Built for teams that handle sensitive documents.
Protect user access, business KYC, document uploads, payment credentials, wallet adjustments, and subscription changes with layered controls.
Authentication
JWT access tokens, refresh token auth, logout, protected routes, and profile-aware app shell.
Verification
Change password and iPIN setup require OTP. 2FA supports email, Google Authenticator, WhatsApp, SMS, and Telegram methods.
Permissions
Role guards, custom role CRUD, permission previews, and admin-managed user status controls.
Sensitive records
Business KYC, Aadhaar/PAN fields, file uploads, wallet adjustments, and payment credentials stay behind authenticated admin workflows.
Security controls by area
The starter separates login security, profile verification, admin policy, and operational audit concerns.
Login
JWT access token, refresh token, active user checks, logout
Profile
OTP-based password change, OTP-based iPIN setup, multiple 2FA options
Admin
RBAC guards, custom role management, default role, sharing policy
Operations
Wallet logs, document ownership, payment credentials, landing page access
Security setup is editable from admin settings.
Configure default roles, role approval, compliance retention, support access, password length, session timeout, and channel settings.
Ready to open the portal?
Sign in to manage users, documents, subscriptions, settings, and payments.