Before starting

The administrator accesses the CryptPeer system directly from their web browser.

  1. Open the computer's browser (e.g. Chrome, Edge, Firefox).
  2. Enter the official CryptPeer connection link: https://cryptpeer-------
  3. Log in with administrator credentials.

Dual-Use Doctrine

No additional software is required. CryptPeer runs entirely in the browser, in a secure HTTPS environment, under the exclusive control of the licensee.

Home and general interface

Upon login, the administrator accesses the CryptPeer home page, which displays all main system features:

  • Messages: access private or group conversations;
  • Search: find and connect with other users;
  • Create: start new conversations or groups;
  • Admin panels: section reserved for system management.
CryptPeer home page — Sidebar with Admin icon (3), Messages, Search, Create and Admin panels
CryptPeer home page — Admin icon shows number of pending requests (3)

Good to know

The administrator dashboard is only accessible to accounts with the Admin role. It allows managing users, categories and permissions without ever accessing the content of encrypted communications.

Administrator role

The administrator ensures the integrity and internal consistency of the CryptPeer system. Their role is not technical: they validate, organize and supervise user identities and categories.

In CryptPeer, no external intervention is possible: all control belongs to the instance administrator.

Security and administrator role limits

The administrator never has access to cleartext data: encryption is performed upstream from CryptPeer users' terminals. Communications therefore always remain encrypted. Even if the administrator's credentials are compromised, the attacker will only have access to the functions available to administration — no exchange content.

Furthermore, the administrator is not authorized to delete accounts without super administrator approval. This rule further limits the damage potential of a compromised administrator.

Accessing the admin panel

By clicking « Admin », the administrator opens the admin panel. It consists of several tabs:

  • Users – activate or deactivate accounts; account deletion reserved for the super administrator;
  • Categories – create or manage user groups;
  • Direct contacts – manage validated relationships;
  • Requests – view pending registrations;
  • Logs – track local administrative actions;
  • Database and Storage – non-technical supervision of internal activity.

When a new user registers, their request is visible in the « Users » tab and their status appears as « Inactive ».

The language selector (FR, EN, ES, CA) at the top right allows changing the admin panel display language.

Panneau d'administration — Onglet Utilisateurs avec liste des comptes, statut Actif/Inactif, catégories et actions
Admin panel — Users tab

Registration request management

When a new user registers, a validation request notification appears in the dashboard.

Management is done in the admin panel by clicking the « Requests » tab. The number displayed in the top bar (e.g. Requests (3)) indicates the number of registrations pending action. This page allows the administrator to:

  • view the list of users who requested access;
  • verify their information: name, email address, registration date and reason for registration;
  • approve or reject each request according to the organization's internal policy.

Step 1 — Review the request

In the left sidebar, the Admin icon shows the number of pending requests. The number (3) indicates for example that three user account requests need to be reviewed. Each card shows the main information:

  • Name or identifier;
  • Email address;
  • Registration date;
  • Reason for registration (visible via the View registration reason link).

This verification ensures that only authorized users are granted access to the CryptPeer system.

Examiner une demande d'inscription — Informations de la fiche utilisateur
Step 1 — Review the request
Onglet Demandes d'inscription — Liste des inscriptions en attente avec Valider et Rejeter
Registration requests — View, approve or reject each request

Étape 2 — Valider ou rejeter la demande

  • Valider : Cliquer sur le bouton « Valider » ou « Activer » pour approuver la demande. → Le compte est immédiatement activé et passe automatiquement en statut Actif.
  • Rejeter : Cliquer sur « Rejeter » pour refuser la demande. → L'inscription est annulée et l'utilisateur apparaît dans l'onglet « Utilisateurs rejetés ».
Fiche utilisateur Inactif — Bouton Activer et icône Voir le motif d'inscription
Pending request — Inactive status, Activate button
Fiche utilisateur Actif — Statut Actif après validation
Compte validé — Statut Actif

Traceability

Each action is automatically recorded in the « Logs » section, with the date, time and identity of the administrator who performed the operation to maintain a verifiable trace of operations. No third party or external service is involved in this process.

