Skip to content

Dashboard surfaces

The dashboard at /admin/ui/orgs/<slug> is the operator surface for an Upwarden tenant — investigating verdicts, editing policy, managing members, wiring identity, reading the audit trail. Every page here is server-rendered and shareable by URL; every filter round-trips through the query string.

This page maps each surface to the question it answers. If you’re trying to figure out where to do something, scan the descriptions; the linked page tells you how.

Each entry: the page, what it lets you do, the personas it’s primarily for.

  • Audit log — read every install decision, membership change, policy override, and OAuth login for the org, with tier-windowed retention and CSV export on Org+. [security] [org-admin]
  • Packages search — look up an org’s verdict for any package, see the assessed-versions table, blocklist hits, allowlist pins, and the recent audit fragment from one screen. [security] [dev]
  • Policies and overrides — edit the org’s enforcement policy (global blocklist inheritance, allowlist) and, on Org+, deviate from Upwarden’s tier defaults with a typed acknowledgement. [security] [org-admin]
  • Members and teams — invite, demote, suspend, remove; manage which teams a member belongs to and which projects a team owns; cycle role-vs-capability overrides on the permissions matrix. [org-admin] [security]
  • Identity & SSO panel — bind the tenant to a Stytch organization, configure SAML / OIDC connections, claim email domains for JIT auto-join, read the JWKS URL. [security] [devops]
  • Your account and step-up auth — manage your own profile, sessions, passkeys, recovery codes, and read what the “Confirm it’s you” re-auth prompt does. [dev] [org-admin]
  • Usage and billing — current-month scan count vs your tier’s soft / hard cap, 12-month history, and the link out to seat management. [org-admin] [security]

Reusable explanations of the dashboard widgets that appear inside the page-anchored surfaces above. Linked from the page docs as well, but indexed here so you can jump straight in if you’re trying to interpret a widget you already see.

  • Verdict-mix donut — the 7-day SAFE / BLOCKED / QUARANTINED breakdown on the org overview. [security] [org-admin]
  • Block-source mix — the 7-day BLOCKED-by-source bar (OSV, GHSA, fingerprint, size-jump, cooldown, …) on the org overview. [security] [org-admin]
  • Advisory detail subpanel — the source / id / severity / summary of an advisory behind a BLOCKED row, rendered inline on the audit page and in the row detail panel. [security] [org-admin]
  • Size-anomaly chip — the size_jump_5x_median / tarball_too_large chip on the packages-search assessed-versions table. [security] [org-admin]
  • A developer pings with [UPWARDEN] BLOCKED — start at packages search, pivot to the audit log if you need the actor trail.
  • A new admin needs to be added — members and teams.
  • An audit asks “why is audit_retention_days 90 not 365?” — policies and overrides, then check the policy_override_loosened envelope in the audit log.
  • Onboarding a fresh tenant — start with identity & SSO to bind Stytch, then walk down to policies, members, and finally the audit log to confirm activity.