Login to the White Label Dashboard

The login experience should feel like a controlled entry point, not a consumer form. It is the front door for operators, partners, and continuity users who already have a reason to be here.

Controlled

Entry posture

Role + division + posture

Access model

Signed + encrypted

Security surface

Operator access model

Enter the control surface for Echo OS, division routing, domain-level visibility, and governed access.

Entry discipline

The login page should confirm the user, the lane, and the access model before state changes begin.

White label posture

The dashboard should feel branded, professional, and operational rather than generic or consumer-first.

Entry checks

Identity must be explicit before privileges expand.
Role, division, and access posture should be visible at sign-in.
Authentication should lead directly into the correct operating lane.

Governed access intake

Submit a controlled operator-entry packet. The worker stores the request, issues a signed receipt, and holds the lane for operator review.

Access packet

Full name Work email Organization Division Actor class Requested surface Department ID District ID Domain ID Reason for access

Receipt status

Awaiting submission

The access packet receipt will appear here after submission.

Request ID: Pending
Status: Not submitted
Updated: Pending

Operator session

No active operator session

The active session lane will appear here after approval issues a governed operator session.

Session ID: Pending
Status: Not active
Lane: Pending
Updated: Pending
Expires: Pending
Time remaining: Pending

Session registry

No governed session history

The latest governed sessions tied to this approved request will appear here after session validation succeeds.

No active session packet is loaded in the browser.

Only related active sessions for the same approved request can be revoked here. The current session still uses the primary terminate control. Signed issue and revoke receipts appear underneath each session when worker validation succeeds.

Session doctrine

Session scope stays inside the approved lane.

Active operator sessions remain bounded to the reviewed division, department, district, and domain packet. Terminating the session revokes the worker-side record, clears the browser lane, and returns execution to governed login.

Inspectable from the public login surface
Revocable by the session holder through possession of the signed session token
Still auditable through operator review and worker archive receipts

Next step

Need a governed entry path before login?

Use domains or contact when the user still needs classification before authentication and encrypted server access begin.

Open Domains Hub Open Contact Us