Appearance
Platform Admin Overview
The /admin surface is where Local Visibility Lab staff operate the platform itself — pricing, fee structures, connected-account oversight, failure triage. It is not a way to act inside customer orgs (that's still gated by the customer's own permissions). It's the meta-layer.
Who has access
Platform admin access is not a flag on the user document. It's a server-side allowlist controlled by environment variables on the API service:
PLATFORM_ADMIN_USER_IDS— comma-separated list of Clerk user IDs who get admin access.PLATFORM_ADMIN_ENFORCE— must betruefor the allowlist to be enforced. (When unset/false, the gate is open in dev; in prod this is alwaystrue.)
To grant platform admin to a user: add their Clerk user ID to the PLATFORM_ADMIN_USER_IDS secret in Google Secret Manager (PROD_PLATFORM_ADMIN_USER_IDS for production), then redeploy the API service. Intentional friction — there's no UI for it.
Admin sidebar (top-right "Admin" menu)
Visible only to users whose Clerk ID is on the PLATFORM_ADMIN_USER_IDS allowlist (with PLATFORM_ADMIN_ENFORCE=true). Surfaces:
- Pricing —
/admin/pricing - Platform Config —
/admin/config - Stripe Operations —
/admin/stripe - Failed Jobs —
/admin/jobs - Onboarding Stalls —
/admin/onboarding-stalls
What admins should never do
- Edit org data on behalf of customers without a paper trail. Use the support widget or message the org directly so changes are logged in the case thread.
- Read customer private data unprompted. Have an incident, ticket, or written consent.
- Issue refunds without a refund SOP — the Stripe Operations page makes this easy, but follow the process.
- Toggle feature flags org-wide without a rollout plan. Always cohort-test (see "feature flag overrides" if/when shipped).
Audit logging
Every admin action — pricing change, flag toggle, fee adjustment, manual refund — is written to the Admin Audit Log. Viewable under Platform Config → Audit Log. Includes the admin's user ID, the action, before/after, and timestamp.
Next: Pricing & Plan Catalog