System Administration
Audit logs, notifications, health monitoring, demo data, and organization settings
Compliance Command Center
Organization admins can use the top-level Compliance area for a risk-first overview before drilling into individual settings pages.
What It Shows
The Compliance overview summarizes three signal groups:
- Audit evidence - Audit export readiness, recent audit-pack failures, and verification issues
- Workforce compliance - Recent work-policy violations and pending exception activity from the last 7 days
- Access controls - Recent sensitive permission, manager, and app-access changes from the last 24 hours
The page is intentionally read-only. It helps you identify where to look next instead of replacing the detailed settings workflows.
Accessing The Compliance Overview
- Open Compliance from the main sidebar
- Review the status summary and recent critical events
- Open the linked destination page for investigation:
- Settings -> Audit Export for audit evidence issues
- Settings -> Audit Logs for sensitive control changes
- Settings -> Compliance for workforce exceptions and follow-up review
When To Use It
- Start your day with a quick compliance-risk check
- Confirm audit readiness before an export or external review
- Spot recent control changes without manually combing through the audit log
Audit Logging
Understanding Audit Logs
The system maintains comprehensive audit logs for compliance and security:
- All user actions are recorded
- Changes to data are tracked
- Login/logout events captured
- API access logged
Accessing Audit Logs
- Go to Settings → "Audit Logs"
- View the chronological list of events
- Each entry shows:
- Timestamp
- User who performed the action
- Action type
- Affected resource
- Old and new values (for changes)
Filtering Audit Logs
Use filters to find specific events:
- Date Range: Narrow down the time period
- User: Filter by who performed the action
- Action Type: Create, update, delete, login, etc.
- Resource: Employees, teams, time entries, etc.
- Search: Free-text search in log details
Exporting Audit Logs
For compliance and external audits:
- Apply desired filters
- Click "Export"
- Choose format (CSV, JSON)
- Download for external review
If you are starting from the Compliance overview, use the access-controls card to jump into Audit Logs with the current issue context in mind.
Audit Log Retention
- Logs are retained for the legally required period
- Cannot be modified or deleted
- Blockchain-verified for integrity (GoBD compliance)
Notification System
Configuring Notifications
Set up organization-wide notification preferences:
- Go to Settings → "Notifications"
- Configure channels:
- Email: SMTP settings for email notifications
- Push: Browser push notification settings
- In-App: Real-time notification center
Email Configuration
To set up email notifications:
- Go to Settings → Notifications → "Email"
- Configure SMTP settings or use the built-in provider
- Customize email templates if needed
- Test the configuration
Push Notification Setup
Enable browser push notifications:
- Go to Settings → Notifications → "Push"
- VAPID keys are auto-generated or can be configured
- Set notification preferences by type
- Users must grant browser permission
Notification Types
Configure which events trigger notifications:
| Event | Push | In-App | |
|---|---|---|---|
| Absence Request | Yes | Yes | Yes |
| Request Approved/Denied | Yes | Yes | Yes |
| Time Entry Reminder | Yes | Yes | Yes |
| Birthday Announcement | Yes | - | Yes |
| System Alerts | Yes | Yes | Yes |
SSE Real-Time Updates
The system uses Server-Sent Events for real-time notification delivery:
- No polling required
- Instant delivery
- Low bandwidth usage
- Automatic reconnection
Health Monitoring
Application Health Checks
Monitor system health and performance:
- Go to Settings → "System Health"
- View status of all components:
- Database connectivity
- Authentication services
- Email delivery
- Background jobs
- External integrations
Health Endpoints
For automated monitoring, use the health check endpoints:
/api/health- Overall system health/api/health/db- Database connectivity/api/health/ready- Application readiness
Monitoring Alerts
Set up alerts for system issues:
- Configure monitoring thresholds
- Set alert recipients
- Choose notification channels
- Define escalation procedures
Performance Metrics
Track system performance:
- Response times
- Error rates
- Active users
- Database query performance
- Background job queue status
Demo Data Management
Demo Data Wizard
For testing and demonstration purposes, you can generate realistic demo data:
- Go to Settings → Demo
- Click "Generate Demo Data"
- Configure generation options:
- Number of Employees: How many demo employees to create
- Time Range: Date range for time entries
- Include Absences: Generate vacation requests
- Include Time Entries: Generate clock in/out records
- Click "Generate"
Demo Data Contents
The wizard generates:
- Employees: Realistic names and profiles
- Teams: Sample team structure
- Time Entries: Realistic work patterns
- Absences: Vacation and sick leave records
- Time Regulations: Sample compliance rules
Cleaning Up Demo Data
To remove demo data:
- Go to Settings → Demo
- Click "Delete Demo Data"
- Select what to remove:
- All demo employees
- Demo time entries only
- All non-admin users
- Confirm deletion
Warning: This action cannot be undone. Always back up your data before cleanup.
