TravelMate Admin

Trusted access for back-office decisions.

Protected routes, role-based access, MFA where required, and auditable signed session cookies are active across all admin surfaces.

Auth scope

Credentials are validated against the live API. Role-aware access, MFA challenge flow, and finance-only route protection are enforced.

Session model

Sessions are created by the API, then mirrored into a signed dashboard cookie so protected routes can bootstrap quickly.

Admin Access

Sign in

Reset password