User Guide
Operate the Atom Next UI — tenants, identities, access control, authorization, audit, and developer tools.
This guide is for operators and administrators who manage Atom through Atom Next, the web UI shipped alongside the Atom backend. It complements the rest of this documentation site, which focuses on the GraphQL API and the underlying access model — this guide focuses on the screens, dialogs, and buttons you click.
The UI is reachable at http://localhost:3005 in a default make up stack, and signs in
with the same admin credentials as the API (admin / 12345678 in a fresh dev environment).
How this guide is organized
Start with the Quick Start if you are new to Atom — it walks
through a complete access-control scenario end to end, from creating a tenant to seeing an
allow and a deny decision in the Authorization debugger.
After that, each page documents one section of the left sidebar in detail: every field on every form, every row action, and every tab in every detail view.
Quick Start
Create a tenant, two entities, a resource, and see your first authorization decision.
Dashboard
The control plane overview screen and its summary tiles.
Tenants
Top-level boundaries for entities, resources, groups, roles, and assignments.
Entities
Humans, devices, services, workloads, and applications, plus their credentials.
Profiles
Schema-backed templates that shape entity creation forms.
Groups
Object groups and principal groups.
Resources
Protected objects evaluated by the PDP.
Actions
The action catalog, action applicability, and assignment guardrails.
Permission Blocks
Reusable scope, effect, action, and condition sets.
Roles
Named collections of permission blocks.
Direct Policies
Advanced subject-to-permission-block grants.
Authorization
The authorization debugger — explain any allow or deny decision.
Audit
Immutable log of identity and authorization activity, with CSV export.
Operations
System health and signing key rotation.
Developer Tools
The API Builder (custom endpoints) and the GraphQL Playground.
Account
Profile settings, password, theme, and personal access tokens.
Conventions used in this guide
- Bold text names a UI label, field, button, or tab exactly as it appears on screen.
Codetext is a value you type, a URL path, or a raw field value.- Screenshots are captured in the light theme; use the account menu's Theme switcher (see Account) if your instance is in dark mode.
- Row actions (Inspect, Edit, Disable, Delete, and similar) appear at the end of each table row and are described once per page rather than repeated per screenshot.