Dev-only · audited Super Dev Admin authenticates normally · production auth bypass is prohibited · all impersonation is gated & audited · switch role
Super Admin Dev Console/Provider Group Demo · env: dev
Audit export PromptOps gate SD

Governance posture

Governance console

Tenant overview, role topology, ledger separation, audit feed — all dev environment, production closed.

Super admin governance console dashboard reference visual
Super Admin Dev Console reference visual — tenants, users, ledger separation, audit trail

Tenants (dev)

3

Provider Group Demo + 2 sandboxes

Active roles

6

in dev surface

PromptOps gates (lane)

31

+8 since v3

Audit events (24h)

112

across 4 ledgers

Active deployments

1

Cloudflare Pages dev preview

Production posture

Closed

no live PHI · no autonomous decisioning

Very high High Moderate Stable

3 active tenants (dev)

Tenants

TenantTypeRolesPatientsCHWsState
Provider Group DemoProvider groupprovider · CHW · biller · super_dev_admin1307Active (dev)
Sandbox ASandboxprovider · CHW00Idle
Sandbox BSandboxprovider · CHW · biller00Idle

Default-deny · assignment-aware · audit-emitting

Users & roles

RoleScopeSurfaceAuditProduction-allowed?
super_dev_adminDev tenant onlyThis console + audited impersonationAlwaysNo
super_adminTenant-scoped admin (future)Admin portal (future gate)AlwaysFuture-gated
provider_userProvider Group DemoProvider command centerAlwaysFuture-gated
chw_userAssigned panel + visitsCHW workspaceAlwaysFuture-gated
biller_userCommercial ledger onlyBiller workspaceAlwaysFuture-gated
beta_applicantRead-only · pending approvalRegistration sandboxLimitedNo

Four-ledger separation

Ledger separation

Default-deny across ledgers · cross-ledger references shown as controlled IDs only.

Ledger 1

Clinical / CPT

Care documentation · review state · provider review.

68 entries · 24h

All human-reviewed

Ledger 2

Commercial / Provider Invoice

Commercial revenue scope · provider invoice surface · not clinical billing.

14 entries · 24h

Ledger 3

Workforce / Payroll

CHW activity time · supervision · no CPT generation.

19 entries · 24h

Ledger 4

Platform / Auth / Audit

Identity · permission · consent · audit emission.

11 entries · 24h

Live tail · 24h · ledger-tagged

Audit trail

WhenActorActionLedgerEvidence
14:38ZOperator ConsoleHybrid note staged for sign-offClinical / CPTREF-EV-0042
14:21ZAudit emitterConsent state updatedPlatform / Auth / AuditREF-EV-0043
14:14ZOperator ConsoleCPT candidate stagedClinical / CPTREF-EV-0042
14:08ZProvider Group DemoHybrid note openedClinical / CPTREF-EV-0042
14:02ZCHW Team Member 03Smart visit capturedClinical / CPTREF-EV-0042
13:42ZCHW Team Member 03Vital-sign flag raisedClinical / CPTREF-EV-0045
13:24ZWorkforce ledgerTime block logged (3.4h)Workforce / Payroll
12:55ZNetwork Partner AReferral acknowledged · REF-0001Platform / Auth / Audit

PHI-minimized metadata only · raw transcripts & audio telemetry stay under custody.

Simulated Live-State Diagnostics

Operational stream inspector and synthetic traffic analyzers

STREAMS_ACTIVE [1] STATUS_COMPLIANT
  • STREAM_ID: str_session_992aa9
  • CLIENT_ID: JP-DEMO-0042 (Johnson, Evelyn)
  • OPERATOR: dr_adler_v1 (Clinical Provider)
  • AUDIO_CUSTODY_MODE: CUSTODIAL_OPT_IN
  • AUDIT_ROUTE: d1:joy_platform_d1:Platform_Auth_Audit
  • EST_AI_CODEX_COST: $0.05 / min

Safety Policy Controls

Simulate network failures and force secure custody compliance audits

Dev preview only

Feature flags (simulated)

FlagEnvStateOwner
telehealth.broadcastdevprovider_user
smart_visit.barrier_capturedevchw_user
geospatial.live_chw_markerdevplatform
biller.commercial_ledger_writesbiller_user (future)
admin.impersonate_in_productionlocked · sealed gate required

Cloudflare Pages dev preview

Deployment status

SurfaceStateUpdated
Public website + portalsjoypartnersos-public-website.pages.devLivemin ago
www.joypartners.healthexisting Workers app · not in this laneWorkers
app.joypartners.healthReserved
admin.joypartners.healthReserved
api.joypartners.healthReserved

Lane sequence

PromptOps gate trail

Commercial architecture v2 merged on main · da55793

15-path envelope · operator visual-review PASS · 9058a53

Cloudflare Pages deploy authorized + executed

5b95343 → 4968684 → e1bca89 → 975bbce → 301a783

v2 portal prototype + v3 geospatial + v4 helper pages

8f02cbc → 8f8cc12 → f0a8fa3

v5 sidebar + multi-section dashboards

In flight · this commit

Image 2.0 production-photo integration

future · operator drops assets first

Google Maps Platform production-integration planning

future · vendor review

Real auth + RBAC architecture planning

future

Dev-only audited impersonation

Settings

Impersonation controls (dev only)

Super Dev Admin authenticates normally then uses dev-only audited impersonation under a separately authorized non-production gate. Production auth bypass is prohibited.

Audit emission required Production allow (locked) PHI redaction enforced Per-impersonation audit entry required

"Super admin bypasses login auth" is explicitly prohibited. The safe pattern is authenticated dev-only audited impersonation.