Admin Access

Operate INSAIM AIChat Bot from one dark, schema-aware control plane.

The public entry is now part of the same compact system as onboarding, dashboard, and widget management. Auth still uses Supabase magic links and the existing SSR session flow.

Session layer

Magic links

Verified in Supabase before the app loads.

Model

Tenant-first

Workspace, bot, source, and usage surfaces stay aligned.

Current phase

UI migration

New dark system replacing the previous warm MVP theme.

Protected entry

Server-side session verification keeps the admin app aligned with the real boundary between public entry and protected surfaces.

Operational context

The UI is already shaped around workspaces, bots, sources, sync runs, conversations, feedback and usage counters.

System replacement

The new system replaces gradients, glass panels and editorial typography with a consistent admin product language.

Design system status

FigmaMake is now the visual source of truth.

This login route is the first surface in the replacement set. It should look like the rest of the product, not a separate marketing island.

Auth path: Supabase magic link -> `/auth/confirm` -> SSR cookie session -> `/onboarding` or `/app`.

Supabase environment detected. The admin entry surface is live.

Magic link auth

Enter the admin app

Use your workspace email to receive a secure sign-in link. The existing Supabase flow and SSR verification stay unchanged.

Implementation note: the Supabase email template should resolve to /auth/confirm?token_hash=...&type=email so the app can verify the token and set the server cookies correctly.