Supercheck LogoSupercheck
Admin

Super Admin

System-wide administration for self-hosted deploymentsEdit

Super Admin provides platform-level management for self-hosted deployments, including user management, organization oversight, scheduler control, and system health monitoring.

Enable Super Admin

There are two ways to enable super admin access:

Set the SUPER_ADMIN_EMAIL environment variable in your deployment:

SUPER_ADMIN_EMAIL=admin@yourdomain.com

The user with this email is promoted to super admin when the application starts.

Note: If the user has just signed up, you may need to restart the application container for the promotion to take effect, as this check runs during startup.

Run the bootstrap script inside the app container:

docker compose exec app npm run setup:admin admin@yourdomain.com

To downgrade a super admin to organization admin:

docker compose exec app npm run revoke:admin admin@yourdomain.com

Overview

The Super Admin dashboard provides a system-wide view of all organizations, users, and queue status.

Super Admin Overview

Organizations

View and manage all organizations in the system. See member counts, project counts, and organization status.

Organizations

Users

Manage all users system-wide. View user details, organization memberships, and account status.

Users

Queue Management

Monitor BullMQ queues for test execution, monitoring, and background jobs. View queue health, pending jobs, and processing status.

BullMQ Queues

Locations

Manage geographic locations for multi-region monitoring and performance testing. Locations determine where workers run and which queues are created.

Adding a Location

  1. Navigate to Super Admin → Locations tab
  2. Click Add Location
  3. Fill in the fields described below and click Save
FieldRequiredDescription
CodeYesUnique identifier used in queue names (e.g. us-east). Lowercase, 2–50 characters, letters/digits/hyphens only, no consecutive hyphens. Reserved codes (global, all, default, none, any, local) are blocked.
NameYesHuman-readable display name (e.g. "US East").
RegionNoGeographic description (e.g. "Ashburn, Virginia").
FlagNoEmoji flag for the UI (e.g. 🇺🇸).
CoordinatesNoLatitude/longitude for map visualization.
DefaultNoSet as the default K6 job execution location.
EnabledNoActivate the location and create its queues.

Location Status

StatusMeaning
ActiveLocation is enabled and has workers connected (heartbeat detected)
OfflineLocation is enabled but no workers are currently connected
DisabledLocation is toggled off — no queues are created

Worker presence is detected automatically via heartbeat. Deploy a worker with the matching WORKER_LOCATION to bring a location online. See Multi-Location Deployment for setup instructions.

Default Location

The default location determines where K6 job executions run. Only one location can be default at a time — toggling a new default automatically clears the previous one.

Project Restrictions

Organization admins can restrict which locations a project is allowed to use. See Project Location Restrictions for details.

Capabilities

FeatureDescription
System StatisticsView total users, organizations, projects, jobs, tests, monitors, and runs
OrganizationsView and manage all organizations
UsersManage all users system-wide, ban/unban accounts
ImpersonationLog in as any user for troubleshooting
Scheduler ControlInitialize schedulers, view status, manually trigger jobs
Queue MonitoringReal-time BullMQ queue stats via Bull Dashboard
Location ManagementAdd, edit, enable/disable geographic locations for multi-region deployments

User Management

Manage all users across the platform:

  • View Details — See user profile, email, and organization memberships
  • Ban/Unban — Suspend accounts with a reason (banned users cannot log in)
  • Impersonate — Log in as any user for troubleshooting
  1. Go to Super Admin → Users
  2. Find the user and click the menu ()
  3. Select Impersonate
  4. If the user belongs to multiple organizations, select which one to impersonate into
  5. Click Impersonate User to confirm

Impersonate User Dialog

Using Impersonation:

  • a banner at the bottom shows "Impersonating" with the user's email
  • Click Stop to return to your admin session
  • You see the platform exactly as the user would

Impersonation Banner

Security Notice: All impersonation sessions are logged for audit purposes. The original admin ID is preserved throughout the session.

To suspend a user account:

  1. Go to Super Admin → Users
  2. Find the user and click the menu ()
  3. Select Ban User
  4. Enter a reason for the ban (minimum 20 characters)
  5. Click Ban User to confirm

Ban User Dialog

Reversible Action: Banning is reversible. The user will be unable to sign in until unbanned, but all their data is preserved. To unban, click Unban from the same menu.

Banned users see a "403 Account suspended" message when attempting to log in.

Scheduler Control

Manage the job scheduling system:

  • Initialize Schedulers — Start or restart the scheduling service
  • View Status — Check scheduler health and active jobs
  • Manual Triggers — Force-run scheduled jobs for testing

Security

  • Single Admin — Only one super admin email is supported per deployment
  • Validation — Multiple emails in SUPER_ADMIN_EMAIL will cause a startup error
  • Audit Trail — All super admin actions are logged with timestamps
  • Session Tracking — Impersonation sessions preserve the original admin ID for accountability

Organization Admin

Manage organization members, projects, and settings

On this page

Enable Super Admin
Recommended
Overview
Organizations
Users
Queue Management
Locations
Adding a Location
Location Status
Default Location
Project Restrictions
Capabilities
User Management
Scheduler Control
Security