Administration

Admin sign-in, tenants, and enrollment keys

How access works, how tenants are created, and how the two kinds of enrollment keys behave.

Sign in

SnitchOS is Microsoft Entra ID SSO only — the dashboard does not accept local passwords. Sign in at app.snitchos.com/login with your Microsoft 365 account. Admin accounts are provisioned first (by SnitchOS or an existing administrator); the same email must match your Microsoft account.

Two seat types exist: admins see every tenant; managers see only the tenants they're granted. Sign-in metadata (name, object ID, IP, user agent) is captured to the audit log on every login.

Create a tenant

  1. Sign in → top nav → Tenants.
  2. Fill in name + slug, click Create tenant.

Every row of endpoint data, every object-store key, and every API call is scoped to the tenant — isolation is enforced at the database and storage layers.

Enrollment keys

Keys are what agents present at install time. There are two workflows:

Fleet keys for RMM deployment

  • The first RMM-installer download creates a reusable fleet key and places it in the per-tenant wrapper.
  • Normal downloads reuse the current key so existing RMM jobs keep working.
  • Use Rotate & download, or revoke the key, when you need to invalidate an older wrapper.

One-off keys (bench machines, demos, manual installs)

  • Tenant overview → Enrollment keys → label it (e.g. bench-machine), set max uses = 1 and a short expiry, click Mint key.
  • The plaintext is shown once. Treat it like a password — never paste keys into ticket bodies, chat, or scripts you commit.

Revoking

Revoke a key from the key list at any time. Already-enrolled agents are unaffected because they use a device token after enrollment. Rotate or revoke the fleet key after suspected exposure or an administrator departure.

White-label branding

Per-tenant display name, logo, and accent color can be set under Tenant → Branding, so client-side viewers see their MSP's brand on reports and the dashboard.

Admin offboarding

Deactivate the admin account from the dashboard when someone leaves. Deactivation blocks new sign-ins immediately; the audit log records who did it and when.