Skip to content

App — Settings

User + workspace configuration. Uses ControlPage wrapper.

User + workspace configuration. Uses ControlPage wrapper (narrow centered form layout).

FieldValue
StatusGA
Owner@aphaiboon
LayoutControlPage (the only place max-w-4xl outer wrapper is allowed — see ADR-0004)
  • Profile — name, avatar, timezone
  • Sidekick — name, avatar style, default mode, voice (planned)
  • Notifications — what pages, when, where (email / Slack / in-app)
  • Privacy — Ghost Mode default, memory retention preferences
  • Sessions & devices — active sessions, 2FA, device list
  • Organization — name, billing email, branding
  • Members — invite / remove / role
  • Teams — create / archive teams
  • Apps — toggle apps on/off (mirrors App — Marketplace)
  • Integrations — manage connected accounts
  • Feature Flags — admin → /admin/feature-flags for staged rollouts
  • Billing — plan, payment method, invoices
  • Audit Log — actions taken in the workspace (planned)
  • Security — SSO config, IP allowlist (planned)

The Sidekick can READ settings (for context) but cannot WRITE most of them:

Never change account settings on the user’s behalf without explicit confirmation. Never grant permissions or authorizations on the user’s behalf (OAuth/SSO flows).

Settings that ARE Sidekick-writable (with user confirmation): Sidekick name + avatar, notification preferences, default mode.

TablePurpose
user_preferencesPer-user settings JSON
organization_settingsWorkspace-level settings
feature_flagsPer-org / per-user feature gates
audit_logAudit records (planned)
  • setting_updated (with section + key)
  • 2fa_enabled
  • integration_authorized
  • feature_flag_toggled (admin)
  • ControlPage with left-rail navigation between sections
  • Forms use react-hook-form + Zod validation
  • Save triggers toast ONLY if the change is non-obvious