Administration
This page covers the tenant administration features — managing users and access, API keys, settings, the audit log, and guest sharing. Most of these are admin‑only and appear under the Administration section of the sidebar.
Users and roles
Administrators manage the tenant's users: creating accounts, assigning roles, and handling account recovery.
Roles
| Role | What it grants |
|---|---|
| Admin | Full tenant administration; access to every matter in the tenant. |
| Attorney | Standard team member; access to assigned and org‑wide matters. The default role. |
| Deal Team | Transactional / M&A focus on deals and diligence. |
| Platform Admin | A Sentinel‑staff role for cross‑tenant operations — not assigned to customer users. |
Account actions
From user management an admin can:
- Create a user (email, name, role). New users may be sent an invitation and a temporary password, and are prompted to set a new password (and enroll in 2FA, if required) on first sign‑in.
- Reset a password — force a user to set a new password at next login.
- Reset 2FA — clear a user's two‑factor enrollment so they can re‑enroll (account recovery when a device is lost).
- Remove a user — deactivate an account so it can no longer sign in.
Matter assignments and access levels
Sentinel's access model is "admins assign attorneys to matters." A user who isn't an admin sees a matter only if:
- they're assigned to it,
- they own it (a personal data‑lake matter), or
- it's an enterprise data‑lake matter (org‑wide).
Each assignment carries an access level:
| Access level | Can view | Can modify |
|---|---|---|
| Full | Yes | Yes |
| Read‑only | Yes | No |
| Limited | A restricted subset | No |
Admins manage assignments from a matter's Team view. Removing an assignment revokes access immediately. Mutating actions within a matter require full access.
Rollout note for admins: when matter‑level access controls are first applied to a populated matter, users without an assignment lose access until assigned. Audit assignments before tightening access so the right people keep the access they need.
API keys
For programmatic and service‑to‑service access, the tenant supports long‑lived API keys (in addition to browser sessions). Manage them from the API Keys admin page:
- Create a key with a name, an inherited role (no higher than your own), and an optional expiry. The full key is shown once at creation — copy it then; it can't be retrieved later.
- List keys (admins see all; others see their own), identified by a short prefix.
- Revoke a key at any time; revocation is immediate.
API‑key management itself can only be done with a browser (JWT) session — an API key cannot create or revoke other keys. See the API Reference → Authentication for the technical details.
Tenant settings
The Tenant Settings page controls tenant‑wide configuration:
- Practice mode — Litigation, Transactional, or Real Estate (the setting that reshapes navigation and features). This is typically set by Sentinel during provisioning and managed centrally.
- Branding — display name, logo, and default theme.
- Production defaults — Bates prefix and padding, default rendition format.
- Feature toggles — enable/disable features such as Emma and voice mode where applicable.
Audit log
The Audit Log is an admin view of tenant activity for compliance and defensibility. It records actions such as sign‑in successes and failures, sign‑ outs, support sessions, and document/matter operations — with the user, a timestamp, and context (IP and user agent where applicable). The log is built to be reliable: recording an event never blocks the underlying action.
AI‑assistant actions through the API / connector are also audited at the tool‑call level — what was called, by whom, with what arguments, and how long it took — which supports the "what did the assistant see, when, on whose behalf?" question.
Two‑factor authentication (2FA)
Tenants can require 2FA. When required, users enroll an authenticator app on first sign‑in and enter a code at each login. Admins can reset a user's 2FA for recovery. (2FA is enforced at the account/login layer.)
Data‑room guest sharing
Admins and attorneys can invite external, read‑only guests to a data room without giving them accounts, and manage or revoke that access. Guest sessions re‑check access on every request, so revocation is immediate. See Data Rooms → Sharing a data room with an external guest.
Usage
The Usage view shows consumption — for example AI usage and related cost — so admins can monitor spend.
Related
- Integrations — connecting mailboxes, court sources, and the AI connector.
- API Reference — auth, REST endpoints, and the connector tool catalog.
- Security & Compliance — isolation, data residency, and controls.