Trust-first admin command centre

Govern access before it becomes operational risk.

compliance scaffoldDSAR exportGPC honoured server-side30-day deletion windowWebhook verificationAudit log table

SOC 2 ready

Control evidence surfaces are wired; buyers own certification.

ISO 27001 architecture

Access, audit, and incident workflows map to ISMS operations.

GDPR wired

compliance scaffold data export, erasure, consent, and audit scaffolds ship together.

RBAC state

Access control plane

RoleScopeControl

OwnerFull access2 active sessions

Ops AdminUsers + auditInvite required

ReviewerRead-only logsExport disabled

SuspendedBlockedForce logout ready

Audit stream

12:44

role.updated

ops-admin -> reviewer

12:39

user.login_failed

rate limit observed

12:31

data_export.requested

DSAR bundle queued

12:20

account.deletion_requested

soft-delete window opened

Pre-flight validation

Unsafe saves blocked

RBAC change requires explicit admin role

Anonymous consent route remains public

Webhook signatures reject unsigned payloads

Deletion sweep writes completion audit rows

Users

18 demo identities

Sessions

Force logout ready

Exports

DSAR bundle route

Isolation

Single-tenant baseline

Buyer handoff

Admin infrastructure that starts from a verifier-clean baseline.

The template keeps identity, audit, compliance, and deployment scaffolding separate from admin-specific users, roles, operational tables, and system settings.

Next.js 16 App Router

PostgreSQL + Drizzle

Zod API validation

Vitest + Playwright

Docker demo stack

Template Empire verifier