Admin handbook

Everything a company Admin needs to run Smart Maintenance Task Manager for their organisation.

This handbook is for the Admin role

If you're not sure what role you have, open your profile in the web portal (avatar → Profile) or ask Pegotec support.

What you'll do with the platform

As an Admin, you own your company's tenant. You control who has access, what they can do, and the master data that everyone else depends on. You're the first escalation point for everyone else in your company, and the interface to Pegotec support.

Your main responsibilities:

• Manage users and roles — create accounts, assign roles, reset passwords, deactivate leavers.
• Configure company settings — name, logo, timezone, notification preferences, feature flags.
• Maintain master data — thresholds, units, products, tools, repair-request types, shutdown reasons.
• Approve tasks — shared with Supervisors, but ultimately your authority.
• Manage NFC tag lifecycle — register, deactivate, audit.
• Set up integrations — webhooks, email configuration, mobile pairing codes.
• Monitor the audit log — for compliance, incident investigation, and spotting misuse.
• Coordinate with Pegotec support for platform-level issues.

Your primary app

The web portal. Admins can also execute tasks on mobile if they want to, but almost all admin work happens in the browser.

Initial setup checklist

If you're setting up a brand-new installation, work through this order. Each step unblocks the next.

1. Confirm the installation is healthy

• Sign in to the web portal.
• Check the version in the footer.
• Open the Dashboard — it should load without errors.
• Confirm your account has the Admin role (Profile → Roles).

2. Set company information

Settings → Company:

• Company name (as it appears in email notifications, reports, the portal header).
• Logo (optional — PNG / SVG, shows in the portal header and printable reports).
• Timezone — critical. Gets used for all report date boundaries, schedule recurrences, and notification timing.
• Default language — for new users (individuals can override).

3. Invite the Mapper

The mapper builds the asset hierarchy, without which nothing else works. Invite them first.

1. Users → New user.
2. Name, email, username, password (or use the "send password reset email" option).
3. Assign the Mapper role.
4. Save.

The user receives an account-created email and can sign in immediately.

4. Invite Supervisors, Managers, Technicians

Add the rest of the team. Don't rush — each user should land in a system that already has enough data to be useful.

• Supervisors first (they'll be assigning work).
• Managers next (they'll be watching reports).
• Technicians last (they'll be executing tasks the mapper and supervisor have set up).

5. Review master data

Master data comes pre-seeded with generic defaults. You almost always need to tailor it to your industry:

• Units — keep or add whatever your plant uses (bar, psi, gpm, l/min, °C, °F). Set conversion factors if you use multiple compatible units.
• Products — replace the placeholder list with your actual lubrication and consumable catalogue.
• Tools — add the specific tools your technicians use.
• Thresholds — define min/max for the most common measurements. These don't need to be exhaustive — they gate form highlighting, not submission.
• Repair request types — what categories of failure do your technicians report?
• Shutdown reasons — what are the common causes of a line stop?

See Master data (web portal).

6. Configure safety procedures

Work with the Mapper (and your safety officer) to define the acknowledgement workflows that gate certain tasks. See Safety procedures (web portal).

7. Configure notifications

Settings → Notifications (if your installation has this page) or per-user Profile → Notifications:

• Enable / disable email delivery for task events.
• Set the weekly report email time and recipients.
• Configure escalation rules (who gets notified when a shutdown is reported).

8. Provision mobile devices

For each device that will use the mobile app:

1. Open Mobile Setup (or Settings → Mobile pairing).
2. Generate a QR code.
3. Scan it from the device. See Pairing and setup (mobile).

9. Set up webhooks (optional)

If other systems need to react to events in the platform (an SAP integration, a Slack feed, a custom BI pipeline):

• Settings → Webhooks → New webhook.
• Pick the URL, the events, the authentication.
• Test-fire with the Send test event button.

10. Verify end-to-end

Have a mapper create one asset and one task. Have a supervisor assign it. Have a technician execute it on mobile. Have the supervisor approve. Confirm the approval appears in reports. If every step works, the installation is truly ready.

Ongoing Admin work

Once the installation is running, your work is mostly maintenance:

Weekly

• Review new user requests (new hires, contractors, auditors).
• Clear lingering user deactivations (people who've left).
• Check the audit log for anything unusual.
• Review the weekly report.

Monthly

• Reconcile user counts against your organisation's current roster.
• Rotate webhook secrets if your internal security policy requires it.
• Review threshold values against actual measurement history — tighten thresholds where data has stabilised, loosen where they're generating false warnings.
• Review repair request trends with your Managers.

Ad-hoc

• Password resets (triggered from Users → (user) → Reset password).
• Role changes (promotions, reassignments).
• Tag / asset cleanup (deactivate decommissioned equipment).
• Respond to Pegotec-initiated announcements (release notes, scheduled maintenance).

User management

Creating a user

Users → New user:

Field	Notes
Name	Display name. Shows everywhere — in assignments, reports, audit logs.
Email	Used for password reset, notifications. Must be unique.
Username	Optional alternative sign-in identifier.
Password	Set directly, or send a reset email.
Roles	Pick one or more. The user's effective permissions are the union.
Production site	Optional scoping for multi-site deployments.