Creating and managing categories

Categories are an internal structuring and organization tool. They allow the administrator to group users by role, department or sensitivity level of their communications.

Categories are completely invisible to users who do not know which category(ies) they belong to. Only the administrator can view, create, modify or assign members to them.

Purpose of categories

Categories allow:

  • grouping users by function or mission;
  • facilitating management of internal exchange rights;
  • maintaining a clear, hierarchical view of members for the administrator.

Categories have no impact on encryption or communication rights: they serve only for governance and administrative readability of the CryptPeer system.

The "default" category

From account creation, all new users belong without exception to the « default » category. This category serves as a welcome:

  • It brings together all registered users, including those assigned to other categories;
  • it allows them to see only the « admin » account;
  • they can thus address their questions or requests directly to the administrator, while waiting to be placed in one or more categories suited to their role.

When a user is added to one or more other categories, they remain a member of the « default » category. It acts as a minimal access channel, ensuring continuity of the link between users and the administrator.

This configuration ensures minimal, secure and controlled initial communication: no user can see another member until they have been integrated into an authorized category.

Admin panel — Categories tab with category list and Create category button
Admin panel — Categories tab

Available actions

From the Categories tab, the administrator can:

  • Create a new category (examples: « Management », « Project team », « Support »…);
  • Assign one or more users to one or more categories;
  • View the list of categories and their internal descriptions;
  • Modify the description of an existing category;
  • Archive or delete an obsolete category.

Attention

Once created, a category name cannot be modified. This rule ensures stability and traceability of the internal structure.

Each category includes:

  • a readable name,
  • an internal description,
  • a unique visibility scope, reserved for the administrator.

Categories are an internal organization tool: they do not change the security structure, but ensure clear, segmented and sovereign governance of users.

Direct contacts management

The « Direct contacts » tab allows the administrator to establish, in a targeted manner, a bilateral communication connection between two users, without going through a category.

This feature is used when it is necessary to allow a one-off or individual exchange, while maintaining the organizational isolation provided by the category structure.

Liste des utilisateurs avec bouton Gérer les contacts
User list — Manage direct contacts
Utilisateur avec contacts directs assignés — Compte test 1 avec Compte test 2 et Compte test 3
Assigned direct contacts — Main user can exchange with designated contacts
Schéma : Utilisateur principal communique avec ses contacts directs ; les contacts directs ne communiquent pas entre eux
Direct contacts diagram — Direct contacts cannot see each other

Purpose of direct contacts

Direct contacts are a complementary mechanism to categories. They allow the administrator to:

  • create a restricted communication channel between two specific users;
  • respond to an individual exchange need, without modifying the category structure;
  • maintain complete traceability of granted authorizations.

This function meets controlled bilateral communication needs: no other user is aware of these links nor has access to them.

How it works

  1. The administrator selects a main user.
  2. They assign them one or more « direct contacts ».
  3. The link thus created allows only this main user to exchange with the designated contacts.

Direct contacts cannot see each other and cannot communicate with each other. Only the channel defined by the administrator is active.

Use case examples

  • Allow a manager to communicate individually with several collaborators, without them being able to exchange with each other.
  • Create a temporary liaison channel between two specific interlocutors, without creating an additional category.

This approach maintains organizational discretion while ensuring strict control of communication flows.

Supervision and traceability

The administrator can, from this tab:

  • view the active links of each user;
  • add or remove a direct contact;
  • delete at any time a bilateral link that has become unnecessary.

All modifications are automatically recorded in the « Logs » with the date, time and identity of the administrator who performed the action.

Logs and traceability of administrative actions

The « Logs » tab of the admin panel automatically records all operations performed by administrators. This mechanism ensures complete, timestamped and sovereign traceability of all actions affecting system management.

