> ## Documentation Index
> Fetch the complete documentation index at: https://docs.blindcast.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Admin Dashboard

> Built-in browser UI for managing BlindCast Server — setup wizard, content management, API key management, and server info.

The BlindCast Server includes a React admin dashboard served at `/admin`. It provides a browser-based interface for all management operations.

## Accessing the dashboard

```
http://localhost:4100/admin
```

<Warning>
  The admin dashboard serves static files without authentication. In production, protect `/admin` with a reverse proxy. See [Reverse Proxy](/server/reverse-proxy).
</Warning>

The dashboard is a single-page application (SPA) built with React and Tailwind CSS. It communicates with the server's REST API using the API key stored in your browser's `localStorage`.

## First-launch setup

On first visit (when no API keys exist), the dashboard shows a setup wizard:

1. Click **"Create Admin Key"**
2. The server creates an `admin`-scope API key via `POST /api/v1/setup`
3. The raw key is displayed — copy and save it
4. The key is stored in `localStorage` for future dashboard requests
5. You're redirected to the content list

<Warning>
  The setup wizard only works once. If you lose the key, you'll need to use the `ADMIN_API_KEY` environment variable or connect directly to Postgres.
</Warning>

## Pages

### Content

The main content list shows all registered content with:

* Name, ID, and status (`active` / `disabled`)
* Storage key and manifest key
* Created and updated timestamps
* Quick actions (view details, delete)

Click a content item to see its detail page with:

* Full metadata
* Presign endpoint URL
* Key derivation endpoint URL
* Edit and delete controls

### API Keys

Manage API keys from the browser:

* View all keys with prefix, scope, and last-used timestamp
* Create new keys with name, scope, and optional expiry
* Revoke keys with one click

### Settings

Displays server information:

* Server URL
* Version number

Includes a **"Clear API Key & Logout"** button to remove the stored key from `localStorage`.

## Authentication

The dashboard stores the API key in `localStorage` under the key `blindcast_api_key`. All API requests include it as a Bearer token:

```
Authorization: Bearer bk_your_key_here
```

To switch keys, use Settings > "Clear API Key & Logout", then enter the new key.

## Next steps

* [Content API](/server/content-api) — REST API reference for programmatic access
* [API Keys](/server/api-keys) — key management reference
* [Docker Setup](/server/docker) — deployment configuration
