OR
OpenRemedy

Admin

Superadmin platform controls.

Cross-tenant platform controls. The entire Admin section is gated to role = superadmin and is not visible in the sidebar to regular tenant users. The sidebar label is rendered in red.

Platform

Route: /admin Role gating: superadmin.

Health overview across the platform:

  • Tenant count.
  • User count.
  • Agent count.
  • Storage usage (PostgreSQL + SeaweedFS).
  • System uptime.

Links into the Tenants and All Users sub-pages.

Tenants

Route: /admin/tenants Role gating: superadmin.

Table of every tenant on the platform.

Columns

  • Name.
  • Subscription tier.
  • User count.
  • Created date.

Actions

  • New tenant. Modal collects name, slug, tier, optional owner email. A webhook_secret is auto-generated for the new tenant.
  • Edit. Tier and limits (e.g., max agents, max storage).
  • Delete. Cascades across the tenant's incidents, servers, policies, agents, and audit log.
  • Impersonate. Server-side cookie swap; the original superadmin access cookie is preserved in original_access_token (httpOnly) so the operation is reversible.

Impersonation banner

While impersonating, a banner is rendered at the top of every page showing the impersonated tenant name, with an Exit Impersonation button. The exit action calls /admin/stop-impersonating, which restores the original superadmin cookie and clears the banner. JavaScript cannot read either token; the swap is entirely server-side.

All Users

Route: /admin/users Role gating: superadmin.

Cross-tenant user list, filterable by tenant via dropdown.

Columns

  • Email.
  • Tenant.
  • Role (user / admin / superadmin).
  • Status (active / inactive).
  • Last login.

Actions

  • Force password reset.
  • Deactivate.
  • Delete.
  • Edit role.

Related routes

  • settings — tenant-scoped user management lives there for non-superadmins