Platform Settings

Centralized configuration hub with 5 tabbed panels for organization settings, notification preferences, integrations, user management, and data retention policies.

Overview

Platform administrators need a single location to manage all operational configuration. The Settings module consolidates organization-level preferences, notification channel configuration, third-party integration management, user access control, and data retention policies into a tabbed interface. It also surfaces SSO configuration status (fetched from the SSO API) and system metrics (from the admin API) on the General tab, giving administrators a quick operational overview alongside their configuration controls.

What Was Proposed

Tabbed settings interface with 5 panels
Organization settings: name, timezone, date format
Notification preferences: email, Slack, PagerDuty channels with toggle controls
Integration management: connect/disconnect third-party services
User management: list, invite, edit role, remove
Data retention policies: per-data-type retention periods
SSO configuration overview from API
System metrics display from admin API

What's Built Complete

5-tab navigation: General, Notifications, Integrations, Users & Access, Data Retention
General Tab:
- Organization name input, timezone selector (6 timezones), date format selector (4 formats)
- "Save Changes" button with green success message
- SSO Configuration card fetched from /api/v1/sso/settings: shows enabled/disabled, provider, domain
- System Overview card fetched from /api/v1/admin/metrics: uptime, memory, WebSocket connections, autonomous systems running
Notifications Tab:
- Email Notifications: Critical Alert Emails, Daily Summary, Weekly Report -- each with orange toggle
- Slack Notifications: Alert Notifications, Escalation Alerts, Daily Digest
- PagerDuty Notifications: Critical Incidents, High Severity Alerts
- 8 total notification toggles with custom orange Toggle component
Integrations Tab:
- 8 integrations: Microsoft Sentinel (SIEM), CrowdStrike Falcon (EDR), PagerDuty (Alerting), Slack (Chat), Jira (Ticketing), ServiceNow (ITSM), Splunk (SIEM), Okta (Identity)
- Connected/Available status badges
- Connect button for available integrations, Disconnect link for connected ones
Users & Access Tab:
- User table: Name, Email, Role (color-coded badge), Last Active, Actions (Edit/Remove)
- 5 demo users with roles: Admin, SOC Analyst, SOC Lead, Viewer
- "Invite User" orange button with email prompt
- Invitation success confirmation
Data Retention Tab:
- 5 retention policies: Security Events (90 days, 2.4 TB), Alert Data (180 days, 156 GB), Incident Reports (1 year, 8.2 GB), Audit Logs (2 years, 45 GB), Threat Intel Feeds (30 days, 890 MB)
- Table with data type, retention period, current size, and Edit link
Error banner for API failures (amber warning)
Loading spinner for async SSO/metrics fetch

Architecture

Multi-API Integration

The Settings page aggregates data from multiple API endpoints. On mount, it issues parallel requests to /api/v1/sso/settings and /api/v1/admin/metrics using Promise.allSettled to handle partial failures gracefully. Notification and integration state is managed client-side. User and retention data use demo data with planned API integration.

Settings Page (5 Tabs)
+-------------------------------------------+
| Tab: General                              |
|   Org Settings (client state)             |
|   SSO Config  <- GET /api/v1/sso/settings |
|   Sys Metrics <- GET /api/v1/admin/metrics|
+-------------------------------------------+
| Tab: Notifications                        |
|   8 toggles (client state, planned API)   |
+-------------------------------------------+
| Tab: Integrations                         |
|   8 integrations (client state)           |
|   Connect/Disconnect actions              |
+-------------------------------------------+
| Tab: Users & Access                       |
|   User table (demo data)                  |
|   Invite/Edit/Remove actions              |
+-------------------------------------------+
| Tab: Data Retention                       |
|   5 policies (demo data)                  |
|   Edit links (planned)                    |
+-------------------------------------------+

Routing

Frontend Route

/settings

API Endpoints

/api/v1/sso/settings
/api/v1/admin/metrics

Prerequisites

Authenticated user with admin or super_admin role
SSO API available for General tab SSO card (graceful fallback)
Admin metrics API available for system overview (graceful fallback)

Data Model

SSO Settings (from API)

Field	Type	Description
enabled	boolean	SSO enabled state
provider	string?	SSO provider name
domain	string?	Configured domain
client_id	string?	Application client ID

Admin Metrics (from API)

Field	Type	Description
uptime_seconds	number	API server uptime
memory_mb	number	Memory usage in MB
cpu_percent	number	CPU utilization percentage
active_ws_connections	number	Active WebSocket connections
autonomous_systems_running	number	Running autonomous SOC systems
autonomous_systems_total	number	Total autonomous SOC systems

Notification Preferences

Channel	Setting	Default
Email	Critical Alert Emails	On
Email	Daily Summary	On
Email	Weekly Report	Off
Slack	Alert Notifications (#security-alerts)	On
Slack	Escalation Alerts	On
Slack	Daily Digest	Off
PagerDuty	Critical Incidents	On
PagerDuty	High Severity Alerts	Off

Integrations

Name	Category	Default Status
Microsoft Sentinel	SIEM	Connected
CrowdStrike Falcon	EDR	Connected
PagerDuty	Alerting	Connected
Slack	Chat	Available
Jira Service Management	Ticketing	Available
ServiceNow	ITSM	Available
Splunk	SIEM	Available
Okta	Identity	Connected

Data Retention Policies

Data Type	Retention Period	Current Size
Security Events	90 days	2.4 TB
Alert Data	180 days	156 GB
Incident Reports	1 year	8.2 GB
Audit Logs	2 years	45 GB
Threat Intel Feeds	30 days	890 MB

UI Description

Header

Settings gear icon with "Settings" title. Below, a horizontal tab bar with 5 tabs, each with its own icon (Settings, Bell, Plug, Users, Database). Active tab has blue bottom border.

General Tab

Organization Settings card with text input for name, dropdown selectors for timezone and date format, and blue "Save Changes" button with transient green success message. SSO Configuration card showing enabled/disabled badge and provider details (loading spinner while fetching). System Overview card with 2x2 grid of monospace metric tiles showing uptime, memory, WebSocket connections, and autonomous systems running/total.

Notifications Tab

Three stacked cards (Email, Slack, PagerDuty), each containing notification settings as rows with title, description text, and an orange toggle switch on the right. Toggles animate between grey (off) and orange (on).

Integrations Tab

Single card with list of integrations. Each row shows plug icon avatar, tool name, category label, green "Connected" or grey "Available" status badge, and action button. Connect button is blue outline, Disconnect link is subtle grey. Connect action updates status immediately; Disconnect shows a confirmation dialog first.

Users & Access Tab

Card with header containing "User Management" title and orange "Invite User" button. Table with 5 columns: Name, Email, Role (color-coded pill badges: Admin=orange, SOC Lead=blue, SOC Analyst=green, Viewer=grey), Last Active, and Edit/Remove action links. Invitation success shows green confirmation banner.

Data Retention Tab

Card with "Data Retention Policies" heading and description text. Table showing data type, retention period, current size, and Edit link per row.

Source Files

Component	Path
Frontend Page	platform/frontend/src/app/settings/page.tsx