Desk
The Admin Governance Desk is the network control plane. It is where authorized platform administrators manage the health of the system, the lifecycle of operators, and the governance of incoming work.
It is not an operator workspace. It sits above operator desks in authority.
Role in governance
The Admin Desk is where the network-level layer of governance happens. Its core responsibilities:
- Who can access — managing operator access states (active, limited, suspended)
- Who is active — operator approval, onboarding, invitation lifecycle
- What work flows — reviewing and assigning tasks from network-managed funnels
- System health — monitoring queues, blocked work, exceptions
- High-risk approvals — actions requiring admin review before proceeding
- Audit — tracking what changed, when, and by whom
When admin is involved
Before work starts (governance):
- Reviewing submitted operator applications
- Approving and activating operators
- Creating invitations
- Reviewing network-managed tasks
- Assigning tasks to operators
- Explicitly creating jobs (the Create Job action)
During system operation:
- Managing access states for operators in billing grace or suspension
- Reviewing exceptions or blocked queues
- Intervening in stuck or escalated work
After work completes:
- Viewing records and trust signals across the network (advisory only)
- Auditing admin actions and mutations
Admin does not execute service work. Admin does not capture evidence or complete service events.
Admin Desk modules
| Module | What it handles |
|---|---|
| Overview | System-wide view of open exceptions, pending approvals, surface health |
| Tasks | The governance task queue — review, assign, Create Job |
| Operators | Operator registry, approval, access management |
| Surfaces | Surface activation state and health |
| Access | Per-operator access and subscription state |
| Invitations | Invitation lifecycle — create, resend, revoke |
| Onboarding | Application review and qualification |
| Billing | Subscription visibility and payment state |
| Omni | Intelligence and recommendations (advisory only) |
| Audit | Log of all admin mutations |
Admin roles
| Role | Authority |
|---|---|
| OS Owner | Full authority, typically the founder |
| System Admin | High-trust daily operations |
| Surface Admin | Authority scoped to a specific surface |
| Moderator | Review and flag; cannot reassign or change access |
| Support Admin | Onboarding and session troubleshooting |
| Billing Admin | Subscription visibility; cannot change access directly |
| Reviewer / Approver | Decision gate for queued sensitive actions |
High-risk actions — changing access state, granting admin capability, cross-surface reassignment — require stronger roles or a second approver.
Route
/admin/desk
/admin/desk/overview
/admin/desk/tasks
/admin/desk/operators
/admin/desk/access
/admin/desk/invitations
/admin/desk/onboarding
/admin/desk/auditGuardrails
- Preserve the distinction between planned, partial, and live.
- Admin governs. Admin does not execute.
- High-risk actions require elevated roles or second-approver confirmation.