Identity & Access
Account & Identity Governance
The control plane for who can act, on which accounts, and with what rights — enforced before any publishing or MCP side effect leaves the building.
Governance controls permissions, 2FA and publishing / ads rights BEFORE any publishing or MCP action can run. A capability that is not granted here can never be exercised downstream.
Identities
10
social accounts
Active
6
publishing-eligible
Connected
4
auth healthy
Roles
8
in RBAC matrix
Account Identities
Per-account connection health, publishing rights and risk
| Platform | Handle | Connection | Publishing | Ads | Followers | Risk |
|---|---|---|---|---|---|---|
| @lumi.sleep | Connected | Allowed | Allowed | 48.2K | Low | |
| @lumi.rituali | Connected | Allowed | Allowed | 12.1K | Low | |
| Tiktok | @lumisleep | Connected | Allowed | Allowed | 91.3K | Low |
| Tiktok | @lumi.science | Connected | Allowed | Allowed | 8.8K | Low |
| lumi.italia | Expired | Allowed | Allowed | 15.4K | Medium | |
| lumi.over50 | Expired | Allowed | Allowed | 3.2K | Medium | |
| @mamme.sonno | Not Connected | Blocked | Blocked | 22.1K | Medium | |
| Tiktok | @notticalme | Not Connected | Blocked | Blocked | 6.4K | Medium |
| Youtube | @lumisleeplab | Not Connected | Blocked | Blocked | 4.1K | Medium |
| lumibedtime | Not Connected | Blocked | Blocked | 9.7K | Medium |
RBAC Matrix
Role-to-capability map enforced in the API and mirrored in the UI
| Role | Strategy.Write | Content.Generate | Asset.Approve | Publishing.Execute | Ads.Launch | Budget.Spend | MCP.Execute | Emergency.Toggle |
|---|---|---|---|---|---|---|---|---|
| Owner | ||||||||
| Admin | ||||||||
| Strategist | ||||||||
| Creator | ||||||||
| Media Buyer | ||||||||
| Approver | ||||||||
| Analyst | ||||||||
| Viewer |
Owner and admin hold all 21 permissions; every other role is least-privilege.