendor authentication route.

Headers

frontegg-tenant-idstringrequired

The tenant ID identifier

curl -i -X GET \
  https://api.frontegg.com/tenants/resources/account-settings/v1/public \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'frontegg-tenant-id: string'

Responses

When tenant with given ID does not exist.

Sub-accounts

Operations

Account Management Overview

Accounts

Sub-accounts and hierarchy

Account migration

Account settings

Get account settings

Request

Responses

How useful was this page?

Update account settings

Request

Responses

How useful was this page?

Get public settings

Request

Responses

How useful was this page?

Sub-accounts