Admin

Admin Users

← Back to Admin

The Admin Users page manages platform-admin and tenant-admin accounts. This is the smallest, most-sensitive surface in the manual — every account here can change tenant data.

Admin Users

What an admin user is

A user in the users table — distinct from a teammate in the teammates table.

  • Users authenticate and act on the dashboard. They have a role (admin, superadmin, viewer).
  • Teammates are people who do work (cleaners, hosts) — they're routed tasks via WhatsApp but don't necessarily have dashboard access.

A single physical person can be both (admin user + assigned teammate). Most cleaners are teammates only.

Roles for users

Role Scope
admin One tenant; full read+write
superadmin All tenants; full read+write + tenant settings
viewer One tenant; read-only on reports

Adding an admin user

  1. Admin UsersNew user.
  2. Email, name, role, tenant (defaults to current).
  3. Set initial password (you'll need to communicate it to the user out-of-band).
  4. Save. The user can log in immediately.

Removing an admin user

  1. Find the row → Delete.
  2. Confirm. The user is removed; any active session is invalidated on next API call.

⚠ Deleting the only admin for a tenant leaves the tenant locked out. Always have at least one admin per tenant.

Password resets

There is no self-serve password reset in the current build. To reset a user's password:

  1. Open the user row → Reset password.
  2. Set a new password.
  3. Communicate it to the user out-of-band.

Audit

Every admin-user change is in the Activity Log. Filter Action = users.* to see the history.


  • #70 — Authentication bypass: fallback users hard-coded admin + plaintext superadmin login (fixed; no operator-visible change).
  • #76 — JWT lifecycle hardening.
  • #83 — OAuth redirectUri allowlist + admin-impersonation audit.
Source: the FlatsBratislava operator manual.