# Administrator Guide This guide is intended for Enterprise Administrators who manage Treasure AI Voice deployments across their organization. It covers authentication, device management, user management, and security features. ## Web Admin Dashboard The Web Admin Dashboard provides centralized management of your organization's Treasure AI Voice deployment. | Region | URL | | --- | --- | | **Japan (AP01)** | [voice-console.ap01.treasure.ai](https://voice-console.ap01.treasure.ai/) | ### Dashboard Menu - [**Devices**](#devices) — View and manage all PLAUD devices and their assigned users. - [**Recordings**](#recordings) — Browse, review, and delete recordings. - [**Audit Logs**](#audit-logs) — View a complete audit trail of all activity. - [**Members**](#members) — Manage users — invite, remove, and assign roles. - [**AI Lens**](#ai-lens-optional) (optional) — AI-powered analytics and insights. - [**Security**](#security) — Configure IP allowlists and network security policies. - [**Export**](#export-optional) (optional) — Stream recordings, transcripts, summaries, and device inventory to your Treasure Data CDP. - [**Legal**](#legal) — Access Treasure Data's Terms of Service, privacy statement, and other legal documents. ## Authentication Treasure AI Voice supports two authentication methods: | Method | Description | | --- | --- | | **Sign in with Google** | Authenticate using your organization's Google Workspace account. | | **Email / Password** | Sign in with credentials provided by your administrator. | ### Supported identity providers Direct integrations with SAML 2.0, Microsoft Entra ID (Azure AD), Okta, and other enterprise identity providers are **not currently supported**. The only built-in social identity provider is Google. For the time being, organizations that gate Google Workspace sign-in through their corporate IdP can use **Sign in with Google** to inherit that gate at authentication time. This only affects **new sign-ins** — it does not terminate active sessions or remove the Treasure AI Voice user record when you deprovision the user upstream. To fully revoke access, an Enterprise Admin must also remove the user from the **Members** page. ## Devices The Devices page (also called **Device Fleet**) provides a real-time overview of all PLAUD devices deployed across your organization. ### Fleet Summary At the top of the page, summary cards display: - **Total Devices**: Total number of devices registered to your organization. - **Active**: Devices that are currently active and operational. - **Locked**: Devices that have been remotely locked by an administrator. - **Low Battery**: Devices reporting low battery levels. ### Device List Devices are grouped by assigned user (name and email). Each device row displays: | Column | Description | | --- | --- | | **Serial** | The unique serial number of the device. | | **Battery** | Current battery level percentage, or "Unreachable" if the device has not synced recently. | | **Last Sync** | How long ago the device last synced with the mobile app. | | **Firmware** | The firmware version currently installed on the device. | | **Status** | Current device status (Active, Locked). | | **Actions** | Lock or unlock the device remotely. | ### Locking a Device If a device is lost or stolen, you can remotely lock it: 1. Navigate to **Devices**. 2. Locate the device by serial number or assigned user. 3. Click the **Lock** button in the Actions column. 4. The device status will change to **Locked**. The action is recorded in the audit log. ## Recordings The Recordings page displays all transcriptions from organization members. Use the search bar to find recordings by user email or name. Each recording row displays: | Column | Description | | --- | --- | | **Meeting** | Recording title and a preview of the transcription content. Click the play button to listen. | | **User** | Name and email of the user who created the recording. | | **Device** | Serial number of the PLAUD device used for the recording. | | **Duration** | Length of the recording. | | **Recorded** | Date and time the recording was captured. | | **Status** | Processing status (e.g., Completed). | | **Actions** | Delete the recording. | ## Audit Logs The Audit Logs page provides a complete audit trail of all activity on the platform. Logs are retained for **7 years**. Each log entry displays: | Column | Description | | --- | --- | | **Device Serial** | Serial number of the related device (if applicable). | | **Event Type** | Type of event — see the [Event Types](#event-types) reference below. | | **Details** | Additional context for the event (if available). | | **Actor** | Email address of the user who performed the action. | | **Timestamp** | When the event occurred. | ### Event Types The audit log tracks the following events, grouped by category: #### Identity & access | Event | Description | | --- | --- | | **User Login** | A user signed in successfully. | | **User Logout** | A user signed out. | | **User Invited** | An Enterprise Admin invited a new user. Details include the invited email and assigned role. | | **User Accepted Invite** | An invited