Multiple administrator roles are available for users in PingOne. These roles grant special rights and privileges and are customizable with regards to their responsibilities.


To prevent privilege escalation, you cannot create an administrator user if you do not have administrator privileges.

  1. Go to Identities > Users.
  2. Locate the user you want to edit. You can browse or search for users.
  3. Click the user entry to open the user details panel.

    You can also create a new user with administrator privileges by clicking the + icon.

  4. Click the Roles tab and then click Grant roles.
  5. Select an administrator role, such as Environment Admin, Identity Data Admin, or Organization Admin. For more information, see Roles.
  6. Click Save.
You can sign on as the admin user to validate their permissions and level of access. You can find the console URL and the self-service URL under Environment > Properties.