SuperAdmin Capabilities

The SuperAdmin is the platform-wide administrator with the highest level of authority. Unlike other roles, SuperAdmin is not tied to any specific department and can operate across the entire platform.

1. First-Time Registration

The first person to register on the platform automatically becomes the SuperAdmin.
A default "General" department is created along with default roles (Admin, Developer, User) and their pre-configured permissions.
This is a one-time process — once a SuperAdmin exists, subsequent users register as regular pending users.

2. User Assignment

Assign any role (Admin, Developer, User) to any registered user in any department.
No department restriction — SuperAdmin can onboard users across the entire platform.

3. User Update

Update a user's role within any department.
Set a temporary password for any user across all departments. The temporary password must then be shared with the user so they can log in.

4. User Access Management

Enable or disable login access for any user across all departments (global control).
Can disable users in any department, including Admins.
Cannot disable themselves.

5. Department Management

Create new departments as needed.
Delete existing departments and all their associations.
View details of any department on the platform.

6. Role Management

Add or remove roles (Admin, Developer, User) in any department.
View all roles configured for any department.
Not restricted to a single department — can manage roles across the entire platform.

7. Role Permissions Management

Set or update permissions for any role in any department, including the Admin role.
View the permission matrix for any role in any department.
This is exclusive to SuperAdmin — department Admins cannot modify Admin role permissions.

8. Password Management

Reset passwords for any user across all departments by setting a temporary password.
When a temporary password is set, the user is forced to change it on their next login.