Admin Console Guide

The Noxys admin console is your central command center for managing policies, users, monitoring AI usage, and ensuring compliance across your organization.

Prerequisites

• Admin role (Viewers have read-only access to most features)
• Browser with JavaScript enabled
• Access to your Noxys instance URL (e.g., https://noxys.cloud)

Dashboard Overview

The Dashboard is your first view when logging in. It provides real-time visibility into AI usage patterns and policy effectiveness.

Dashboard Components

1. Interaction Trends

What you see: Line chart showing interaction count over time (last 7 days).

What it tells you:

• Growing trend = increasing AI adoption
• Spikes = specific departments or projects using more AI
• Baseline = normal usage pattern to detect anomalies

Actions:

• Click any point on chart to drill down to interactions for that time
• Toggle between line and bar chart views
• Export data as CSV

2. Risk Score Distribution

What you see: Histogram of risk scores (0-1 scale).

What it tells you:

• Left side (low scores): Safe, approved usage
• Right side (high scores): PII-heavy interactions needing attention
• Peak position: Where most interactions fall (typical risk profile)

Interpretation:

• Tall left bar, small right tail = healthy (most usage is safe)
• Flat/wide distribution = mixed usage (need better policies)
• Right-heavy = concerning (lots of sensitive data exposure)

3. Top Platforms

What you see: Bar chart ranking AI platforms by interaction count.

Example:

ChatGPT      [████████████████████] 45%
Claude       [████████████] 28%
Gemini       [████████] 18%
DeepSeek     [██] 6%
Other        [█] 3%

Actions:

• Click platform name to filter all dashboard data to that platform
• Identify which services are most used (for policy prioritization)

4. Policy Effectiveness

What you see: Table showing each enabled policy with:

• Policy name
• Triggered count (last 7 days)
• Action type (Block/Coach/Log)
• Last triggered

Example:

Policy	Triggered	Action	Last Triggered
Block PII on ChatGPT	127	Block	5 mins ago
Coach Finance on US Services	34	Coach	2 hours ago
Log all DeepSeek	89	Log	10 mins ago

Actions:

• Click policy name to edit or view details
• Toggle enable/disable (without leaving dashboard)
• Identify underutilized policies for adjustment

5. User Activity

What you see: Recent user list with last login and status.

Example:

User	Email	Role	Last Login	Status
Alice	alice@acme.fr	Admin	2 hours ago	Active
Bob	bob@acme.fr	Viewer	3 days ago	Active
Carol	carol@acme.fr	Pending	Never	Pending

Actions:

• Click user to invite/reset/remove
• Identify inactive users who may need offboarding

Dashboard Filters & Customization

Time Range:

• Default: Last 7 days
• Options: 24 hours, 7 days, 30 days, custom date range
• Click date selector to change

Platform Filter:

• Default: All platforms
• Click any platform in "Top Platforms" to filter all charts
• Or use dropdown to select specific platform(s)

Department Filter (if SSO enabled):

• Default: All departments
• Filter by Entra ID group, LDAP department, or SAML attribute

Refresh Rate:

• Real-time (updates every 5 seconds)
• Auto-pause if you're reading a section (resumes on scroll)

Navigation

The left sidebar provides access to all major sections:

Dashboard          [current page icon]
├─ Policies
├─ Users
├─ Interactions
├─ Compliance
├─ Audit Log
├─ Settings
└─ Help & Support

Breadcrumb Navigation

At the top of each page, you'll see the current path. Click any breadcrumb to jump back:

Dashboard > Policies > "Block PII on ChatGPT" > Edit
[click "Policies" to go back to policies list]

Search & Filtering

Most list pages have a search bar and filter options:

Example (Policies page):

[Search policies...] [Enabled ▼] [By Platform ▼] [By Action ▼]

• Search: Instant full-text search (name, description)
• Status: Enabled/Disabled/All
• Platform: chatgpt, claude, gemini, etc.
• Action: Block/Coach/Log

Policies Section

Manage all your AI usage policies from this central hub.

