Feedback
Roadmap
Changelog

April 24th, 2026

New

Changelog: Temporary Admin Elevation via Swif DeskApp (Employee Role)

Changelog: Temporary Admin Elevation via Swif DeskApp (Employee Role)

Platforms: macOS, Windows, Linux (when allowed in policy)
Docs: Temporary Admin Elevation | Help Center | Swif.ai
We’ve added a new end‑user flow in the Swif DeskApp that lets eligible users temporarily elevate themselves to local admin on their own device, based on the Temporary Admin Access policy configured in the Swif web app.

What’s new for end users

When Temporary Admin Access is enabled and the device/user is in scope:

  • New “Request temporary admin access” entry point in DeskApp

    • Appears on supported devices and OSes (macOS / Windows / Linux as allowed in policy).

    • Explains that admin access will be temporary and controlled by IT.

  • Request Admin Access modal

    • Users can:

      • See how long the admin session can last (per your policy).

      • Enter a reason for elevation (e.g., “Install Xcode”, “Update Docker CLI”).

    • The app validates required fields and shows clear inline errors if anything is missing.

    • On confirmation, the device enters elevated mode for the configured session duration.

  • Active elevated session view

    • When elevation is active, DeskApp clearly shows:

      • That the user is currently an elevated admin on that device.

      • A countdown timer for remaining admin time (auto‑updates during the session).

      • A primary action: End admin access now to drop back to a standard user at any time.

    • When the session ends (time‑out or ended early), local admin rights are automatically revoked and the UI returns to the non‑elevated state.

  • Guardrails & messaging

    • If elevation isn’t available (feature disabled, device out of scope, OS not supported, limits hit, cooldown active, etc.), DeskApp shows a clear explanation rather than offering the request option.

    • The backend enforces your configured rules (session duration, per‑day limits, cooldowns, etc.), and DeskApp surfaces friendly error messages when a limit is reached.

What’s new for admins

These changes work together with the existing Temporary Admin Elevation configuration and logs in the Swif web app:

  • Configuration lives in the web app

    • Configure under Settings → Local Account Controls → Temporary Admin Access:

      • Enable/disable Temporary Admin Access.

      • Scope to all devices or selected device groups.

      • Choose supported OSes (macOS / Windows / Linux).

      • Set max session duration, session frequency limits, and cooldowns.

  • Device‑level elevation history

    • Each elevation session from DeskApp is recorded and visible under:

      • Devices → [Device] → Device Details → Accounts → Temporary Admin Access log

    • For each session you can see:

      • Status (Active / Ended / Canceled / Failed).

      • Local account that was elevated.

      • Reason, start time, end time, and total duration.

      • Time remaining and an End admin access now control for active sessions.

For a full overview of configuration, user flows, guardrails, and logs, see:
Temporary Admin Elevation | Help Center | Swif.ai

Write a comment...