Super users have full control (at the app manager level) of every app in the account. If they are realm admins, they have full control of every app in every account in the realm. Super users can look across all apps, for example, to verify that certain types of data are not being stored in any of your apps, or make needed changes in the absence of key employees.
Super users don't need app tokens when making API calls to apps that require an app token. They can also bypass IP filtering of apps.
Super users are listed on the Manage Users page in each app so that they are visible to people with permission to manage users in the app. The super user entries on this page may not be edited or removed.
If apps contain data that should be restricted for legal, compliance, or regulatory reasons, realm admins can make them private, which will deny access to super users.
Note: Appointing a super user is an important and sensitive task because super users have very wide-ranging access to your apps and data. New super users will need guidance on appropriate app access for your organization.
Designate a super user
Realm admins can appoint up to five super users. Only realm admins or account admins with full management privileges can be designated as super users.
To designate a super user, select the check mark next to the admin(s) you want to appoint as super users. To revoke super user permissions, clear the check mark in the Super User column.
Note: If a super user has one of Full Account or Realm Admin privileges and you remove the privilege, then super user privileges are also removed. If a super user has both Full Account and Realm Admin privileges, removing one of these privileges will not result in the loss of super user privileges. We'll display a warning message before removing super user privileges.
Deny super user permissions in specific apps
Realm admins can deny super user permissions for specific apps within a realm, for example, apps that contain data restricted for legal, compliance, or regulatory reasons. To do this, realm admins designate an app as private.
To deny super user permission in an app, in the Private Apps table, click Add and then enter the app ID of the app you want to designate as private. Separate app IDs with a comma. You can enter up to 10 app IDs at once.
Realm admins can remove the private designation from an app, making them accessible to super users, by selecting the checkbox next to the app name and clicking Remove.
Note: Super users who are realm admins only (and not account admins) access the Super Users tab through the My Apps page by selecting Manage realm name. They need to know the app ID of the app they want to access.
Limitations on super user access
The following limitations apply for super user access:
-
If a user with super user privileges is denied or deactivated, then the user will no longer have super user privileges, even if their access to Quickbase is restored.
-
Other system or realm permissions override super user permissions. For example, if a user is denied from a realm or deactivated, then the user can't access the realm as a super user.
-
When using advanced search or viewing app pickers, super users see only the apps that they have direct access to. To view all apps, super users can access the Apps tab on the Manage Billing Account page.
-
Super users who make an API call using a user token for authentication can't access apps not assigned to the user token. Super users are still subject to the restrictions on user token usage.
-
Super users do not receive email notifications targeted to app admins and managers.
-
Apps that have been marked private will not allow access by super users.