🏠 Overview 🎯 Features 🎯 Organization Settings

Organization Settings

Feature Detail

medium complexity extracted Organization Management Confidence: 100%
6
Components
4
Shared
0
User Stories
Yes
Analyzed

Description

Organization Settings provides the administrative interface for configuring an organization's core operational parameters within the Meander platform. Org Admins manage contact details, locale preferences, support-access grants, and module-level configuration values from a single dedicated page. This area is always-on and non-toggleable, forming the foundational configuration surface every organization requires from day one of onboarding.

Sources & reasoning

Phase 1 MVP admin scope (line 327) explicitly lists 'Organisasjonsinnstillinger'. admin-organization is always-on (line 241), making this non-deferrable. The support-access grant (line 259) is a hard tenant-isolation requirement across all organizations.

  • docs/source/likeperson.md · line 327-328
    Organisasjonsinnstillinger og terminologikonfigurasjon
  • docs/source/likeperson.md · line 241
    Admin Web Portal: admin-dashboard, admin-user-management, admin-organization, admin-security. admin-organization is always-on because it hosts the Feature Toggles UI itself
  • docs/source/likeperson.md · line 259
    Orgs can grant a Global Admin time-bounded support access via a flag in Organization Settings (e.g. "Allow Norse support access until {date}"); revoking the flag or hitting the expiry immediately removes access.

Analysis

Business Value

Every organization onboarding to Meander must configure its operational parameters before users can work effectively. A centralized settings page eliminates ad-hoc support requests and empowers Org Admins to self-serve changes without engineering involvement. The time-bounded Global Admin support-access grant mechanism directly addresses strict tenant-isolation requirements shared across all four organizations: Norse Digital Products staff cannot access tenant data without explicit, expiry-enforced authorization, and every support session is written to the org's audit trail.

Implementation Notes

Built as a Next.js server-rendered page within the Admin Web Portal, persisting data to the organization_settings table (one-to-one with organizations). The support-access grant flag stores an expiry timestamp checked by API middleware on every request, stripping access automatically at expiry. All settings mutations are written to audit_logs with actor, timestamp, and changed fields. WCAG 2.2 AA compliance is required on all form elements. Secrets such as signing material are excluded from GET responses and stored encrypted at rest.

Components (10)

User Interface (2)

ui OrganizationSettingsPage medium ui SessionManagementPage medium

Service Layer (2)

service OrganizationSettingsService medium service SessionManagementService medium

Data Layer (2)

data OrganizationSettingsRepository medium data SessionRepository medium

Shared Components

These components are reused across multiple features

User Stories

No user stories have been generated for this feature yet.