View All Policies

1. Click Policies in sidebar
2. You'll see a table with:
   • Policy name
   • Description (if provided)
   • Enabled toggle
   • Priority number
   • Action (Block/Coach/Log)
   • Triggered count (last 7 days)
   • Last modified

Example:

Name	Enabled	Priority	Action	Triggered	Modified
Block PII on ChatGPT	✓	10	Block	127	2 hours ago
Coach Finance on US	✓	20	Coach	34	1 day ago
Log all DeepSeek	✗	30	Log	0	3 days ago

Create a New Policy

1. Click + New Policy

2. Fill out the form:

   Field	Instructions	Example
   Name	Unique, descriptive name	"Block PII on ChatGPT"
   Description	Optional, max 500 chars	"Prevents sensitive data sharing on US-based service"
   Enabled	Toggle to activate now (off by default)	Off
   Priority	Lower = evaluated first (0-1000)	10
   Action	Block / Coach / Log	Block

3. Click + Add Condition to add rules:

   • Choose a field (platform_id, risk_score, user_id, etc.)
   • Choose an operator (eq, neq, in, contains, gt, gte, etc.)
   • Enter a value
   • Click Add

4. Repeat for multiple conditions (all must match)

5. Click Create Policy

Edit a Policy

1. Click a policy name in the list
2. Click Edit
3. Modify any field (name, description, conditions, action, priority)
4. Click Save

The policy takes effect immediately for future interactions.

Toggle Enable/Disable

1. Find the policy in the list
2. Click the Enabled toggle
3. No confirmation needed (toggle is immediate)

Disabled policies are not evaluated, making this useful for:

• Testing new policies without blocking users
• Temporarily pausing a rule for investigation
• A/B testing policy effectiveness

Delete a Policy

1. Click a policy name
2. Click Delete
3. Confirm: "Are you sure? This action is permanent."

Important: Deleting a policy does NOT delete historical records. All past interactions remain in the audit log.

Users Section

Manage team members, roles, and SSO settings.

View All Users

Click Users to see:

User	Email	Role	Last Login	Status	Actions
Alice	alice@acme.fr	Admin	2h ago	Active	[...]
Bob	bob@acme.fr	Viewer	3d ago	Active	[...]
Carol	carol@acme.fr	—	Never	Pending	[...]

Status meanings:

• Active: User has logged in at least once
• Pending: Invitation sent, user hasn't accepted yet
• Inactive: User hasn't logged in for 60+ days

Invite Team Members

1. Click + Invite User
2. Enter email addresses (comma-separated for bulk invites)
3. Select role: Admin or Viewer
4. Click Send Invitations

What happens next:

• Email sent with signup link
• Recipient creates password and logs in
• Access granted immediately

Change User Role

1. Click a user's name
2. Click the Role dropdown
3. Select new role: Admin or Viewer
4. Click Save

The user's permissions update immediately.

Role Permissions:

Action	Admin	Viewer
View Dashboard	✓	✓
View Interactions	✓	✓
View Audit Log	✓	✗
Create/Edit Policies	✓	✗
Manage Users	✓	✗
View Billing	✓	✗

Remove a User

1. Click a user's name
2. Click Delete
3. Confirm: "Are you sure?"

What happens:

• User loses access to dashboard
• All historical interactions remain (not deleted)
• User's email becomes available for re-invite

Single Sign-On (SSO) Setup

For enterprise deployments, Noxys supports:

• Entra ID (Microsoft Graph API) — departments, groups, device compliance
• LDAP / LDAPS — on-premise Active Directory
• SAML 2.0 — Okta, OneLogin, Ping Identity
• OIDC — Generic OIDC providers

Entra ID Setup

1. Go to Settings → Single Sign-On → Entra ID
2. Click Configure
3. Enter your Azure Tenant ID
4. Grant Noxys permission to read user/group data (Entra ID prompt)
5. Test by logging out and clicking Sign in with Microsoft

After enabled:

• Users log in with their Microsoft 365 credentials
• Their department, manager, and group memberships are synced hourly
• You can create policies based on AD groups (e.g., "Block DeepSeek for Finance team")