user completed account setup. | | **User Accepted Terms** | A user accepted the in-app Terms of Service. | | **User Deactivated** | A user account was deactivated. | | **User Removed** | A user was removed from the organization. Details include the removed user's email and prior role. | | **Role Changed** | A user's role was updated. | #### Device lifecycle | Event | Description | | --- | --- | | **Device Provisioned** | A device was added to the organization's inventory. Details include the provisioning source and firmware version. | | **Device Assigned** | A device was assigned to a specific user. | | **Device Bound** | A user paired the device with their mobile app. If the device was not previously provisioned, this event also triggers auto-provisioning. | | **Device Unbound** | A device was unbound from a user account. | | **Device Depaired** | A device was forcibly de-paired (for example, by Enterprise Admin action). | | **Device Locked** | A device was remotely locked by an Enterprise Admin. | | **Device Unlocked** | A previously locked device was unlocked. | | **Device Heartbeat** | A device reported its health status. The dashboard only surfaces heartbeat events that include a **low battery** alert. | | **Firmware Updated** | A device's firmware version changed. | #### Recording lifecycle | Event | Description | | --- | --- | | **Recording Created** | A new recording was uploaded and persisted. | | **Recording Transcribed** | Transcription and AI summarization completed successfully. | | **Recording Failed** | Processing failed. Details include the failure reason — for example, `TRANSCRIBE_JOB_FAILED` or `PROCESSING_ERROR`. | | **Recording Deleted** | A recording was deleted from cloud storage. Details include the recording file name. | ## Members The Members page allows you to manage users and team assignments. ### Member List | Column | Description | | --- | --- | | **Name** | Display name of the user. | | **Email** | User's email address. | | **Role** | User role — Regular User or Enterprise Admin. | | **Status** | Account status (Active). | | **Last Login** | Date of the user's most recent login. | | **Actions** | Delete the user (available for Regular Users). | ### Inviting Users 1. Click the **Invite User** button in the top-right corner. 2. Enter the user's email address. 3. Assign a role (Regular User or Enterprise Admin). 4. Copy the invite link displayed in the dashboard and share it with the user directly (for example, via email or messaging). ### Roles | Role | Permissions | | --- | --- | | **Regular User** | Can access only their own recordings and transcripts. | | **Enterprise Admin** | Full organizational access — manage devices, members, recordings, security settings, and audit logs via the Web Admin Dashboard. | Note Enterprise Admin accounts cannot be deleted from the Members page. ## AI Lens (optional) AI Lens allows administrators to ask natural language questions about their organization's meeting data, devices, and activity. Type a question in the text field — for example, "What were the key decisions from last week?" — and click **Ask AI**. AI Lens analyzes your organization's recordings and returns an executive summary with insights. The analysis scope is displayed below the search field (e.g., "Analyzed: 75 recordings, 11 users, 15 devices, 500 events (last 30 days)"). Click **Configure** in the top-right corner to adjust analysis settings. ## Security Preview The Security page is rolling out progressively and may not yet be visible in your organization's dashboard. If you'd like early access, please contact your Treasure Data representative. The Security page allows administrators to configure network security policies. ### IP Allowlist When enabled, only requests from listed IP ranges can access the application. 1. Navigate to **Security** in the sidebar. 2. Toggle the **IP Allowlist** switch to enable it. 3. Enter an IP address or CIDR range (e.g., `10.0.0.0/8`) and a label (e.g., "Tokyo HQ"). 4. Click **+ Add** to add the entry. 5. Click **Save** to apply the changes. Caution Ensure your current IP address is included in the allowlist before enabling this feature, or you may lock yourself out of the dashboard. For detailed information on security certifications, compliance standards, and data protection practices, visit the [Trust Center](https://trust.treasuredata.com/). ## Export (optional) The Export page lets administrators stream their organization's recordings, transcripts, AI summaries, and device inventory into their own Treasure Data CDP database, where it can be joined with the rest of your customer data for analytics, segmentation, and activation. For setup, the exported table schemas, and querying guidance, see [Treasure Data CDP Integration](/products/ai-voice/cdp-integration). ## Legal The Legal page provides direct links to Treasure Data's legal documents that govern the use of Treasure AI Voice: - **Terms of Service** - **Voice Supplemental Terms** - **AI Terms** - **AI Acceptable Use Policy** - **Privacy Statement** Each link opens the current version of the document on the Treasure Data website.