OddDuck Syndicate
Challenge
As the customer base grew, support and compliance asked for finer-grained access inside the admin console, immutable audit history, and exports for internal reviews. The existing “super-admin only” model was a bottleneck and a risk.
Solution
We introduced role-based access control with policy checks at the API layer, structured audit events (who, what, when, before/after snapshots where appropriate), and reporting screens with filters and CSV export under permission.
Delivery
Migration preserved existing admin users while mapping them into roles. Security review validated tamper resistance of audit storage and separation of duties for sensitive actions.
Outcome
Customer success and security teams gained self-service visibility; engineering was no longer the gatekeeper for every investigation. The design satisfied the client’s internal policy checklist.