Super Admin Panel
A small, read-first platform admin area at /admin, for operators/owners of the product — not for workspace members. It is intentionally minimal: visibility first, plus one guarded support action (suspend/reactivate a workspace).
A small, read-first platform admin area at /admin, for operators/owners of the
product — not for workspace members. It is intentionally minimal: visibility
first, plus one guarded support action (suspend/reactivate a workspace).
Enabling it
-
Add your email to
SUPER_ADMIN_EMAILSon the Convex deployment (backend functions don't readpackages/backend/.env):bun --cwd packages/backend convex env set SUPER_ADMIN_EMAILS "you@example.com" -
Sign in with a verified email. Google/Microsoft OAuth and magic link verify automatically, and new email/password accounts must verify before they can sign in. Existing unverified password accounts are rejected until they complete email verification.
-
Keep
SUPER_ADMIN_REQUIRE_2FA=true(default) and enrol in two-factor from Settings → Security. For local dev you can set it tofalse:bun --cwd packages/backend convex env set SUPER_ADMIN_REQUIRE_2FA "false" -
Reload the dashboard. An Admin item appears in the sidebar under "Platform";
/adminis now reachable.
Troubleshooting "/admin returns 404"
A 404 means the access check returned isSuperAdmin: false — the panel is
working as designed, you just don't pass the gate yet. To see the exact reason,
call the access query (e.g. from the Convex dashboard or a one-off client call):
api.admin.access.getSuperAdminAccess → { isSuperAdmin, reason }
reason is one of not_authenticated, missing_user, email_not_verified,
not_allow_listed, two_factor_required, or ok. Fix the matching item above.
Full access model: Super Admin Access.
What's in the panel
- Overview (
/admin) — recent audit events, recent users, recent workspaces. Bounded lists, no expensive counts. - Users (
/admin/users) — paginated users with exact-email search and a per-user detail drawer (workspace memberships + roles). See Admin: Users. - Workspaces (
/admin/workspaces) — paginated workspaces with a status filter, a detail drawer (members, billing snapshot), and the suspend / reactivate actions. See Admin: Workspaces. - Audit log (
/admin/audit-log) — the full, filterable event history. See Admin: Global Audit Log.
What it is not
By design, the panel does not include: user impersonation, deleting accounts, editing emails/passwords, arbitrary database editing, or arbitrary billing edits. It is not a replacement for the Convex dashboard, the Better Auth dashboard, or your billing provider's dashboard.
Boundaries and safety
- Access is server-enforced on every query/mutation, not just the route.
- The single write surface (suspend/reactivate) requires step-up verification and writes audit events for success, failure, and denial.
- All lists are indexed and paginated, so the panel stays fast as data grows.
Removing it
Analytics (PostHog)
Leave Localhost uses PostHog as its first-class product analytics provider. All product and backend code talks to a single provider-neutral boundary, @leavelocalhost/analytics; only that package and the Convex analytics facade import the PostHog SDKs.
Admin: Users
/admin/users lets a super admin answer "who is this user, and which workspaces do they belong to?" It reads the app-owned users table (kept in sync with Better Auth by the auth triggers), so no membership-scoped API is needed.