Use Cases
Demo data is useful for:
- Training: Teaching new admins and managers
- Demonstrations: Showing features to stakeholders
- Testing: Verifying system behavior
- Development: Testing with realistic data volumes
Best Practices
- Use demo data only in test/staging environments
- Never generate demo data in production
- Clean up demo data before going live
- Document which data is demo vs. real
Organization Settings
Multi-Organization Support
Users can belong to multiple organizations and switch between them:
Switching Organizations:
- Click on the organization name in the sidebar
- Select another organization from the dropdown
- The page refreshes to show data from the selected organization
Creating a New Organization:
- Click on the organization name in the sidebar
- Click "Create Organization" at the bottom of the dropdown
- Enter the organization name
- The organization slug is auto-generated from the name (can be customized)
- Click "Create"
Organization Roles:
- Owner: Full control, can delete the organization
- Admin: Can manage members and settings
- Member: Standard access based on permissions
User Invitations
To invite new users to the organization:
- Go to Settings → Members → "Invite"
- Enter user information:
- Email: User's email address
- Role: Initial role (Member, Admin)
- Can Create Organizations: Special permission (usually NO for invited users)
- Click "Send Invitation"
Important Permission Notes:
- Fresh signups (not invited): CAN create new organizations
- Invited users: CANNOT create new organizations by default
- Admins: Can always create organizations regardless of invitation status
This prevents invited users from creating competing organizations while allowing organic growth through direct signups.
Managing Invitations
View pending invitations:
- Go to Settings → Members → "Invitations"
- See list of pending invitations
- Options:
- Resend: Send invitation email again
- Cancel: Revoke invitation before acceptance
Organization Profile
To update organization information:
- Go to Settings → Organization
- Update:
- Organization name
- Logo
- Contact information
- Click "Save"
Organization Timezone
Set the default timezone for your organization:
- Go to Settings → Organization
- Find the Timezone card
- Select your organization's timezone from the picker
- The change saves automatically
Timezone Resolution Hierarchy:
The system uses a cascading timezone resolution:
- User timezone (highest priority) - If a user has set a personal timezone in their profile
- Organization timezone - Falls back to the organization's default timezone
- UTC (default) - Used if neither user nor organization timezone is set
Who can change the timezone:
- Only organization owners can modify the organization timezone
- Admins and members can view the current timezone but cannot change it
- Individual users can override the organization timezone by setting their own in Settings → Profile
What timezone affects:
- Absence tracking and calendar displays
- Time entry displays and calculations
- Report generation and date filtering
- All date-based features throughout the application
Organization Lifecycle
Organization Deletion
Organization owners can delete an organization when it's no longer needed.
Permanent Action
Organization deletion is permanent and irreversible. All data associated with the organization will be deleted, including employees, time entries, absences, and audit logs.
To delete an organization:
- Go to Settings → Organization
- Scroll to the Danger Zone section
- Click "Delete Organization"
- Type the organization name to confirm
- Enter your password for verification
- Click "Permanently Delete"
What gets deleted:
- All employee records
- All time entries and clock records
- All absence requests and vacation data
- All teams and locations
- All projects and surcharges
- All audit logs
- All notification history
- All exported files
What is NOT deleted:
- User accounts (users can still access other organizations)
- User profile information
Data Retention Before Deletion
Before deleting an organization:
- Export all data - Use the export feature to download all records
- Notify stakeholders - Inform all organization members
- Check compliance - Ensure you meet data retention requirements
- Document the decision - Keep records of why the organization was deleted
Organization Cleanup
For organizations you want to keep but need to clean:
- Use Demo Data Management to remove test data
- Deactivate former employees instead of deleting
- Archive old projects rather than removing them
- Export and delete old time entries if storage is a concern