Table of Contents

Class PlatformAdmin

Namespace
KadicAuth.Domain.Entities
Assembly
KadicAuth.Domain.dll

Represents a user that has been granted platform-level administrative privileges. PlatformAdmins can bypass tenant-scoped validation checks on specific operations (e.g. the tenant-360 creation wizard) so they can bootstrap and configure tenants on behalf of the platform.

This concept lives intentionally OUTSIDE of the standard Permissions/Roles system:

  • it is not assignable via POST /api/Roles/.../permissions,
  • it does not appear in GET /api/Permissions,
  • its membership is managed only through the dedicated PlatformAdminsController.

One row per user; a user is either a platform admin or not.

public sealed class PlatformAdmin
Inheritance
object
PlatformAdmin

Properties

GrantedAtUtc 

public DateTime GrantedAtUtc { get; }

Property Value

DateTime

GrantedByUserId 

public Guid? GrantedByUserId { get; }

Property Value

Guid?

IsActive 

public bool IsActive { get; }

Property Value

bool

Reason 

public string Reason { get; }

Property Value

string

RevokedAtUtc 

public DateTime? RevokedAtUtc { get; }

Property Value

DateTime?

RevokedByUserId 

public Guid? RevokedByUserId { get; }

Property Value

Guid?

UserId 

public Guid UserId { get; }

Property Value

Guid

Methods

Grant(Guid, Guid?, string) 

public static PlatformAdmin Grant(Guid userId, Guid? grantedByUserId, string reason)

Parameters

userId Guid
grantedByUserId Guid?
reason string

Returns

PlatformAdmin

ReGrant(Guid?, string) 

public void ReGrant(Guid? grantedByUserId, string reason)

Parameters

grantedByUserId Guid?
reason string

Revoke(Guid) 

public void Revoke(Guid revokedByUserId)

Parameters

revokedByUserId Guid
Edit this page