Admin settings

Roles, team, connected systems, and security posture for the Mance operations console. Admin access is provisioned by Super Admins only — never self-serve — and MFA is required on every account.

Roles & access6

What each admin role can do. Admins assign, escalate, and unblock — they never perform clinical approval.

Super Admin
Provisions admin seats, sets roles, and configures every system. Tightly held.
Full access
Care Coordinator
Triages the cross-portal queue — assigns intakes, escalates blockers, nudges patients.
Operations
Clinical Admin
Routes the clinician queue and rebalances load. Cannot approve or alter clinical decisions.
Consults
Pharmacy Ops Admin
Unblocks fulfillment, watches supply and capacity, and chases courier exceptions.
ManceRx
Billing Admin
Works failed charges and refunds, and resolves billing holds that stall dispatch.
Payments
Compliance / Admin Auditor
Reviews access, consent, and AI-action logs. Read-only across the console — no edits.
Read-only

Admin accounts are never self-serve. New seats are created by a Super Admin and require MFA enrolment before first sign-in. Every role change is written to the audit log.

Team5

Admins with console access and when they were last active.

Mira Khan
[email protected]
Care Coordinator
Active 2m ago
Devon Reyes
[email protected]
Super Admin
Active 48m ago
Aisha Bello
[email protected]
Pharmacy Ops Admin
Active 19m ago
Theo Lindqvist
[email protected]
Billing Admin
Active 2h ago
Sara Okafor
[email protected]
Compliance / Auditor
Active 1d ago

Connected systems5

Portals and services this console reads from. Status is read-only here.

Shared API + Auth
Core data plane with row-level security (RLS) enforced.
Connected
Production
Stripe
Payments, charges, and refunds for patient orders.
Connected
Live mode
ManceRx pharmacy portal
Fulfillment, compounding, and courier dispatch.
Connected
Production
Clinician portal
Consult queue, reviews, and clarifications.
Connected
Production
Patient portal
Intake, consent, and order tracking.
Connected
Production

Security

Account and session policy enforced across every admin seat.

Multi-factor authentication

Required on every admin account. Enforced at enrolment — no exceptions.

Required

Session policy

Idle sessions expire after 30 minutes; absolute timeout at 12 hours. Re-auth on sensitive actions.

30 min idle

Audit logging

Every access, role change, and AI action is written to an append-only log retained for 7 years.

Access model

Least-privilege role-based access with row-level security (RLS) on the shared data plane.

RLS enforced