LDAP Setup

1. Go to Settings → Single Sign-On → LDAP
2. Enter connection details:
   • Server: ldap.company.com (or ldaps://... for TLS)
   • Port: 389 (LDAP) or 636 (LDAPS)
   • Bind DN: Service account (e.g., cn=noxys,ou=service,dc=company,dc=com)
   • Bind Password: Service account password
   • Base DN: Search root (e.g., dc=company,dc=com)
3. Click Test Connection
4. Once successful, click Enable

SAML / OIDC Setup

Contact support@noxys.eu for guided setup. You'll need:

• Your identity provider's metadata URL (SAML) or discovery endpoint (OIDC)
• Noxys will provide entity ID / client ID and callback URLs

Interactions Section

View and analyze all detected AI interactions.

View Interactions

1. Click Interactions in sidebar
2. You'll see a table with recent AIInteraction events:

Timestamp	User	Platform	Risk Score	Classifications	Policy Decision
2026-03-20 14:32	alice@acme.fr	chatgpt	0.95	EMAIL, PHONE	Blocked
2026-03-20 14:25	bob@acme.fr	claude	0.15	EMAIL	Logged
2026-03-20 14:10	carol@acme.fr	gemini	0.00	—	Logged

Filter Interactions

Use the filter panel:

• User: Select specific user or department
• Platform: Filter by chatgpt, claude, gemini, etc.
• Risk Score: Min-Max slider (0-1)
• Action: Block / Coach / Log
• Date Range: Custom start and end date
• Has Classifications: Yes / No (only PII-containing)

Example filter: Show all Blocked interactions on ChatGPT from Finance team in the last 24 hours.

View Interaction Details

Click any row to open detailed view:

Interaction ID: f47ac10b-58cc-4372-a567-0e02b2c3d479
Timestamp: 2026-03-20T14:32:00Z
User: alice@acme.fr (Department: Finance)
Platform: ChatGPT
Direction: Outbound (prompt)
Content Hash: a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3
Risk Score: 0.95
Classifications:
  - EMAIL (confidence: 0.98) [24-42 chars]
  - PHONE (confidence: 0.92) [45-57 chars]
Policy Decision: Block
Policy Name: Block PII on ChatGPT
Policy ID: c8d4e2f1-aaaa-bbbb-cccc-000000000001
Blocked: Yes
Timestamp: 2026-03-20T14:32:02Z

Export Interactions

1. Apply filters as needed
2. Click Export CSV
3. All filtered interactions downloaded as CSV file

CSV columns: Timestamp, User, Platform, Risk Score, Classifications, Policy Decision, etc.

Use cases:

• Compliance reporting
• Incident investigation
• Trend analysis (import into Excel/BI tool)

Compliance Section

Demonstrate compliance with regulations and frameworks.

EU AI Act Mapping

1. Go to Compliance → EU AI Act

2. You'll see a checklist of requirements:

   • ✅ Prohibited AI practices (banned models)
   • ✅ High-risk AI (monitored and logged)
   • ✅ Transparency (disclosure logs)
   • ✅ Human oversight (policies enforced)

3. For each requirement, review:

   • Status: Compliant / Non-compliant / Partial
   • Evidence: Policies, audit log entries, classifications
   • Action: What to do if non-compliant

Generate Compliance Report

1. Go to Compliance → Reports
2. Click + Generate Report
3. Select scope:
   • Scope: Your entire org, specific department, or date range
   • Standards: EU AI Act, GDPR, ISO 27001, etc.
4. Click Generate

Report includes:

• Policy inventory and effectiveness
• PII detection statistics
• Risk score distribution
• Audit log sample
• Recommendations for improvement

Export as: PDF or JSON

Data Residency

1. Go to Compliance → Data Residency
2. Confirm your deployment location:
   • SaaS (EU): All data in European data centers (AWS eu-west-1, Azure westeurope, or similar)
   • Self-hosted: On your own infrastructure (Kubernetes, Docker Compose)
3. Verify database location and backup destinations
4. For GDPR compliance, confirm that third-party services (e.g., analytics) are also EU-based

Audit Log Section

Review all administrative actions (immutable record).

