Admin – User & Access Overview

This page documents how access is currently managed for the Rolling Redemption portals and admin areas.

Principles

• Least privilege: each user sees only the audiences they need.
• Code-based entry for external audiences (banks, sponsors, PO, etc.).
• Named admin accounts for internal operators.

Current Implementation

• External users (banks, sponsors, PO, community partners) are granted access via portal codes tied to specific landing pages.
• Internal admins authenticate via server-level or SSO mechanisms (to be formalized) and use the admin portal for configuration and oversight.
• User provisioning and revocation are currently handled manually as part of pilot operations.

Roadmap

• Move from ad hoc admin accounts to a central identity provider.
• Per-audience dashboards for sponsors, banks, and PO partners.
• Audit logs for key access and configuration changes.

Until that roadmap is fully implemented, any change in access should be recorded in the internal admin log and, if needed, mirrored in the program playbook.

« Back to Admin Console