Network command center · superadmin.b2c.tel canonical

Govern the whole website network, not the domain used to open superadmin.

superadmin.b2c.tel is the canonical network-wide command center. Legacy or tenant-specific superadmin aliases are optional shortcuts only; all counts and workstreams query the complete Sanity network registry rather than scoping to the host domain.

Network-wideCross-tenant guardrailsMigration QASEO graph governanceDeny-by-default agents

Tenants governed

Site registry records across the network, including active/suspended/archive states.

Content footprint

168

Network pages, posts, and services requiring SEO/canonical/content governance.

Graph workload

Relationship edges plus backlink recommendations awaiting governance.

Security posture

allowlisted

Superadmin access depends on SUPERADMIN_EMAIL_ALLOWLIST and bootstrap auth rotation.

Enterprise network cockpit

An operating system for websites, providers, evidence, and policy.

This layer turns superadmin into a real command center: domain launch state, migrations, SEO graph governance, commerce source safety, customer privacy, credentials, release posture, and external agent control are visible before operators enter a workstream.

Network promise

No tenant ambiguity, no hidden provider failures, no raw secret exposure, no Shopify mutations, no automatic public content, and no production-success claim without verification evidence.

Canonical control plane

superadmin.b2c.tel

Network governance is intentionally independent of tenant shortcut hosts, reducing impersonation and tenant-scope ambiguity.

Network posture

80% ready

Composite of Sanity registry, Shopify source, Google evidence, superadmin allowlist, and live network count access.

Registry visibility

live

Sanity site registry is queryable across all tenants.

Evidence layer

connect Google

SEO graph can still model governance, but measured trend overlays wait for GSC/GA credentials.

Launch and domain command

runtime-first

Onboard domains from the dashboard, persist Sanity registry state, register Vercel hosts when credentials exist, and expose DNS remediation rows instead of claiming success prematurely.

Open workspace →

Migration with QA evidence

dry-run gate

Discover URLs, analyze templates, preserve raw snapshots, produce parity reports, and block imports until an operator approves the evidence.

Open workspace →

Commerce and customer governance

source live

Keep Shopify read-only while governing catalog snapshots, bulk product policies, product action modes, and redacted customer/account sync rules.

Open workspace →

Security, release, agent control

guarded

Operate role allowlists, provider credentials, cost/quotas, deployment proof, audit traces, and deny-by-default external AI-agent access.

Open workspace →

Sanity tokens vs Studio login

Server tokens can operate content; Studio still needs editor identity.

What tokens are for

Authenticated superadmin APIs can read, create drafts, run diagnostics, seed content, and perform audited server-side Sanity operations without exposing secrets to the browser.

Why Studio login remains

Sanity Studio is a browser editor. It requires a Sanity user session for identity, role permissions, audit attribution, and CORS-safe Visual Editing. A server token must not be used as a browser login substitute.

Best enterprise pattern: keep Studio login for human WYSIWYG editing, and build custom dashboard actions for repeatable server-token workflows like launch seeding, draft generation, diagnostics, and governed bulk updates.

Enterprise implementation blueprint

How the network should keep maturing

Centralize command on b2c.tel

Use superadmin.b2c.tel as the canonical network-wide cockpit, with tenant-specific superadmin aliases optional and governed.

canonical

Make every module an action center

Tenants, migrations, SEO, relationships, commerce, customers, operations, monetization, and AI route to human workspaces, not raw APIs.

implemented path

Keep platform-native boundaries

Sanity edits stay in Studio/custom server workflows, Shopify stays read-only, Vercel remains deployment/domain authority, and Google is the measured SEO source.

native-first

Only claim success with evidence

DNS, aliases, CORS, provider credentials, content, build, production routes, and authenticated workflows must produce visible verification artifacts.

evidence-led

SDD-005 superadmin responsibilities

Network governance workstreams

These are network control areas, not decorative links: each opens a governed workspace with live records, action controls, provider truth, policy guardrails, and the technical contracts behind it.

tenant governance

Tenant and domain registry

live

Create, import, search, suspend, archive, and launch tenants with domains, feature gates, routing presets, integration state, audit metadata, and a dashboard-only rug.news creation test.

28 tenants · 22 active

/api/admin/tenantssite schema

Guardrail: Dangerous tenant actions require confirmation, audit event, and rollback guidance.

Open tenant registry workspace →

migration

Migration command center

operator workspace

Run source discovery, dry-run analysis, template/body/media/product/service/link/schema conversion, URL parity, redirects, and cutover QA.

0 migration jobs

/api/admin/migrations/dry-runmigrationJob schema

Guardrail: No migration writes before dry-run and QA report review.

Open migration workspace →

seo network

Network SEO intelligence graph

needs config

Aggregate GSC/GA, detect keyword gaps, cannibalization, declining pages, indexing problems, relationship risks, and backlink opportunities.

0 reports · 0 graph/recommendation records

/api/admin/seo/api/admin/relationships

Guardrail: Cross-site link recommendations require risk-aware superadmin moderation.