Editing a user

Users → (row) → Edit. Change anything except the email address (email change requires a support case to prevent account takeover). Role changes take effect on the user's next token refresh (usually within a minute).

Deactivating vs deleting

• Deactivate when someone leaves temporarily or permanently. Their data stays; they can't sign in. Use this 99% of the time.
• Delete only when a user was created by mistake. Deleting a user with real task history is destructive — task authorship becomes ambiguous.

Resetting a password

Users → (user) → Reset password. The user receives an email with a reset link. The link expires after 24 hours.

Custom roles

The seven built-in roles cover most cases. If you need a custom permission set:

1. Roles → New role.
2. Name the role (descriptive: Contractor Auditor, Safety Officer).
3. Tick the specific permissions you want to grant from the 40+ available.
4. Save.

Start from a copy

Duplicate an existing role as a starting point and tweak from there — faster and more consistent than building from scratch.

See User management (web portal).

Master data — the ongoing curation

Master data isn't "set and forget". As your plant evolves:

• New products come in → add to the Products list.
• New tools arrive → add to the Tools list.
• You realise your thresholds are too loose → tighten them.
• A shutdown reason keeps appearing that isn't in the taxonomy → add it so future reports can categorise it.

Master data drives report quality. The more rigorous your taxonomy, the more useful your reports.

See Master data (web portal).

Approvals (shared with Supervisors)

Admins can approve and reject tasks just like Supervisors. In most organisations, Supervisors do the day-to-day approval and Admins step in when:

• A Supervisor is out.
• A task needs executive sign-off.
• An audit spot-check is warranted.

See Approving tasks (web portal).

The audit log

Every create, update, delete, and assign action leaves a record. The audit log is visible at Settings → Audit log (or similar).

Use it to:

• Investigate "who changed what?" questions.
• Support compliance audits.
• Diagnose confusing data ("this task looks wrong — when was it last edited, by whom?").

The audit log is append-only. You can't edit or delete entries.

Webhooks and integrations

Webhooks let external systems react to platform events. Typical use cases:

• Post completed tasks to a SAP / Maximo / other CMMS.
• Alert Slack / Teams when a Critical repair request is raised.
• Feed a BI pipeline with shutdown events.

Webhook setup: Settings → Webhooks → New webhook. Pick the event types, provide the target URL, optionally sign requests with a shared secret. See [Webhooks] in Companies (web portal).

What you can do that Supervisors and Mappers can't

• Edit company-wide settings (settings.edit).
• Create or edit custom roles (Mapper can only create users and assign existing roles).
• Configure webhooks and integrations.
• Manage the audit log retention.

Tenant isolation

Every company in the platform is its own tenant — a scoped, isolated slice of the data. A few things follow from this:

• You only see your own company's data. Hierarchy, tasks, users, reports, settings — all filtered to your tenant at the server. There's no "accidentally see another customer's data" path.
• Exports are scoped too. A CSV or XLSX export you generate only contains data from your tenant.
• User emails can be reused across tenants. Two different companies can have a user with email alice@example.com — they're separate accounts.
• Only PegotecUsers can cross tenants. The PegotecUser role (Pegotec operations staff) can switch between tenants via the company-switcher dropdown in the header. No other role has this.
• Audit log is per-tenant. Your activity log shows only actions on your tenant's data.

Why this matters for you as Admin: when you manage users, masters data, or settings, you're configuring your company only. You can't affect another customer's installation, even accidentally. If something goes wrong platform-wide, it's a Pegotec support issue — not something you can fix from Admin.

What you can't do

• Manage other companies (PegotecUser only).
• Switch between companies (PegotecUser only).

For a full matrix see Permissions matrix.

Things to watch for

Don't delete the last Admin

If you delete or deactivate the only user with the Admin role, nobody in your company can manage users anymore. You'll need Pegotec support to intervene. Always have at least two active Admins.

Use a shared support mailbox

Register at least one Admin account to a shared mailbox (e.g. maintenance-ops@...). Personal accounts rotate when people leave; shared mailboxes don't.

Master data is global within the company

When you delete a unit, product, or tool that's referenced by a task, the reference becomes dangling. The platform usually prevents deletion in these cases, but check carefully before bulk-removing master data.

Troubleshooting

Problem	See
New user can't sign in	I can't log in
Mobile devices can't pair	Pairing and setup
Reports look empty or wrong	Check date range, company filter, and that tasks are being approved
Notifications aren't arriving	Check Notifications reference and per-user preferences
A user has permissions they shouldn't	Check Users → (user) → Roles — they may be assigned multiple roles
A feature is missing that you expect	It may be behind a feature flag — ask Pegotec support

Related topics

• Configuration options (reference) — cross-cutting setup decisions in one place.
• User management (web portal)
• Companies (web portal) — for multi-company organisations.
• Master data (web portal)
• Profile and settings (web portal)
• Approving tasks (web portal)
• Safety procedures (web portal)
• Permissions matrix
• Notifications reference
• Contact support