What privileges and settings does an authorized user require?

Other users can also manage tenants if they are not created as users in operational tenants, because management is always carried out in the name of the user superuser using impersonation. The following requirements have to be met: