Accounts module
/
Sub-accounts
/
Update sub-account hierarchy settings

Account Management Overview

Frontegg is built with multi-tenancy in mind, allowing the creation and management of multiple accounts (tenants) within an environment. This section provides an overview of relevant API endpoints, organized into Management and Self-Service categories, supporting the creation of accounts, hierarchies, and sub-accounts.

Management Endpoints: Require environment-level authorization and offer full control over resources, including SSO (SAML and OIDC) configurations, account hierarchies, and sub-accounts.

Self-Service Endpoints: Accessible with a user token (JWT), enabling users with the appropriate permissions to create, update, and delete sub-accounts from ah hierarchy.

Download OpenAPI description
Users, Auth and Security
Single Sign-On
SCIM Provisioning
Entitlements
Entitlements Agent
Accounts (Tenants)
Languages
Servers
EU Region
https://api.frontegg.com/tenants/
US Region
https://api.us.frontegg.com/tenants/
CA Region
https://api.ca.frontegg.com/tenants/
AU Region
https://api.au.frontegg.com/tenants/
Frontegg sub-domain for use with user tokens
https://{domain}.frontegg.com/tenants/

Accounts

Operations

Sub-accounts and hierarchy

Operations

Account migration

Operations

Account settings

Operations

Sub-accounts

Operations

Update sub-account (tenant) management

Request

Enable sub-account to give child accounts multi-seller management capabilities. Send isReseller: true to update sub-accounts with this capability

Path
tenantIdstringrequired
Bodyapplication/jsonrequired
object(UpdateSubTenantManagementRequest)
curl -i -X PUT \
  'https://api.frontegg.com/tenants/resources/sub-tenants/v1/{tenantId}/management' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{}'

Responses

Update sub-account hierarchy settings

Request

Set the default behavior of sub-account access in a account (tenant). Set subAccountAccessType to defaultOff or defaultOn to allow sub-account access to be changed, or alwaysOn to force sub-account access on all users.

Path
tenantIdstringrequired
Bodyapplication/jsonrequired
object(UpdateSubTenantHierarchySettingsRequest)
curl -i -X PUT \
  'https://api.frontegg.com/tenants/resources/sub-tenants/v1/{tenantId}/hierarchy-settings' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{}'

Responses

Delete a sub-account by ID

Request

Delete a sub-account. A user or vendor token is required for this route. A user token can be obtained after user authentication.

Path
tenantIdstringrequired
curl -i -X DELETE \
  'https://api.frontegg.com/tenants/resources/sub-tenants/v1/{tenantId}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

When the given tenant doesn't exist.