Skip to Content
Admin ConsoleOverview

Admin Console

The Auris Console is a web-based administration panel for managing every aspect of your Auris IAM tenant. It provides full control over applications, users, roles, security policies, branding, and audit logs — all without requiring direct database access or familiarity with the underlying Keycloak administration interface.

The Console runs as a separate application from the Auris API. By default, it is available at port 3003. In production deployments, it is typically served at an internal or admin-only subdomain (for example, admin.yourdomain.com).

Note: The Console requires an administrator account to access. The initial admin user is created during tenant setup. Subsequent administrator accounts can be created by any existing user with the manage:users permission and the Administrator role assigned.


Dashboard

When you log in to the Console, you land on the main dashboard. This page gives an at-a-glance view of the health and activity of your tenant.

Stat Cards

The top row displays four key metrics:

MetricDescription
Total UsersNumber of active user accounts in the tenant
Active SessionsNumber of valid, non-expired user sessions right now
ApplicationsNumber of registered application clients
Recent ActivityCount of audit log events in the last 24 hours

Recent Activity Feed

Below the stat cards, a feed shows the ten most recent audit events. Each entry displays:

  • The action type (for example, user.login, role.permission_changed)
  • The actor who performed the action (user email or system for automated events)
  • The target resource (user ID, application name, etc.)
  • A relative timestamp (for example, “3 minutes ago”)

Click any activity entry to open the full log detail in a side panel.

Quick Actions

The dashboard includes a set of quick action links to the most common administrative tasks:

  • Create a new user
  • Create a new application
  • Create a new role
  • View all audit logs
  • Configure authentication settings

The sidebar on the left side of the Console organizes all administrative sections. The navigation is grouped by function:

Applications

Manage the OAuth 2.0 client applications registered in your tenant. Create, configure, and delete applications. View credentials, configure URIs, set token lifetimes, and manage custom JWT claims.

See Applications.

Users

Browse and manage user accounts. Create users, assign roles, view sessions, disable accounts, and trigger password resets or email verifications.

See Users & Roles.

Roles

Define roles and configure their permissions. The role permission editor covers 10 permission categories with individual Switch toggles per permission.

See Users & Roles.

Authentication

Configure which authentication methods are available for your tenant: social providers, magic links, SMS OTP, MFA enforcement, session policies, and password policy.

See Authentication Settings.

Branding

Customize the hosted login page and email templates with your logo, colors, and company name.

See Branding.

Organizations

Manage B2B organizations — groups of users with their own membership roles, invitations, and enterprise SSO connections.

See Organizations.

Actions

Create custom JavaScript hooks that execute during authentication flows (pre-login, post-login, pre-signup, etc.) to implement custom business logic.

See Actions Engine.

Logs

View and filter the complete audit log for your tenant. Stream logs to external systems (Webhook, S3, Datadog, Splunk).

See Logs & Compliance.

Settings

Three settings sections are accessible from the sidebar:

  • SMTP: Configure the outbound email server for transactional emails
  • Security: IP rules, brute-force protection, suspicious login detection, CAPTCHA, and rate limiting
  • Tenant: General tenant configuration, import/export, and custom domains

Developer Hub

Tools for developers working with the Auris API: API Explorer, Token Decoder, Sandbox, CLI reference, SDK reference, Quickstarts, and documentation links.


First-Time Setup

If you have just deployed Auris and are logging in to the Console for the first time, complete these steps to configure your tenant before integrating your first application.

Create your first Application

Go to Applications in the sidebar and click Create Application. Choose the application type that matches your project (Web for browser apps, Mobile for native apps, API for resource servers, M2M for server-to-server). Copy the Client ID — you will need it for your SDK configuration.

For step-by-step configuration details, see Applications.

Configure authentication methods

Go to Authentication in the sidebar. Enable at least one authentication method:

  • Email/password is enabled by default
  • Enable Social Login if you want to offer Google, GitHub, or other providers
  • Enable Magic Links for passwordless email authentication
  • Configure your Password Policy to match your organization’s security requirements

For full configuration reference, see Authentication Settings.

Create roles and permissions

Go to Roles in the sidebar and click Create Role. Create roles that match the access levels in your application (for example: Admin, Editor, Viewer). Open each role’s detail page and enable the permissions that role should have.

For details on the permission model, see Users & Roles.

Customize branding

Go to Branding in the sidebar. Upload your company logo, set your primary color, and enter your company name. Changes appear immediately in the live preview panel and will be reflected on the hosted login page.

For full branding options, see Branding.

Configure email sending

Go to SettingsSMTP. Enter the credentials for your outbound email server (host, port, username, password, sender address). Use the Send Test Email button to verify delivery before going to production.

(Optional) Set up custom domain

If you want your hosted login pages to appear under your own domain (for example, auth.yourdomain.com), go to SettingsCustom Domains, add your domain, follow the DNS verification instructions, and set it as the primary domain.

See Branding — Custom Domains for full instructions.


Section Reference