d42c653eea
- engineering-docs → archive/2026-03-29-engineering-docs (63/63 tasks complete) - phase-2-production-ready → archive/2026-03-29-phase-2-production-ready (89/89 tasks complete) - openspec/specs/ synced with all Phase 1 + Phase 2 + engineering-docs capabilities (22 specs total) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1.4 KiB
1.4 KiB
Spec: Web Dashboard UI
Status: Pending CEO approval Workstream: 6 of 8
Scope
dashboard/directory at project root- React 18 + TypeScript strict, built with Vite 5
- TanStack Query v5 for server state
- shadcn/ui (Radix UI + Tailwind CSS) for components
- Four pages: Agents, Credentials, Audit Log, Health
- Client-side auth:
clientId+clientSecret→TokenManager - Served from AgentIdP server at
GET /dashboard(static build)
Pages
| Page | Route | Scope Required |
|---|---|---|
| Login | /dashboard/login |
None |
| Agents | /dashboard/agents |
agents:read |
| Agent Detail | /dashboard/agents/:id |
agents:read |
| Credentials | /dashboard/agents/:id/credentials |
agents:read |
| Audit Log | /dashboard/audit |
audit:read |
| Health | /dashboard/health |
None |
Acceptance Criteria
- TypeScript strict — zero
anyacross all dashboard files dashboard/tsconfig.jsonwithstrict: true- Login form stores token in
sessionStorageonly (notlocalStorage) - All write operations (suspend, revoke, rotate) require confirmation dialog
- OWASP Top 10 review: no XSS, no CSRF, no sensitive data in URL params
- Vite build outputs to
dashboard/dist/; AgentIdP serves it as static dashboard/README.md— how to build and serve- Responsive layout — functional on desktop and tablet