OI Payments Docs
Admin dashboard

Overview

The operator dashboard — who it's for, how operators sign in, and step-up re-authentication for sensitive actions.

The admin dashboard is the operator-facing side of the service. Operators manage applications and credentials, search transactions across apps, approve refunds, review reconciliation, read reports, and inspect delivery and audit logs.

This section is for operators and administrators, not integrating apps. App developers want the integration guides instead.

Signing in

Operators sign in with email + password and receive a session bearer token. What each operator can see and do is governed entirely by RBAC.

Step-up re-authentication

Sensitive actions — rotating or revoking app credentials, overriding the gateway, creating or disabling users, approving refunds — require a recent re-authentication. The operator re-enters their password; if the session's last re-auth is stale the action returns REAUTH_REQUIRED and the UI prompts for it.

Every sensitive action is written to an append-only audit log with the actor, target, and timestamp. The log can be read but never edited or deleted — see Webhooks & logs.

What you can do here

Roles & permissions

The seeded roles, the permission catalogue, and app-scoped grants.

Applications

Register apps, manage credentials, set the gateway override.

Transactions

Cross-app payment search and CSV export.

Refund approval

Initiate and approve above-threshold refunds.

Reconciliation

Match settlement files to confirmed payments.

Reports

Live totals by app and day, and success rate.

Webhooks & logs

Delivery log, re-sends, audit log, callback evidence.

Webhooks

The complete event catalogue, the signed envelope, and how to verify signatures and dedupe deliveries.

Roles & permissions

The seeded roles, the permission catalogue, and how grants can be global or scoped to specific apps.

On this page

Signing inStep-up re-authenticationWhat you can do here