public active Last verified 2026-03-31

Topolo Admin

Public overview of the administrative interface used for org, user, service, and audit management across the Topolo platform.

Owners
platform-admin
Source Repos
Applications/TopoloAdmin, Websites/docs
Systems
Topolo Admin, Topolo Auth
Tags
admin, auth, organizations

What It Is

Topolo Admin is the operator-facing administrative UI for platform-wide organization, user, service, permission, and audit workflows.

Architecture

The app is a React-based browser surface that depends on Topolo Auth for identity and authorization while presenting role-aware admin workflows for super-admin and organization-admin users.

Runtime Surfaces

The primary host is https://admin.topolo.app.

API Reference

Topolo Admin is primarily a UI surface over Auth-backed admin routes. Use /systems/topolo-admin together with the Auth references for the current runtime and admin API families.

Authenticated admins can set a user password directly from the admin UI without using the public email-token recovery flow. Eligible admins can delete users directly from the admin UI. Standard deletion removes access and hides the user from normal admin reads, while super-admin permanent deletion is reserved for full erase cases. Organization deletion is a soft-delete workflow that immediately suspends org-user access, blocks org-scoped service authorization, and keeps the org available for later restore or retention-based purge. Super admins can also surface deleted organizations in the admin UI and restore them when needed.

Auth and Permissions

Topolo Admin uses Auth-issued bearer or session context and enforces role-based access for super-admin and org-admin operations.

Data Ownership

Topolo Admin owns the administrative browser experience. Topolo Auth remains the source of truth for users, orgs, services, permissions, and audit records.

Deployments

Topolo Admin deploys as a browser application that fronts the centralized Auth admin APIs.

Failure Modes

  • stale admin role or session context
  • UI drift from current Auth admin route families
  • org-scoped actions incorrectly treated as platform-wide actions

Debugging

Start with /systems/topolo-admin for the current host and service metadata, then verify the corresponding Auth admin route family.

Change Log / Verification

  • Added canonical Topolo Admin coverage and retired repo-local admin docs on 2026-03-30
  • Verified the direct admin password-set workflow on 2026-03-31
  • Verified the admin user-delete workflow and soft-delete visibility rules on 2026-03-31
  • Verified the distinction between soft delete and permanent user purge on 2026-03-31
  • Verified that org soft-delete immediately suspends org-user access and hides deleted orgs from normal Admin reads on 2026-03-31
  • Verified that super admins can surface and restore soft-deleted organizations on 2026-03-31