Operator Portal

Dashboards, governance, roadmap and RBAC administration stay behind authenticated operator routes.

Portal Session

Anonymous

Browser signs in with Google, then exchanges id_token for a same-origin VIDRAI BFF session. After login the portal routes you to the correct workspace by role.

{
  "status": "anonymous"
}

Workspace Preview

/app

Signed-in users get a role-aware home route and a live summary from the operator or client portal API.

{
  "status": "idle"
}

Operator Test Lab

same-origin BFF

This page is a manual integration harness for the backend flow. It is intended for testing portal-api routes from the browser.

Session Stub Login

Operator API Calls

Approval IDDecisionReason

Challenge IDMFA code

Operator Response

{
  "status": "idle"
}

Notes

Use session-stub login in local/dev when Google auth is not needed.
Use overview and governance calls to verify dashboard and approval data.
Use MFA + approval decision to test sensitive operator actions.

Program Board

Project roadmap and delivery checklist stay on the same domain, but are visible only to authenticated operator sessions.

Open roadmap

Operator API Surface

/api/app/overview
/api/app/governance
/api/app/rbac