Shielda Admin Manual

Part 1: Client Admin Settings (for tenant admins) Part 2: Platform Admin Panel (for Shielda super admins) Last Updated: 2026-04-03

---

Part 1: Client Admin Settings

For organization admins managing their own tenant settings

---

Organization Settings

Go to Dashboard → Settings to configure your organization.

General Settings

Setting Description Default Organization Name Display name in the dashboard Set at signup Slug Subdomain identifier (e.g., acme in acme.shielda.io) Auto-generated Custom Instructions AI behavior guidance (see Custom Instructions section) Empty LLM API Keys BYOK keys for Anthropic/OpenAI Not set

Notification Settings

Configure under Settings → Notifications:

Setting Field Default Alert Email alertEmail — email for critical notifications Not set Email Alerts Enabled notifEmail — master toggle for email notifications true Critical Finding Alerts alertCritical — email on new critical findings true Agent Offline Alerts alertOffline — email when agents go offline true Contract Alerts alertContract — email on contract events false Slack Webhook URL slackWebhook — Slack incoming webhook for notifications Not set Slack Channel slackChannel — channel override security-alerts

Default Email Method

Email is the default notification channel. When alertEmail is configured: Critical events are always emailed (scan failures, agent errors, IDOR confirmations) Category-specific alerts follow the per-category toggles above Emails are sent via SMTP or HTTP mail API (configured by Shielda admins) No email provider setup needed from the client side

Setting Up Slack Notifications

Create a Slack app in your workspace (or use an existing one) Add an Incoming Webhook integration Copy the webhook URL Paste into Settings → Slack Webhook URL Optionally set a specific channel (default: security-alerts)

The webhook URL is encrypted with AES-256-GCM before storage.

---

Team Management

Go to Dashboard → Team.

Roles & Permissions

Role Dashboard Findings Scans Settings Team Billing Admin ✅ Full ✅ CRUD ✅ Trigger ✅ Edit ✅ Manage ✅ Manage Member ✅ Full ✅ CRUD ✅ Trigger 👁 View 👁 View ❌ Viewer 👁 View 👁 View 👁 View ❌ ❌ ❌

Inviting Members

Click Invite Member Enter email address Select role (Admin, Member, or Viewer) Click Send Invite Invitee receives email with login link On first login, they're added to your org with the assigned role

Managing Existing Members

Change Role: Click member → Edit → Select new role → Save Remove Member: Click member → Remove → Confirm View Activity: Check the Audit Log for member actions

---

Integrations

Go to Dashboard → Integrations to connect external services.

Available Integrations

Integration Purpose Setup GitHub Repository access, PR creation for auto-fixes OAuth — click Connect → authorize GitLab Repository access, MR creation (supports self-hosted via GITLABBASEURL) OAuth — click Connect → authorize Bitbucket Repository access, PR creation OAuth — click Connect → authorize Slack Rich notifications to channels OAuth — click Connect → authorize workspace Jira Create tickets from findings OAuth (3LO) — click Connect → authorize

Integration Flow

Go to Integrations page Click Connect on the desired integration You'll be redirected to the provider's OAuth consent screen Authorize Shielda You'll be redirected back — integration shows as Connected

All OAuth tokens are encrypted with AES-256-GCM before storage.

Custom Integrations

Use the generic integration API for other services:

---

Profile & Security

Go to Dashboard → Profile to manage your account.