Admin dashboard
Internal operations interface for your NoSign instance.
NoSign includes an internal admin dashboard for instance operators. It is isolated behind a separate authentication boundary from the signer-facing and API surfaces.
Access controls
- 2FA required. All admin accounts must have two-factor authentication enabled. There is no bypass path.
- No public registration. Admin accounts are created directly by the instance operator — there is no sign-up page and no way for external users to request access.
- Separate auth boundary. Admin sessions are completely separate from signer sessions. A compromised signer link cannot elevate to admin access.
Capabilities
Triage and search
- Search signing requests by ID, signer email, status, or date range.
- View the current status of any signing request across its full lifecycle: pending, in progress, completed, declined, expired, or failed delivery.
Audit inspection
- View the full ordered audit trail for any signing request, including all recorded events, timestamps, actors, and document hashes.
- Inspect the verbatim consent text captured for each signer.
API key management
- Create named API keys for each source application (key shown once on creation).
- Revoke or rotate keys immediately.
- View per-key attribution in the audit trail for all requests made with that key.
- Multiple keys per instance — one per consuming service is the recommended pattern.
Webhook secret management
- Manage webhook secrets, stored encrypted at rest.
- Rotate a secret with zero downtime — during the rotation window NoSign signs deliveries with all active secrets (multi-digest header) so no delivery fails verification.
Template management
- Create and version reusable templates of signer slots and field positions.
- Soft-deactivate a template without affecting signing requests already created from it.
Manual webhook operations
- Inspect webhook delivery state: pending, delivered, failed, dead-lettered.
- Trigger a manual retry for a failed or dead-lettered webhook delivery.
- Manually trigger deletion of a completed signing request when the webhook delivery has been confirmed by other means.
What the admin dashboard is not
The admin dashboard is an operational tool for the instance operator — not a customer-facing interface. End users (signers) and your platform’s users have no access to it and no visibility into its contents.