Application API
Topolo Admin
Clear API and contract surface for Topolo Admin, grouped under the application instead of split across generic reference sections.
Documentation Map
Authority
Service IDs:
srv_SySYzmlOH5H1 Repos:
Hosts:
https://admin.topolo.app https://admin.stg.topolo.us Dependencies: topolo-auth, applications-packages
Depends on Topolo Auth: yes
Contract Source
Type: curated
Source: PlatformApplications/TopoloDocs/src/content/public/applications/admin.mdx
Source exists: no
Canonical admin coverage now lives in the docs application. Admin resolves its environment-specific Auth service id from the `topolo-admin` service slug for browser auth, transition surfaces, and the TopoloOne widget endpoint. Admin first-party embedded password login completes through Admin-owned router navigation after shared Auth token persistence rather than a shared hard document redirect. Admin keeps same-tab sessionStorage access-token restore enabled by default after login and refresh so normal reloads do not appear logged out before cookie refresh completes. Service detail views expose app-centric organization and user assignment or revocation while Auth remains the source of truth for organization-service and user-service access evaluation. User detail views now use Auth's seat-assignment entitlement model for launchable applications: org-included apps stay enabled for everyone, while seat-based apps can be assigned or unassigned by same-org admins only when seats are available. Organization service-assignment views consume Auth service surface metadata so launchable applications are separated from API, runtime, and internal technical services, and the Available Services add flow excludes developer-owned third-party apps marked as organization-internal. Admin now classifies non-org identities from Auth principal metadata plus membership summaries instead of `orgId = null`, treats households as connected personal-account collections rather than separate identity principals, and surfaces Auth-backed org billable-seat summary plus TopoloOne billing preview and billing portal actions in the add-user and organization-detail flows. Platform-admin organization creation with an owner email now relies on Auth owner activation that opens password setup before TopoloOne onboarding. Admin exposes `GET /api/widget` as a stats widget for TopoloOne live workspace, with platform-admin versus org-admin counts aligned to the Admin dashboard.
API key scopes in Auth catalog: 22
Auth Requirements
No global OpenAPI security scheme is declared.
-
analytics.read -
billing.read -
billing.write -
branding.read -
branding.write -
dashboard.read -
developers.read -
developers.write -
organizations.read -
organizations.write -
security.read -
security.write -
services.read -
services.write -
settings.read -
settings.write -
support.read -
support.write -
system.read -
system.write
Runtime and Deployment
Wrangler surfaces: none detected
Environment variables: none derived
Routes: workers.dev or Pages-only delivery
Observability enabled: no explicit signal found
Runtime Surface
Wrangler surfaces: No wrangler file detected in scanned surface
This application does not yet have a source-controlled OpenAPI spec in the docs platform. The current API page is derived from the registered contract source and repository surface.
Failure modes
- No wrangler.toml surface was discovered under the registered repo paths.
- The registered contract source is missing: PlatformApplications/TopoloDocs/src/content/public/applications/admin.mdx
- Neither OpenAPI nor README-derived interface detail was found.