Configure groups, roles, and resources for the TAC authenticator

Early Access release. See Enable self-service features.

Complete the following tasks before you add and configure the temporary access code (TAC) authenticator.

Create a TAC user group

Create a group for users who can use TACs to authenticate.

  1. Create a group. See Create a group.
  2. Give the group a name like TAC users, or something similar.
  3. Add the users who are eligible to receive TACs from their admin. See Manually assign people to a group or Bulk assign people to a group.

Create a custom role and assign the TAC permission to it

The custom role allows an admin to create TACs for their users.

  1. Create a new role. See Create a role.
  2. Give the role a name like TAC admin role, or something similar.
  3. Search for the Manage user's temporary access code permission and select its checkbox.
  4. Click Save role.

Create a resource set

  1. Create a resource set. See Create a resource set.
  2. Give the resource set a name like TAC resource set, or something similar.
  3. Click Add resource.
  4. From the Find a resource type dropdown menu, select Users.
  5. Select the Select users option.
  6. In the search field, enter the name of the TAC users group that you created, and then select its checkbox.
  7. Click Save selection.
  8. On the Resource set information page, click Create.

Assign the custom role and resource set to an admin

  1. Assign the TAC custom role to an admin. See the From the People page or From the Groups page sections of Create an admin role assignment using an admin.
  2. From the Role dropdown menu, select the TAC admin role that you created.
  3. From the Resource set dropdown menu, select the TAC resource set that you created.
  4. Click Save Changes.

Related topics

Configure the temporary access code authenticator