Identity-first access
IAMAdmin entry is designed around server-side session checks, role policy, MFA, and approved department assignment.
Assouca Admin
Secure operations portal
A hardened admin landing page for super admins and approved department admins. It keeps the public entry simple while pushing real authorization, MFA, policy checks, and audit enforcement to the server.
15m
Admin idle policy
MFA
Step-up ready
RBAC
Department scoped
Admin entry is designed around server-side session checks, role policy, MFA, and approved department assignment.
The landing page is intentionally marked noindex and avoids exposing internal operational data to public crawlers.
Authenticated admins are routed to the dashboard allowed by their actor context instead of a universal privileged screen.
The page sets the expectation that every sensitive action must still be enforced by gateway and IAM policies.
Department-ready
The UI presents the operating model without exposing private metrics. Actual department visibility must come from the authenticated dashboard after policy enforcement.
Customer cases, account review, tickets, refunds, and trusted support workflows.
Vendor onboarding, KYC review, store status, risk escalations, and compliance checks.
Order visibility, exception handling, delivery coordination, and fulfillment controls.
Wallet activity, payout support, reconciliation views, and payment operations.
Eligibility review, risk monitoring, account limits, and repayment escalations.
Privileged access, audit trails, policy checks, suspicious activity, and incident response.