Three consoles.
One auth layer.

Support, operations, and security teams each get purpose-built access -- all secured by the same Authaz identity system that protects your customer-facing product.

Free up to 2,000 MAU

Purpose-built access

Three consoles, three permission surfaces

support_console

Support Console

View account & session context
Trigger safe recovery workflows
Read-only access to user profiles
Scoped ticket-linked actions

authaz.apps.configure({
  appId: "support_console",
  allowedRoles: ["support_agent"],
  scopes: ["users:read", "sessions:read",
           "recovery:trigger"],
  requireMfa: false,
});

ops_console

Ops Console

Run scoped operational actions
Stronger verification for sensitive ops
All actions emit auditable events
Tenant-level config management

authaz.apps.configure({
  appId: "ops_console",
  allowedRoles: ["ops_admin"],
  scopes: ["tenants:manage", "config:write",
           "audit:read"],
  requireMfa: true,
});

security_console

Security Console

Manage auth policy changes
Review privileged action traces
Approve high-impact access changes
Incident response controls

authaz.apps.configure({
  appId: "security_console",
  allowedRoles: ["security_admin"],
  scopes: ["policy:write", "audit:full",
           "sessions:revoke"],
  requireMfa: true,
});

One identity system

All three consoles share a single auth layer

Instead of bolting on separate identity stacks for each internal tool, Authaz lets you route every console through the same authentication pipeline, the same user directory, and the same policy engine. Roles scope what each team sees; the infrastructure underneath stays unified.

Single sign-on

One login for every internal surface.

Shared audit trail

Actions across consoles in one log.

Consistent policy

MFA and session rules enforced everywhere.

Internal app setup

Configure all three consoles in one place

import { authaz } from "@authaz/sdk";

// Register each internal app with its own role boundary
const apps = [
  {
    appId: "support_console",
    allowedRoles: ["support_agent", "support_lead"],
    requireMfa: false,
  },
  {
    appId: "ops_console",
    allowedRoles: ["ops_admin"],
    requireMfa: true,
  },
  {
    appId: "security_console",
    allowedRoles: ["security_admin"],
    requireMfa: true,
  },
];

for (const app of apps) {
  await authaz.apps.configure(app);
}

// All consoles share the same user directory and session policy
await authaz.policy.setSessionDefaults({
  maxAge: "8h",
  inactivityTimeout: "30m",
  bindToIp: true,
});

Secure your internal tools today

Stop treating back-office apps as second-class citizens. Give every team a purpose-built console backed by production-grade auth.