PP

Server-derived brand

PCI Platform

Dashboard

PCI Data Collection status and cross-module readiness overview.

Organization
Session required
Entity
Session required
Scope
Session required
Role
Session required
Stage
unauthorized
Active theme
Pay Theory
Technical details
brand_pointer
Neutral PCI brand shell active
asset_pointer
not available
brand_reasons
trusted session context unavailable

Partner brand service

Loading partner-owned brand manifest from /api/session/brand.

Brand API
/api/session/brand
Boundary
No browser tenant authority, brand override authority, theme mutation, asset upload, endpoint value, account identifier, physical id, secret, live-data path, or fallback browser storage.

PCI API auth boundary

Sign in required

BFF session required

Continue through the PCI API login-initiate route. The PCI API/BFF creates state, nonce, and PKCE material and owns the Autheory redirect; this shell does not construct provider authorize URLs and never receives ID, access, or refresh tokens.

Ready to start the same-origin PCI API sign-in handoff.

Login initiate
/api/session/login-initiate
Login method
POST with JSON provider hint autheory; no browser tenant, role, principal, subject, auth time, MFA, token, state, nonce, or PKCE authority is sent.
Browser auth authority
none
Token handling
No Autheory ID, access, or refresh tokens are accepted, stored, or replayed by the app shell.
Session context
Tenant and principal context remain closed until /api/session/context returns server-derived state.
  • missing_session

Dashboard unavailable

Unsafe state rendered closed. The shell requires a trusted API/session context before tenant-scoped Data Collection, corpus, workflow, or Monitoring details render.

  • missing_session
Runtime and tenant context

Trusted tenant context

Session state: unauthorized; HTTP status: 401.

Tenant authority: closed: no session. Tenant-scoped UI is rendered closed until API/session context is trusted.

Closed reason: missing_session.

No viewer authority inputs were used.

  • auth.session_rejected

Module status

Module status is withheld because there is no trusted session context.

API runtime binding readiness

The dashboard exposes the same-origin API readiness route for record-only Factory smoke. The application dashboard uses its service-backed bootstrap API; this readiness probe remains declarative and does not supply tenant, namespace, SSM, account, or service authority.

Readiness path
/api/runtime-config/binding-status
Probe mode
same-origin-record-only
Initial state
pending_same_origin_probe
Browser authority
none

PCI application shell with reviewed same-origin service-backed metadata GETs and CSRF-bound workflow actions for onboarding, scope, assessment, evidence, AOC, reporting, and acceptance review. Tenant authority remains server-derived. No deploy behavior: this screen does not run deploys, payment traffic, partner-edge changes, external queues, notifications, or sandbox/live operations.