Shipflash logoDocs

Manage Access And Admin Work

Access is role-aware, admin routes fail closed, and sensitive work is tracked in audit logs.

On this page

Roles

The default roles are super_admin and user. Custom roles can expose selected feature access.

Learn more

Admin pages

Admins manage branding, security, audit logs, team access, and waitlist operations.

Learn more

Audit log

Important admin changes record actor, module, action, target, and before/after state.

Learn more

Rate limits

Checkout, portal, waitlist, export, and other hot paths use policy-based limits.

Learn more

Secure defaults to keep

  • Do not trust client-supplied user or role fields when server identity is available.
  • Validate webhook signatures before processing provider events.
  • Keep the Supabase secret key server-only.
  • Keep RLS enabled for exposed Supabase tables.
  • Keep cron endpoints protected by CRON_SECRET.
  • Do not log secrets, raw tokens, or full provider payloads.