Dev-only · audited Simulated super_dev_admin console · super admin authenticates normally · production auth bypass is prohibited · switch role
JoyPartnersOS / Super Admin Dev Console / Tenant: Provider Group Demo · env: dev
Provider view CHW view Biller view Audit export SD

Governance posture · dev

Tenants (dev)3

Roles active4

PromptOps gates (lane)23

Audit events (24h)112

Active deployments1

Production postureClosed

Very high risk High Moderate Stable Active CHW

Governance posture

Ledger separation, roles & audit posture.

Ledger 1

Clinical / CPT

Care documentation · review state · clinical workflow · provider review.

68 entries · 24h

All human-reviewed

Ledger 2

Commercial / Provider Invoice

Commercial revenue scope · provider invoice surface · not clinical billing.

14 entries · 24h

Cross-ledger refs controlled

Ledger 3

Workforce / Payroll

CHW activity time · supervision · no CPT generation.

19 entries · 24h

Isolated from clinical

Ledger 4

Platform / Auth / Audit

Identity · permission · consent state · audit emission.

11 entries · 24h

Audit envelope is global

Dev-only audited impersonation

Simulated role-switch (governance walk-through)

super_dev_admin authenticates normally to reach this console. From here, the admin may temporarily walk a tenant's workspace under a non-production policy. Every step emits an audit-ledger entry and is disabled in production unless explicitly opened by a sealed gate.

Impersonation controls

"Super admin bypasses login auth" is explicitly prohibited

dev only
Audit emission required Production allow (locked) PHI redaction enforced

The pattern is normal authentication + dev-only audited impersonation under a separately authorized non-production gate. Never an auth bypass.