Operational backoffice with role-scoped navigation.

Menu visibility, route protection, and developer tooling all stay aligned with the backend contract and the authenticated operator graph.

Permission-aware

The shell exposes only the features granted by the current operator capabilities.

Contract-backed

Descriptors, docs, and resource surfaces are driven by the generated SDK.

Theme-aware

Light, dark, and system appearance stay explicit and reversible.

What changes with role scope

Operators can pivot between granted roles and inspect the same workspace from the perspective relevant to that role, without changing backend-enforced authorization.

Developer reference

The API contract stays framed inside the backoffice instead of feeling like an isolated embed.

Internal access

Backoffice sign in

Use your platform account to enter the operator workspace and pick the role perspective you need from the shell.

Session model

Session state stays cookie-backed and is refreshed through the Next proxy boundary.

Access model

Menu visibility and route access are derived from backend capabilities, not frontend guesses.