Platform Admin Panel
Platform Admin Panel
Section titled “Platform Admin Panel”The platform admin panel is available to users with the super_admin role. It provides cross-organization visibility and management capabilities for platform operators.
Accessing the Panel
Section titled “Accessing the Panel”Navigate to Platform in the left sidebar of your console. This menu item is only visible to super admins.
Platform Statistics
Section titled “Platform Statistics”The stats dashboard shows aggregate metrics across all organizations:
| Metric | Description |
|---|---|
| Total Organizations | Number of registered organizations |
| Total Users | All users across all orgs |
| Total Cloud Accounts | Connected AWS, Azure, and GCP accounts |
| Total Cost Rows | Volume of billing data ingested |
| Sync Errors | Accounts currently in error state |
| New Orgs (30d) | Organizations created in the last 30 days |
Organization Management
Section titled “Organization Management”Listing Organizations
Section titled “Listing Organizations”The org list shows every organization with key metrics:
- Organization name, slug, and plan (free/pro/enterprise)
- User count, account count, and error count
- Last sync timestamp
- Active/inactive status
Organization Drill-Down
Section titled “Organization Drill-Down”Click any organization to see:
- Users — All members with roles and email addresses
- Cloud Accounts — Connected accounts with provider, status, and sync state
- Cost Summary — Total cost, latest data date, row count, and provider breakdown
Changing Plans
Section titled “Changing Plans”Update an organization’s billing plan:
PATCH /api/v1/platform/orgs/:id/planBody: { "plan": "pro" }Valid plans: free, pro, enterprise.
Enforcing 2FA
Section titled “Enforcing 2FA”Force mandatory two-factor authentication for any organization:
PATCH /api/v1/platform/orgs/:id/require-2faBody: { "required": true }All users in the organization will be required to set up TOTP 2FA on their next login.
Contacting Organization Admins
Section titled “Contacting Organization Admins”Send an email to all admins of an organization:
POST /api/v1/platform/orgs/:id/contactBody: { "subject": "Scheduled maintenance", "message": "..." }Deleting an Organization
Section titled “Deleting an Organization”Permanently delete an organization and all its data:
DELETE /api/v1/platform/orgs/:idDeleting a Cloud Account
Section titled “Deleting a Cloud Account”Remove a specific cloud account from an organization:
DELETE /api/v1/platform/orgs/:orgId/accounts/:accountIdThis cascades to: anomaly alerts, alert rules, budgets, recommendations, cost data, sync jobs, network costs, resource inventory, coverage data, and user access grants.
Sync Health
Section titled “Sync Health”The sync health view shows all cloud accounts currently in error state across all organizations. For each account:
| Field | Description |
|---|---|
| Account Name | The user-defined name |
| Provider | AWS, Azure, or GCP |
| External ID | The IAM role ARN, service principal ID, or service account key |
| Status | Error status |
| Sync Error | The error message from the last failed sync |
| Last Synced At | When data was last successfully pulled |
| Organization | Which org owns the account |
Use this to proactively reach out to organizations with broken connections before they notice stale data.
Growth Tracking
Section titled “Growth Tracking”The growth view shows new organization signups per week for the last 12 weeks. Each data point includes:
- Week start date
- Number of new organizations created that week
Usage Metrics
Section titled “Usage Metrics”Per-organization usage for the last 30 days:
| Metric | Description |
|---|---|
| Syncs (30d) | Number of sync jobs run |
| Actions (30d) | API calls and console actions |
| Last Activity | Most recent user activity timestamp |
| Cost Rows | Volume of billing data stored |
| Plan | Current billing plan |
Platform Audit Logs
Section titled “Platform Audit Logs”View audit logs across all organizations. Unlike org-level audit logs which are scoped to a single org, platform audit logs span the entire platform.
Filter by:
- Organization ID — Narrow to a specific org
- Action — Filter by event type
- Limit/Offset — Pagination (max 200 per page)
Active Sessions
Section titled “Active Sessions”View all active sessions (non-revoked, non-expired refresh tokens) across the platform. Shows:
- User email and organization
- Session creation time
- Token expiry
Limited to the 100 most recent sessions.
Impersonation
Section titled “Impersonation”Generate a temporary access token to act as any user. This is useful for debugging issues reported by customers.
POST /api/v1/platform/impersonate/:userId- Creates a 15-minute JWT with
impersonating: trueflag - Rate limited to 10 requests per minute
- Logged in the audit trail with full impersonation details
- The impersonation token inherits the target user’s organization and role
API Reference
Section titled “API Reference”All platform endpoints require the super_admin role and a valid JWT:
| Method | Path | Description |
|---|---|---|
GET | /platform/stats | Platform-wide statistics |
GET | /platform/orgs | List all organizations |
GET | /platform/orgs/:id | Organization drill-down |
GET | /platform/sync-health | Accounts in error state |
GET | /platform/growth | Weekly signup growth |
GET | /platform/usage | Per-org usage metrics (30d) |
GET | /platform/audit-logs | Platform-wide audit logs |
GET | /platform/sessions | Active sessions |
POST | /platform/impersonate/:userId | Generate impersonation token |
PATCH | /platform/orgs/:id/plan | Change billing plan |
PATCH | /platform/orgs/:id/require-2fa | Enforce 2FA |
POST | /platform/orgs/:id/contact | Email org admins |
DELETE | /platform/orgs/:orgId/accounts/:accountId | Delete cloud account |
DELETE | /platform/orgs/:id | Delete organization |