Edit or revoke admin permissions
Super admins can edit or revoke admin permissions for an individual or a group. Remember that every org must have at least one individually assigned super admin, so you can't edit or revoke a super admin's permissions if they are the only one in the org.
- In the Admin Console, go to Security > Administrators.
- To edit privileges, click the pencil icon in the admin or group's Actions column. Make your edits, and then click Update Administrator.
- To revoke privileges, click the X icon in the admin or group's Actions column. Confirm the deletion.
Revoking a group's admin permissions removes that permission from all members of the group. There is one exception to this rule: group members who were individually assigned an admin permission (separate of their group assignment) will not lose their permission. You need to revoke that permission on an individual level.
Org or group admins with user lifecycle privileges can deactivate super admins, which will revoke their role assignments. However, Okta always keeps the role assignment of the last super admin active. If a super admin's assignment is revoked, the last super admin can reactivate them.