Access and sessions
Dashboard access is verified twice.
The dashboard starts with account authentication, then resolves backend access through a short-lived token exchange.
Access flow
- 1
Sign in
The browser starts with protected account authentication.
- 2
Resolve access
The dashboard asks the backend for short-lived access tied to the verified user.
- 3
Check role and tenant
The backend decides what retailer and role the request belongs to.
- 4
Serve protected data
Dashboard APIs use verified access, not client-provided retailer hints.
Session model
Dashboard access is intentionally separate from marketing-page access. A signed-in browser still needs backend verification before it can fetch retailer data. This keeps the dashboard from trusting editable client-side values for role or tenant context.
Failure behavior
If account sign-in succeeds but dashboard access cannot be verified, the safer outcome is to stop and ask the user to try again. It is annoying for a minute. Accidentally serving the wrong data would be annoying for the rest of the company.