Admin Guide
This guide covers tenant administration for SUPERWISE Chat: managing users and roles, configuring projects and channels, governing knowledge bases and policies, and monitoring usage.
Roles and Permissions
Section titled “Roles and Permissions”SUPERWISE Chat uses a hierarchical role model. Each role inherits all permissions of the roles below it.
| Role | Description |
|---|---|
guest | Read-only access to assigned channels |
viewer | Can read conversations and search knowledge |
member | Can start and participate in conversations |
project_manager | Can manage channel membership and settings |
project_owner | Project ownership with elevated member rights |
project_admin | Full project and user management within the tenant |
tenant_admin | Full tenant administration, including plan and billing |
tenant_super_admin | Super-level tenant administration |
In addition to the hierarchy, these roles can be granted independently (they inherit from member):
| Role | Description |
|---|---|
governance_manager | Can view traces, policy alerts, and export audit data |
channel_moderator | Can manage membership and settings for a specific channel |
Assigning Roles
Section titled “Assigning Roles”- Navigate to Settings → Users.
- Click a user to open their profile.
- Under Roles, select a role from the dropdown and click Assign.
- To grant channel-specific access, open Settings → Channels → [Channel] → Members and assign a role scoped to that channel.
Channel-level role assignments override the user’s tenant-level role within that channel only.
User Management
Section titled “User Management”Inviting Users
Section titled “Inviting Users”- Go to Settings → Users → Invite.
- Enter the user’s email address and select their initial role.
- Click Send Invite. The user receives an email with a sign-in link.
Invited users appear as Pending until they accept the invitation and complete sign-in.
Deactivating Users
Section titled “Deactivating Users”Deactivated users cannot sign in but their history and contributions are retained.
- Open Settings → Users.
- Click the user, then Deactivate.
To re-activate, click Activate on the same screen.
Removing Users from Projects
Section titled “Removing Users from Projects”- Open Settings → Projects → [Project] → Members.
- Find the user and click Remove.
Removing a user from a project removes their access to all channels within that project. Their tenant-level role is unchanged.
Projects and Channels
Section titled “Projects and Channels”Creating a Project
Section titled “Creating a Project”Projects are workspaces that contain channels. A tenant can have multiple projects.
- Navigate to Settings → Projects → New Project.
- Enter a name and optional description.
- Configure default member access (who can see the project).
- Click Create.
Creating Channels
Section titled “Creating Channels”Channels within a project scope conversations to a topic or team.
- Open a project and click Channels → New Channel.
- Enter a name and choose a channel type:
- Standard — open to all project members
- Private — invite-only
- Optionally attach a knowledge collection to pre-load context.
- Click Create.
Knowledge Base Management
Section titled “Knowledge Base Management”Collections
Section titled “Collections”Knowledge is organized into collections. Each collection can be attached to one or more channels.
To create a collection:
- Navigate to Settings → Knowledge → New Collection.
- Enter a name and optional description.
- Set access: Tenant-wide or Project-scoped.
Adding Documents
Section titled “Adding Documents”Supported formats: PDF, DOCX, TXT, Markdown, HTML, CSV.
- Open a collection and click Upload.
- Select one or more files (max 50 MB per file).
- Documents are chunked and indexed automatically. Status shows Processing → Ready.
Web Crawl
Section titled “Web Crawl”To crawl a website into a collection:
- Open a collection and click Add Source → Web Crawl.
- Enter the starting URL and set crawl depth (1–3 levels recommended).
- Click Start Crawl.
Crawl jobs run in the background. Estimated time is shown in the job status panel.
Removing Documents
Section titled “Removing Documents”- Open the collection.
- Click the document, then Remove from Collection.
Removal takes effect immediately for new conversations. Existing conversations that cited the document are not retroactively updated.
Policies and Guardrails
Section titled “Policies and Guardrails”Policies govern what content the AI may produce or relay. Guardrails enforce policies at specific points in the pipeline.
Guardrail Gates
Section titled “Guardrail Gates”| Gate | When it runs | What it does |
|---|---|---|
| G0 — Input check | Every inbound message, before search or reasoning | Blocks jailbreaks and policy violations |
| G1 — Evidence filter | After knowledge search, before prompt assembly | Drops or redacts retrieved content matching guardrail rules |
| G2 — Prompt check | After prompt assembly (roadmap — not yet active) | Final check on assembled context before the LLM call |
| G3 — Output check | After the LLM response, before delivery to user | Blocks or redacts guardrail violations in the response |
Configuring Policies
Section titled “Configuring Policies”Requires the tenant_admin role (or higher).
