Skip to main content

Administration

Everything under Administration configures the platform and the people who run it. Each page is gated by a permission, so the section only shows what your role allows.

Users

Invite, edit, activate/deactivate users and assign their roles and direct permissions. Deactivating an account revokes its live sessions immediately (the next request is a 401).

Users administration

Roles

Roles are named bundles of permissions. A user's effective permissions are the union of their role grants and any direct grants. The seeded Admin role holds every permission; a Partner role holds only the partner-API permissions and anchors partner API keys (see Partner API → Authentication).

Roles administration

Products

Loan products define how loans price and behave: interest rate, repayment method, day-count convention, borrowing fees, transaction fees, rounding, grace periods, and APR caps.

Loan products

Permissions

The read-only catalog of every permission the app defines, grouped by area. Permissions are code-defined and reseeded automatically, so this is always in sync with what the handlers enforce.

Permission catalog

Audit log

Every change to an audited entity is recorded — the table, the action, the before/after snapshot, who did it, and when. Role and permission grants are audited too. The list supports persisted, shareable filters.

Change audit log

There's also a Login attempts page (sign-in successes and failures) alongside the change log.