View Audit Log

1. Click Audit Log in sidebar
2. You'll see a table with columns:
   • Timestamp: When the action occurred
   • User: Who performed the action
   • Action: What they did (created policy, deleted user, etc.)
   • Resource: What was affected (policy ID, user email, etc.)
   • Status: Success / Failure

Filter & Search

Use the filters to find specific events:

User: alice@acme.fr
Action: policy.created
Resource: Block DeepSeek
Date Range: 2026-03-15 to 2026-03-20

Example results:

Timestamp	User	Action	Resource	Status
2026-03-20 10:15	alice@acme.fr	policy.created	"Block DeepSeek"	Success
2026-03-20 10:16	bob@acme.fr	policy.enabled	"Block DeepSeek"	Success
2026-03-20 14:32	alice@acme.fr	policy.edited	"Block DeepSeek"	Success

View Details

Click any row to see full details (before/after state):

Action: policy.edited
Timestamp: 2026-03-20T14:32:00Z
User: alice@acme.fr
Resource: "Block DeepSeek" (policy-123)

Before:
  priority: 20
  enabled: false

After:
  priority: 10
  enabled: true

Export Audit Log

1. Apply filters as needed
2. Click Export CSV

CSV includes all columns. Useful for compliance reports or investigation.

Settings Section

Configure webhooks, API keys, preferences, and billing.

API Keys

Generate tokens for programmatic access (CLI, integrations, SDKs).

1. Go to Settings → API Keys
2. Click + Generate Key
3. Enter a description (e.g., "Splunk integration")
4. Select permissions:
   • Read: View interactions, policies, inventory
   • Write: Create/update policies, send interactions
   • Admin: User management, audit log (use with caution)
5. Click Generate

Important: Copy the token immediately (you won't see it again). Store securely in your password manager or secret management tool.

To revoke: Click the key → Revoke

Webhooks

Send real-time alerts to external systems (Slack, Splunk, Datadog, custom endpoints).

1. Go to Settings → Webhooks
2. Enter your webhook URL (e.g., https://hooks.slack.com/services/...)
3. Click Test Webhook (sends a test event)
4. Select which events to send:
   • All alerts: Every policy decision
   • High risk only: risk_score > 0.8
   • Policy violations: Blocked interactions only
   • Custom: Select specific classifications (PII types, amounts, etc.)
5. Click Save

Webhook payload format:

{
  "event_type": "policy_violation",
  "timestamp": "2026-03-20T14:32:00Z",
  "interaction_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
  "user_email": "alice@acme.fr",
  "platform_id": "chatgpt",
  "risk_score": 0.95,
  "classifications": [
    {
      "type": "EMAIL",
      "confidence": 0.98
    }
  ],
  "policy_decision": {
    "policy_id": "c8d4e2f1-aaaa-bbbb-cccc-000000000001",
    "policy_name": "Block PII on ChatGPT",
    "action": "block"
  }
}

Theme & Language

1. Go to Settings → Preferences
2. Choose:
   • Theme: Light, Dark, or System (auto)
   • Language: English, French (more coming)
3. Save

Changes apply immediately.

Billing Portal

Access Stripe's customer portal to manage subscription:

1. Go to Billing → Manage Subscription
2. You're redirected to Stripe
3. View invoices, update payment method, manage seats

Keyboard Shortcuts

Quick navigation:

• G then D → Go to Dashboard
• G then P → Go to Policies
• G then U → Go to Users
• ? → Show all shortcuts

Actions:

• / → Focus search bar
• N → New item (policy, user invitation, etc.)
• Ctrl+S → Save (on edit pages)
• Escape → Close modal or deselect

Next Steps

• Policy Configuration — Learn how to create effective policies
• PII Detection — Understand detection types and tiers
• Policies — Full reference for policy management

---

Need help?

• Email: support@noxys.eu
• Chat: In-app support (click ? icon)
• Status: status.noxys.cloud