Admin panel — Logs tab with chronological list of administrative actions
Admin panel — Logs tab

Purpose of logs

Logs constitute the internal memory of the CryptPeer system. They ensure:

  • transparency of administrative activity;
  • traceability of decisions made by each administrator;
  • verifiability of operations in case of audit or internal control.

Data sovereignty

Logs are local and inaccessible to any third party. No data is transmitted outside the system or to the publisher.

Recorded data

Each administrative action is automatically recorded with:

  • the exact date and time of the operation;
  • the name of the administrator who performed the action;
  • the nature of the action (e.g. account validation, registration rejection, category creation or deletion, direct contact assignment or removal, user deactivation, etc.).

Each log entry is immutable and non-modifiable, ensuring the reliability and integrity of administrative traces.

Consultation and supervision

From this tab, the administrator (or main manager) can:

  • browse the chronological list of recent actions;
  • filter logs by event type or user;
  • export or archive logs for internal audit, if the organization's policy provides for it.

Logs are a sovereign governance tool: they ensure responsibility and compliance of operations, according to applicable jurisdiction.

Strategic role of logs

Logs are not a surveillance device, but an internal control and responsibility mechanism. They allow the administrator to:

  • demonstrate compliance with their use of the system;
  • strengthen internal trust;
  • prove, if necessary, that no unauthorized action has been performed.

Sovereignty by Design

This principle is part of CryptPeer's Sovereignty by Design doctrine: the entirety of control, proof and responsibility belongs to the licensee, with no possibility of unilateral access by a third party.

Database

The « Database » tab of the admin panel provides non-technical supervision of the CryptPeer system's internal entities. The administrator can view the main tables (users, messages, groups, categories, conversations, sessions, etc.) without technical intervention on the structure.

This view allows verification of data consistency, searching for specific entries and monitoring the instance's internal activity. The database remains under the exclusive control of the licensee, hosted on their infrastructure.

Admin panel — Database tab with view of entities (users, messages, groups, etc.)
Admin panel — Database tab

Storage

The « Storage » tab makes CryptPeer a full-featured admin panel that handles granular management of stored data, storage rights and limits, file types, as well as physical storage (SSD/HD) management.

Admin panel — Storage tab: disk usage, upload folder, upload restrictions
Admin panel — Storage tab (overview)

Disk usage

The « Disk usage » section displays a visual and numerical summary of the physical storage (SSD/HD) allocated to the CryptPeer instance:

  • Total — total available disk space;
  • Used — currently occupied space;
  • Available — remaining space.

A circular indicator and progress bar provide a quick view of the usage rate. This supervision helps the administrator anticipate capacity needs and plan hardware upgrades.

Upload folder

The « Upload folder » section manages the directory dedicated to files transferred by users. It displays:

  • total folder size;
  • percentage of disk usage;
  • server path (e.g. /root/Cryptpeer/static/uploads).

Two buttons enable granular management:

  • Configure limits — set a maximum folder size (in GB) and an automatic deletion percentage for the oldest files when the limit is reached;
  • Manage files — view the file list, sort by date, type or size, and delete files individually.
Configure folder limits — maximum size (GB), automatic deletion percentage
Configure upload folder limits
Manage files — file list with sorting and delete actions
Manage upload folder files

Upload restrictions

The « Upload restrictions » section controls what users can send:

  • Activate restrictions — check the box to apply the configured rules;
  • Maximum size (MB) — limit the size of uploaded files (leave empty for no limit);
  • Blocked types — select file extensions to block (videos, photos, documents, etc.). Selected types are blocked; non-selected types remain allowed.

The proposed categories include: videos (mp4, mkv, avi, mov…), photos (jpg, png, gif, webp…), files (pdf, doc, docx, xls, txt…). Custom types can be added.

Upload restrictions — maximum size, blocked file types
Upload restrictions — types and size configuration

Good to know

The « Refresh » button at the top right of the panel updates storage statistics and displayed lists after a modification.