- Navigate to Settings → Policies.
- Click New Policy or edit an existing one.
- Define conditions (keywords, topic categories, content types) and the action (block, warn, redact, log-only).
- Assign the policy to a gate and optionally scope it to a project or channel.
- Click Save and Activate.
Policy changes take effect for new conversations immediately. Use Test Policy to validate a rule against sample inputs before activating.
Reviewing Policy Blocks
Section titled “Reviewing Policy Blocks”When a message is blocked by policy, it appears in Settings → Governance → Policy Blocks. Each entry shows the message (redacted if configured), the matching rule, and the user.
Usage Governance
Section titled “Usage Governance”Token Quotas
Section titled “Token Quotas”Tokens are the unit of AI consumption (swTokens). Quotas can be set per user or per project.
- Go to Settings → Usage → Quotas.
- Set a monthly limit per user, per project, or tenant-wide.
- When a user hits their quota, new AI requests are blocked until the quota resets or an admin raises it.
Rate Limits
Section titled “Rate Limits”Rate limits cap the number of requests per minute from a single user.
Defaults are set by your plan. To override for specific users or projects, go to Settings → Usage → Rate Limits.
Usage Dashboard
Section titled “Usage Dashboard”Settings → Usage → Dashboard shows:
- Token consumption by user, project, and channel
- Request volume over time
- Top users by consumption
- Blocked requests (policy and quota)
Export data as CSV from the dashboard for external billing or reporting.
Plan and Entitlements
Section titled “Plan and Entitlements”Every plan includes the full feature set; plans differ by capacity. Your plan determines the limits available across your tenant.
| Capacity | Solo | Professional | Business | Business Plus | Enterprise |
|---|---|---|---|---|---|
| Users | 1 | Unlimited | Unlimited | Unlimited | Custom |
| Agents | 1 | 5 | 15 | 25 | Custom |
| Knowledge collections | 3 | 10 | 20 | 25 | Custom |
| Guardrails | 1 | 5 | 15 | 25 | Custom |
| Monthly tokens | 1,000,000 | 1,750,000 | 2,250,000 | 2,750,000 | Custom |
White-labeling and a custom domain are available on Business Plus and Enterprise. See Plans & Pricing for prices and the full comparison.
To view your current plan and usage against limits, go to Settings → Plan.
To upgrade, click Upgrade Plan and follow the checkout flow, or contact your account manager for Enterprise pricing.
Audit Log
Section titled “Audit Log”The audit log records all administrative actions across the tenant.
- Navigate to Settings → Audit Log.
- Filter by date range, action type, or user.
- Each entry shows: timestamp, actor, action, target, and outcome.
Audit log entries cannot be deleted by tenant administrators. Retention is governed by your contract — contact your account team for the duration applicable to your plan.
Exportable actions include: role assignments, user invitations/deactivations, policy changes, knowledge uploads/removals, and settings changes.
To export: set your filter, then click Export CSV.
Settings Reference
Section titled “Settings Reference”| Setting | Location | Description |
|---|---|---|
| Tenant name and logo | Settings → General | Brand settings shown to users |
| Single Sign-On (SSO) | Settings → Authentication | SAML/OIDC configuration for your IdP |
| Data retention | Settings → Data | Conversation retention period (default 90 days) |
| Session timeout | Settings → Security | Idle session expiration |
| Allowed email domains | Settings → Users | Restrict invitations to specific domains |
| Webhook endpoints | Settings → Integrations | Receive event notifications via webhook |
| API keys | Settings → Integrations | Issue keys for the Agent and Policy APIs |
Common Admin Tasks
Section titled “Common Admin Tasks”GDPR Erasure Request
Section titled “GDPR Erasure Request”To permanently delete all data for a specific user, use the erasure endpoint:
DELETE /v1/admin/users/:userId/dataRequires tenant_admin role. Returns a 202 Accepted with a per-table deletion summary. Note: Frontegg identity records must be removed separately via the Frontegg admin console — see the GDPR runbook for the full procedure.
Investigate a Policy Block
Section titled “Investigate a Policy Block”- Open Settings → Governance → Policy Blocks.
- Find the event by user or timestamp.
- Click the entry to see the matched rule, gate, and (if not redacted) the flagged content.
- If the block was a false positive, edit the policy rule and click Re-evaluate to re-process the blocked message.
Getting Help
Section titled “Getting Help”- In-app: click the ? icon in the lower left corner.
- Documentation: you are here.
- Support: contact your account manager or file a ticket at support.superwise.ai.
Enterprise customers have access to a dedicated Customer Success Manager and SLA-backed support response times.