Open SEO governance workspace →

link policy

Relationship and backlink governance

operator workspace

Moderate cross-site recommendations, link budgets, trust/risk scores, topical relevance, anchor diversity, and approval/rejection queues.

0 recommendations

/api/admin/relationshipsbacklinkRecommendation schema

Guardrail: No backlink stuffing, hidden links, or unapproved automation.

Open relationship workspace →

shopify

Commerce governance

live

Configure read-only Shopify source, central catalog refresh, snapshots, tenant product-set access, Sanity Connect strategy, and sync templates.

1 snapshots · 28 visibility rules

/api/admin/shopify/api/cron/shopify/refresh

Guardrail: Network policy forbids Shopify writes unless a future SDD changes it.

Open commerce governance workspace →

content ops

Content operations and autoblogging policy

policy gated

Govern topic ownership, editorial calendar, prompt/version policy, approval requirements, duplicate-content limits, canonical strategy, and syndication.

0 autoblog drafts

/api/admin/autoblog/draftautoblogDraft schema

Guardrail: No auto-publishing unless explicitly enabled and approved by policy.

Open content ops workspace →

monetization

Monetization and AdSense policy

policy gated

Control eligibility, blocked categories, placement rules, tenant overrides, revenue reporting readiness, and policy-safe rollout gates.

/api/admin/monetization/adsense

Guardrail: AdSense activates only after eligibility and policy gates pass.

Open monetization workspace →

operations

Security, credentials, audit, cost

operator workspace

Monitor credential health, quotas, budget gates, deployment status, degraded states, audit logs, branch governance, and production verification evidence.

67 audit events

/api/health/api/admin/diagnostics/sanity

Guardrail: Secrets stay in provider stores; dashboards show config names, never secret values.

Open operations workspace →

ai governance

External AI-agent governance

policy gated

Register external agent clients, policy tiers, tenant/network scopes, MCP/API allowlists, denial rules, budgets, kill-switches, and execution logs.

0 clients · 0 profiles · 0 logs

/api/agent/gatewayagentPolicyProfile schema

Guardrail: External agents cannot access cross-tenant data or privileged tools without explicit policy.

Open AI governance workspace →

Network SEO relationship graph

Network-level model for sites, strategic content clusters, shared keyword themes, external competitors/referrers, cross-site links, canonical/syndication dependencies, and impact propagation.

MeasuredInferred

site

Tenant A

mixed

site

Tenant B

mixed

topic

Keyword cluster

inferred

external

Competitor domain

measured

policy

Canonical chain

inferred

referrer

Backlink source

measured

Impact semantics

Authority flow and risk propagation across tenants and topic clusters.
Cannibalization detection for shared keywords and over-concentrated links.
Cross-site recommendation moderation with expected benefit and spam risk.
Before/after comparison for migrations, campaigns, cutovers, and content releases.

Measured overlays require GSC/GA/backlink provider connections; inferred graph contracts remain visible so the governance model is understandable without fabricating metrics.

Network command queue

P0operator actionOwner: platform

Verify domains through runtime panel and provider DNS

Use the superadmin tenant/domain workspace to add hosts when Vercel credentials exist, then resolve nameserver/A/CNAME remediation in the domain provider before launch.

P0okOwner: platform

Populate production provider credentials

Sanity, Shopify, GSC, GA4, and superadmin allowlist determine whether dashboard data is measured, degraded, or configuration-required.

P1approval requiredOwner: seo

Moderate relationship/backlink queue before publication

Cross-site links need topical relevance, link-budget checks, anchor diversity, spam-risk review, and audit linkage.

P1policy workspaceOwner: release

Define branch-to-domain deployment governance

Production domains should deploy only from approved branches with traceable commit SHA, validation evidence, and rollback notes.

Provider truth

Credential, source, and access diagnostics

The diagnostics row is now an operations input: it explains which network features can run today and which remain blocked by provider configuration or policy gates.

Tenant directory

All `site` documents in Sanity. Each tenant maps to one subdomain plus aliases.

Superadmin allowlist

Drives Auth.js role assignment. Stored in SUPERADMIN_EMAIL_ALLOWLIST.

Shopify source-of-truth

Single centralized snapshot consumed by all tenants. Read-only platform-wide (SDD-007).

GSC connector

Missing credentials

GSC service account credentials not configured

GA4 connector

Missing credentials

GA4 service account credentials not configured

AreaTenant controlSuperadmin controlStatus

Tenant domainsView assigned hosts and launch checklistCreate/suspend/archive, Vercel/DNS/domain eligibilitylive

SEO linksInternal links and tenant-safe suggestionsCross-site approvals, budgets, trust/risk scoringoperator workspace

ShopifyEnrichment and visibility inside allowed setRead-only source, snapshots, sync policy, catalog accesslive

AI agentsDraft-safe approved workflowsClient registry, tiers, kill-switch, budgets, audit reviewpolicy gated

MonetizationEligible overrides within guardrailsAdSense policy, blocked categories, placement rulespolicy gated