Admin Portal

Accessing the Admin Portal

To access the admin portal, you must hold an Organization Admin, Site Admin, or Full Admin role in at least one organization. Contact your organization's admin to have this configured for your profile.

The Dapple Admin Portal uses your profile passkey to authenticate administrators. To access the admin portal, enter this url in your web browser: https://api.dapplesecurity.com. You may use companion mode to authenticate using a browser on a computer using your mobile device.

The features available to you after signing in depend on your role within the active organization. For a full description of what each role can do, see User roles in the Dapple Concepts guide.

For more information about how passkeys work and how Dapple manages them, see Passkeys.

Switching Organizations

If you have administrative access to multiple organizations, the organization switcher in the page header lets you move between them. The switcher displays your accessible organizations as a collapsible hierarchy tree, grouping parent and child organizations together so you can see the relationships at a glance.

To switch to a different organization:

Click the account icon in the top-right corner of the admin portal header
The organization hierarchy tree will expand, showing all organizations in which you hold an admin role
Click an organization name to switch to it. The portal will reload within the context of that organization

Only organizations where you hold an Organization Admin, Site Admin, or Full Admin role will appear in the switcher. Organizations where you are only a Member are not accessible through the admin portal.

Managing Users

Viewing Users

To view the members of your organization, select Users in the left-hand menu. The list shows all accounts associated with the current organization along with their status (active, pending, or disabled).

To include users from child organizations in the list, enable the Include Child Organizations toggle. When enabled, users from the current organization and all organizations below it in the hierarchy are displayed together in a single view. This same toggle is also available on the Invites, Alerts and Domains pages, letting you monitor activity across your entire organization hierarchy from one location.

Adding Users

To invite a new user to your organization they will need an existing Dapple profile. The Dapple profile is created when they install the application and enroll using their biometric. Once they have a profile, you can invite that user to join your organization by sending an invite.

Select Users in the left-hand menu and click Add User
Enter the name and email for the user.
Select the organization you want to add the user to. You must hold an appropriate administrative role in the selected organization.
The user will need to enter an invite token to accept the invite, you can have the Admin Portal send this token via email by selecting the "Send invitation to new user?" checkbox. If you prefer, you can distribute the invite token to them manually, you can view the invite token in Invites by selecting the invite.
Invites expire in 1 week by default, you can change this expiration date when the invitation is created.
By default, a user will automatically join your organization when they accept the invite. If you wish to add an additional layer of approval by the admin, you can unselect the "Automatically approve account?" checkbox. In this case, admins will have to approve the invite after the user accepts it.

You can also create an invite directly from a user's detail view. Select a user from the Users list to open their detail view, then click Create Invite to send them a new invite to the organization.

Managing User Roles

Administrators with the appropriate permissions can change a user's role within the organization:

Select Users in the left-hand menu
Click the user whose role you want to change
In the user detail view, select the desired role from the Role dropdown
The change takes effect immediately

You cannot change your own role. For a description of each role's capabilities, see User roles in the Dapple Concepts guide.

Managing Organizations

The Tenants page (under Settings) shows the current organization and any child organizations you have access to manage. Organizations are displayed as a hierarchy tree, and available actions are based on your role.

This page is available to Site Admins and Full Admins. Full Admins also have the ability to create new child organizations.

Viewing the Organization Hierarchy

Select Settings in the left-hand menu and navigate to the Tenant Organizations section. The tree shows the current organization and all child organizations, along with your permission level in each.

Creating a Child Organization

Full Admins can create a new child organization:

Navigate to Settings > Tenant Organizations
Click Add Tenant
Select the parent organization under which the new organization will be created
Enter the name for the new organization
Click Save

The new organization will appear in the hierarchy tree and can be independently managed by switching to it via the organization switcher.

Renaming an Organization

Navigate to Settings > Tenant Organizations
Click the edit icon next to the organization you want to rename
Enter the new name and click Save

Deleting an Organization

Navigate to Settings > Tenant Organizations
Click the delete icon next to the organization you want to remove
Confirm the deletion

Deleting an organization is permanent. Ensure any users or data you need have been migrated before proceeding.

Restricted Domains

Restricted domains allow your organization to claim and manage access to specific DNS domains. When you verify control of a domain through DNS, Dapple passkeys created for usernames that use that domain (for example, user@company.com) can be associated with and managed by your organization.

To create a restricted domain, you must have the ability to create a TXT DNS record for the domain you wish to restrict and administrative access to the organization you are managing.

Steps to Create a Restricted Domain

Select Domains in the left hand menu bar
Enter the Domain name (e.g., subdomain.example.com) and click Create Domain Restriction
The Admin Portal will provide a name of a TXT record (e.g., _dappledomain.subdomain.example.com) and the contents of the TXT record
Create the TXT record with the provided name and content in your DNS provider
Once created, you can use the Verify Domain button to ensure the DNS record was created properly. There may be a slight delay while the DNS changes propagate
Once verification is successful, the domain restriction is now active and Dapple passkeys for that domain can only be created by users in your Dapple organization. Furthermore, they MUST use their organization account for these passkeys, ensuring that admins have visibility and control over these passkeys

For additional details about how restricted domains work, see Restricted Domains in the Dapple Concepts guide.

SIEM Integration

Dapple allows duplicating authentication logs and alerts to an external system. Currently Dapple supports sending logs via syslog, which is widely supported by SIEM vendors.

Steps to Configure Syslog Export

Ensure that you have a syslog collector enabled in your SIEM system and that you have the hostname and port available
Select Alerts in the left-hand menu and click the Export button. Click Add to add a syslog server
Enter the appropriate hostname and port. Also specify whether TCP or UDP should be used (TCP is preferred)
After clicking Save, a copy of future authentication logs and alert messages will be sent to the external syslog server. Dapple always will retain an internal copy of all logs as well

Custom Themes

Theming Overview

Custom themes allow your organization to apply its own branding — including a color palette and logos — to the Dapple experience for all users in your organization. Themes apply consistently across both the Admin Portal and the Dapple Authenticator app, ensuring a cohesive brand presence in every interaction.

Light and Dark Mode

Themes include separate configurations for light mode and dark mode. This ensures your branding remains visually appropriate regardless of the display preference set on a user's device. You will need to provide logo assets for both modes to ensure your branding looks correct in all environments.

Normal and High Contrast Logos

Within each mode (light and dark), Dapple supports two logo variants:

Normal: The standard version of your logo, intended for typical display conditions. This is the logo most users will see during day-to-day use.
High Contrast: An alternative logo optimized for high contrast display settings, which are commonly used by users with visual impairments or in environments where accessibility standards require enhanced contrast ratios. This variant should have stronger contrast between the logo elements and the background to remain clearly legible under high contrast system settings.

Providing both variants ensures your organization meets accessibility requirements while maintaining brand consistency for all users.

Theme Application

Themes are applied to the Authenticator app automatically when a user accepts their invitation to join your organization. No additional steps are required from the user — the branded experience is active from the moment they onboard.

Steps to Configure a Custom Theme

Select Settings in the left-hand sidebar
Expand the Themes section
Select Update theme colors and choose your organization's primary and accent colors. The primary color is typically the dominant brand color and is used for key UI elements such as headers and buttons. The accent color is used for highlights and interactive elements
Expand Upload logos
Select Upload light logos and upload both the normal and high contrast logo variants for light mode
Select Upload dark logos and upload both the normal and high contrast logo variants for dark mode

Once saved, the configured theme will be applied to new users upon accepting their organization invite, and will be reflected in the Admin Portal immediately.