When this applies: you’re an admin (owner / admin role) on a ByteSpike org, and you need to grant employees model access, monitor usage and balance, or handle abuse or model-availability incidents. This is the companion piece to Employee onboarding — that one tells employees “how to use it”, this one tells admins “how to run it”.
1. Three surfaces at a glance
ByteSpike currently lives on 2 domains + 1 sub-path:| Domain / path | Primary audience | When you (admin) use it |
|---|---|---|
| llm.bytespike.ai/admin | Platform backend | Main entry point right now — user management, available models, model groups, audit logs |
| console.bytespike.ai | User-tier view | View your own keys / usage / billing, enterprise dashboard, hand out keys to employees |
Eventually
admin.bytespike.ai will be split out as its own subdomain (cleanly separate from the user-facing console). Right now the admin backend still lives under the llm.bytespike.ai/admin path, sharing the hostname with the inference gateway. This document uniformly refers to llm.bytespike.ai/admin — once migration is done we’ll update.2. Grant employees model permissions (core operations action)
When a new employee joins, 0 models are usable by default. You need to grant them.- Path 1 · Bulk config (recommended)
- Path 2 · Single-employee grant
Grant the same permissions to multiple employees at once — most common.
Multi-select employees
Tick the target employees (select all is fine) → top button Bulk assign model groups
Tick the 11 public groups
The dialog defaults to all 11 public model groups ticked. To limit (e.g. only Claude + GPT, no image), untick as needed.
Public groups don’t need to be written into the
user_allowed_groups table — the backend uses User.CanBindGroup(_, is_exclusive=false)=true and waves them through. So even if the admin UI shows an employee’s permissions as “unassigned”, every public group is still callable. Exclusive groups are the ones that need explicit grant rows in the table.3. Usage monitoring + balance alerts
Daily usage dashboard
llm.bytespike.ai/admin → Usage → group by day / model / api_key / user across multiple dimensions. CSV export available.
Overview (dashboard)
llm.bytespike.ai/admin → Overview → today’s total usage, tier breakdown, active users, balance trend.
Low-balance alerts
llm.bytespike.ai/admin → Settings → balance_notify → set a threshold (e.g. $50) + recipient email. When the org wallet drops below the threshold, cron sends an email + writes a
system.balance.notify.dispatched notification into the console notification center.Mechanism details at /me/notifications.4. Model permissions (platform layer)
Different from per-employee permissions — this governs “which models the ByteSpike platform itself can call”.Model Groups
llm.bytespike.ai/admin → Model Groups — add models to a group, set multiplier (e.g. put a model in a 0.8x discount group), set the exclusive flag (whitelist-only access).
Available models registry
llm.bytespike.ai/admin → Available Models — when a new model is added to the catalog, register it here + associate the model group.
API Keys (your own)
console.bytespike.ai/keys — your own admin test keys. For production keys, employees generate them inside DOSIA, or admin batch-issues them at console.bytespike.ai/org/keys.
Audit log
llm.bytespike.ai/admin → Audit log — 25+ action types covering every write operation across admin / org / user layers. Each entry carries actor + IP + UA.
5. Top-up and billing
Top up the org wallet
console.bytespike.ai/billing → pick Stripe (visa / mastercard / amex) or Alipay → enter amount → done. The webhook receives
system.payment.received and balance lands instantly.Auto-recharge policy (optional)
On the billing page, Auto-recharge section — set a trigger threshold (e.g. balance below 200). Charges happen automatically via the Stripe saved payment method.
Billing history / export
console.bytespike.ai/billing → Transactions → complete ledger (topup / refund / admin_credit / admin_debit / subscription_renew). Each row has CSV export, meets finance-team requirements.API endpoint at /me/billing/transactions.
6. Emergency response SOP
The full operations troubleshooting (balance crash / model-availability incidents / employee abuse / mistaken revocation + handling employee feedback) lives in troubleshooting · Admin view tab. That page also collects every employee blocker from Employee onboarding, organized by role + scenario in AccordionGroups.What’s next
- Want to distribute a new dmg to employees? See Employee onboarding.
- Want to know how to call user-tier APIs? See API Reference · Account.
- Want the full model catalog + pricing? See bytespike.ai/pricing.