Admin Console
The Admin Console is a dedicated page for company admins that consolidates user management and shows an audit log of significant actions taken inside your company.
Access it from the Admin entry in the sidebar (visible only to users with the admin role) or by going to /admin directly.
Users tab
This is the same user management that used to live in Settings. From here you can:
- Add a user — set a name, email, temporary password, and role (Admin or Viewer)
- Delete a user — removes their sign-in; their historical data stays
- See which users have a pending "Must change pw" state from a recent password reset
The user you're currently signed in as cannot delete themselves.
Roles
| Role | Permissions |
|---|---|
| Admin | Full access — settings, credentials, user management, Admin Console |
| Viewer | Read-only — can view transactions, reports, accounts, invoices |
Audit Log tab
Every significant action in your company is recorded in the audit log. This includes:
| Action | When it's logged |
|---|---|
| Signed in | Every successful login |
| Failed login attempt | Wrong password on an existing account |
| Changed password | A user successfully changes their own password |
| Created / updated / deleted user | Any user-management action |
| Updated company settings | Settings → Company Info or business lines |
| Saved / deleted API credential | Stripe key change |
| Saved / removed SMTP configuration | Per-tenant email config |
| Synced Stripe / Square / bank account | Each successful sync, with the count imported |
| Imported transactions | CSV / file imports |
| Processed payroll run | Each finalized pay run |
| Reset all transaction data | Danger Zone reset |
Each row shows when it happened (relative time, with the exact timestamp on hover), the user, the action, and contextual details (e.g. email: x@y.com · role: viewer for a user creation).
Reviewing the log
- Logs are scoped to your company — you only see your own tenant's activity
- Entries are sorted newest-first
- Paginated at 50 entries per page
What is and isn't logged
- Logged: mutations and security-sensitive events (logins, settings changes, syncs, imports)
- Not logged: read operations (viewing a transaction, opening a report) and AI Assistant queries
- Not logged: failed logins to unknown email addresses — there's no company to attribute those to. Password attempts against existing accounts are logged
Retention
There is no automatic purge policy. The audit log grows over time and is preserved as long as you run the app. If you need to trim it, do so directly against the audit_log table in the database.