Synthetic Care Home 001
Only hosted synthetic review scope. No real home records.
Access-protected synthetic preview
InView Operator Console
Current section: Dashboard
Internal setup, support, and evidence console for Synthetic Care Home 001. Not production.
Seeded synthetic
Not production
Access-protected
Backend not checked
Dashboard
Operator readiness summary
Selected synthetic home, setup/support status, evidence readiness, blockers, and next operator action.
Setup status
Load the operator view to check synthetic checklist, device/enrolment posture, and blockers.
Identity/access status
Microsoft Entra evidence is status-only; no runtime auth or private auth/config values.
Next operator action
Review Onboarding, Devices & Enrolment, then Evidence & Compliance before owner visual review notes.
Home setup
Devices
Identity
Evidence
Blockers
Load the operator view to show synthetic setup/support state.
Homes
Home list and deployment status
Home list, home profile, sites/units, owner/contact placeholder, and deployment status.
Load operator view to show Synthetic Care Home 001.
- Home profile
- Not loaded
- Deployment status
- Not loaded
- Support status
- Not loaded
- Residents
- Not loaded
- Staff
- Not loaded
- Owner/contact
- Placeholder only
- Production data
- Not loaded
- Classification
- Not loaded
Onboarding
Home setup checklist
Home setup, staff onboarding, resident onboarding, devices readiness, data import future-state, and go/no-go checklist.
Load operator view to show setup checklist items.
Load operator view to show canonical synthetic staff and resident roster.
Staff onboarding
Placement only; no real user creation, invite, credential setup, or session workflow.
Resident onboarding
Placement only; no real resident data entry or import.
Data import future-state
Coming later. No production database or persistence.
Go/no-go checklist
Owner review and no-real-data gates remain required before any broader testing.
Devices & Enrolment
iPads, enrolment challenges, and revocation future-state
Device readiness and enrolment placement without QR/email-code runtime or real device binding.
Load operator view to show seeded synthetic iPad rows.
Fake enrolment-code actions have not run.
Refresh fake codes to show local fake enrolment-code records.
Enrolment challenges - future implementation
Contract status: not implemented. Accepted future payload: opaque one-time challenge reference only. No raw challenge secret, QR payload, email code, token, session, cookie, raw device ID, or real binding is shown.
- Route family
- route_family: device_enrolment
- Contract status
- contract_status: not_implemented
- QR scanning
- QR scanning: not implemented
- QR generation
- QR generation: not implemented
- Camera permission
- camera_permission: not requested
- Email confirmation
- email_code_confirmation: not implemented
- Accepted payload
- accepted_payload: opaque one-time challenge reference only
- Production routing
- production_routing: unavailable
- Synthetic contract
- synthetic_contract_only: true
- QR/email-code future-state
- not implemented
- Device binding
- device_binding_runtime: not implemented
- Revocation
- revocation: future contract only
- Lost device procedure
- stop/revoke workflow placeholder only
- Rejected payloads
- rejected_payloads: home email + password, tokens, sessions, cookies, QR secrets, raw device IDs, production-domain URLs
Support
Support queue and home support status
Display-only support queue, revocation requests, suspend-home future-state, and force re-auth future-state.
These controls do not revoke devices, suspend homes, force re-auth, create audit records, or change any real state.
Load operator view to show future support control status.
Synthetic support action log
action_log_mode: synthetic_noop. Display-only summaries for fake enrolment-code create/revoke and fake audit envelope validation. Persistence: none.
No real support state change
No raw payloads, no real care save, no real device binding, no revocation runtime, no audit-store write, no database write, and no file write.
Identity & Access
Microsoft Entra readiness status
Microsoft Entra setup status, app roles, synthetic users/groups, runtime auth readiness, and session/revocation future-state.
Microsoft Entra setup status
Sandbox setup exists outside repo with redacted evidence only. No tenant IDs, client IDs, provider IDs, redirects, or private auth/config values are committed.
App roles
Safe role categories only: care staff, care manager, and operator. No app role IDs.
Synthetic users/groups
Status-only evidence; no real users and no raw claim values.
Runtime auth readiness
Future implementation remains blocked. No Microsoft runtime auth, sessions, cookies, auth-header handling, or provider assertion parsing.
Data & Sync
Local synthetic data posture
Local synthetic persistence, sync state, audit state, database future-state, and production persistence blockers.
Local synthetic persistence
Validator evidence only; no production database, migrations, credentials, or persistence.
Sync state
Synthetic/local state only; no production sync or iPad production routing.
Audit state
Synthetic audit shape only; no production audit store.
Production persistence blockers
Real auth, tenant isolation, audit storage, governance, backup/restore, and retention/deletion remain blocked.
Evidence & Compliance
Readiness gates and evidence map
Evidence register, readiness gates, visual evidence, external synthetic access status, and compliance claim blockers.
Evidence register
Docs and validators track synthetic readiness evidence only.
Readiness gates
Owner go/no-go, visual evidence, Access, auth, persistence, and real-data gates remain separate.
External synthetic access
Access-protected owner/developer review only; no public access or real care-home users.
Compliance claim blockers
No DSPT, DSCR, ISO, Cyber Essentials, UK GDPR operational, clinical safety, production, or compliance claim is made.
Platform Settings
Environments and hosting status
Environments, Cloudflare Pages/Access status, staging API status, domains future-state, and feature flags future-state.
Environments
Local, Access-protected hosted synthetic preview, and future production remain separate.
Cloudflare Pages / Access
Hosted apps remain behind manually configured Access. No Access policy change here.
Staging API
Protected staging API remains a separate approved target; this task does not change Worker routing.
Domains and feature flags
Future-state placeholders only. No DNS, custom-domain, or feature-flag changes.
Safety
Synthetic-only boundary and stop rules
Detailed warnings live here so the operator workflow can stay product-like.
- No real care-home, resident, staff, device, or care data is present.
- No real enrolment, QR generation, email-code runtime, auth, roles, persistence, support action, session handling, or device binding is implemented.
- No production operator action, production API, real support access, external participant access, public access, or compliance claim.
- External access rules remain owner/developer-only behind Cloudflare Access unless a separate gate approves otherwise.
- Stop review if real data appears, Access can be bypassed, private values appear, or production/compliance wording appears.
- Access protects this hosted synthetic preview; it is not product authentication.