Account Management Overview

Frontegg is built with multi-tenancy in mind, allowing the creation and management of multiple accounts (tenants) within an environment. This section provides an overview of relevant API endpoints, organized into Management and Self-Service categories, supporting the creation of accounts, hierarchies, and sub-accounts.

Management Endpoints: Require environment-level authorization and offer full control over resources, including SSO (SAML and OIDC) configurations, account hierarchies, and sub-accounts.

Self-Service Endpoints: Accessible with a user token (JWT), enabling users with the appropriate permissions to create, update, and delete sub-accounts from ah hierarchy.

Languages
Servers
EU Region

https://api.frontegg.com/tenants/

US Region

https://api.us.frontegg.com/tenants/

CA Region

https://api.ca.frontegg.com/tenants/

AU Region

https://api.au.frontegg.com/tenants/

Frontegg sub-domain for use with user tokens

https://{domain}.frontegg.com/tenants/

Accounts

Operations

Delete account (tenant)

Request

Remove an account (tenant) and all its users. If the account is part of a hierarchy, all sub-accounts are reassigned to the deleted account's parent. Requires an environment token obtained from the environment authentication route.

Path
tenantIdstringrequired
curl -i -X DELETE \
  'https://api.frontegg.com/tenants/resources/tenants/v1/{tenantId}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

When the given account (tenant) doesn't exist.

Create an account (tenant)

Request

Create a new account (tenant). If an account with the given ID previously existed and was removed, this action will reactivate that account. Requires an environment token obtained from the environment authentication route.

Bodyapplication/jsonrequired
tenantIdstring

Send your own unique tenantId or Frontegg will auto-generate a UUID

namestring
statusstring

This field can be used for custom logic, it is not enforced in Frontegg flows

websitestring
applicationUrlstring
logostring

Base64-encoded image to use as logo.

logoUrlstring
addressstring
timezonestring
currencystring
creatorNamestring
creatorEmailstring
isResellerboolean
parentTenantIdstring
curl -i -X POST \
  https://api.frontegg.com/tenants/resources/tenants/v1 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "tenantId": "string",
    "name": "string",
    "status": "string",
    "website": "string",
    "applicationUrl": "string",
    "logo": "string",
    "logoUrl": "string",
    "address": "string",
    "timezone": "string",
    "currency": "string",
    "creatorName": "string",
    "creatorEmail": "string",
    "isReseller": true,
    "parentTenantId": "string"
  }'

Responses

When the account (tenant) ID does not pass the validation.

Delete current account (tenant)

Request

Delete the current account (tenant) and all users belonging to that account.

Only users with the fe.account-settings.delete.account permission can perform this action.

A user token is required for this route and can be obtained after user authentication.

curl -i -X DELETE \
  https://api.frontegg.com/tenants/resources/tenants/v1 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

When current account (tenant) has been removed.

Sub-accounts and hierarchy

Operations

Account migration

Operations

Account settings

Operations

Sub-accounts

Operations