From 633cda1a5a1fcf2b9a6ba34ab2a2977d4c63023c Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Wed, 18 Feb 2026 10:57:46 -0800
Subject: [PATCH 01/35] Add Claude Code PM skills

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .../skills/pm/competitive-analysis/SKILL.md   | 69 +++++++++++++++
 .claude/skills/pm/executive-update/SKILL.md   | 60 +++++++++++++
 .../skills/pm/feature-prioritization/SKILL.md | 59 +++++++++++++
 .claude/skills/pm/feedback-analysis/SKILL.md  | 64 ++++++++++++++
 .claude/skills/pm/go-to-market/SKILL.md       | 77 ++++++++++++++++
 .claude/skills/pm/metrics-framework/SKILL.md  | 87 +++++++++++++++++++
 .claude/skills/pm/okr-writer/SKILL.md         | 64 ++++++++++++++
 .claude/skills/pm/prd-generator/SKILL.md      | 82 +++++++++++++++++
 .claude/skills/pm/stakeholder-review/SKILL.md | 61 +++++++++++++
 .claude/skills/pm/user-story/SKILL.md         | 81 +++++++++++++++++
 10 files changed, 704 insertions(+)
 create mode 100644 .claude/skills/pm/competitive-analysis/SKILL.md
 create mode 100644 .claude/skills/pm/executive-update/SKILL.md
 create mode 100644 .claude/skills/pm/feature-prioritization/SKILL.md
 create mode 100644 .claude/skills/pm/feedback-analysis/SKILL.md
 create mode 100644 .claude/skills/pm/go-to-market/SKILL.md
 create mode 100644 .claude/skills/pm/metrics-framework/SKILL.md
 create mode 100644 .claude/skills/pm/okr-writer/SKILL.md
 create mode 100644 .claude/skills/pm/prd-generator/SKILL.md
 create mode 100644 .claude/skills/pm/stakeholder-review/SKILL.md
 create mode 100644 .claude/skills/pm/user-story/SKILL.md

diff --git a/.claude/skills/pm/competitive-analysis/SKILL.md b/.claude/skills/pm/competitive-analysis/SKILL.md
new file mode 100644
index 00000000000..d8c5d22c467
--- /dev/null
+++ b/.claude/skills/pm/competitive-analysis/SKILL.md
@@ -0,0 +1,69 @@
+---
+description: Conduct a competitive analysis using Gibson Biddle's DHM (Delight customers, Hard to copy, Margin-enhancing) framework, with strategic positioning recommendations
+allowed-tools: Read, AskUserQuestion, WebSearch, Task
+argument-hint: "<your product/company and list of competitors, or just the product space>"
+---
+
+Build a comprehensive competitive analysis using Gibson Biddle's DHM framework — researching up to 5 competitors in parallel and synthesizing strategic positioning recommendations.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Define the Competitive Landscape
+
+If competitors aren't specified, ask via `AskUserQuestion`:
+- What product or space are we analyzing?
+- Who are the top 3–5 competitors (direct and adjacent)?
+- What is the primary job-to-be-done we're competing on?
+
+### 2. Research Competitors in Parallel
+
+Use the `Task` tool to spawn parallel `Explore` agents — one per competitor — each tasked with finding:
+- Product positioning and key messaging
+- Pricing model and tiers
+- Key features and differentiators
+- Known strengths and weaknesses (reviews, press, community feedback)
+- Recent product moves (launches, pivots, funding)
+
+Consolidate findings before proceeding.
+
+### 3. DHM Analysis
+
+For each competitor (including your own product), evaluate across the three DHM dimensions:
+
+**Delight (D)**: What features or experiences genuinely delight customers? What do users love about this product?
+
+**Hard to Copy (H)**: What aspects of their product, data network, brand, or business model are difficult for a new entrant to replicate? Rate each: Low / Medium / High defensibility.
+
+**Margin-enhancing (M)**: How does this product structure itself to improve margins over time? (e.g., automation, self-serve, network effects, data flywheel)
+
+### 4. Feature Comparison Matrix
+
+Create a table comparing all competitors across key dimensions relevant to the space. Mark: ✅ (has it), ⚠️ (partial), ❌ (missing), 🔄 (in progress/announced).
+
+### 5. Pricing Comparison
+
+Document each competitor's pricing structure:
+- Free tier (if any)
+- Core paid plan
+- Enterprise pricing signals
+- Pricing model (seat-based, usage-based, flat, hybrid)
+
+Note where your product is priced relative to the field and whether that positioning is strategic or legacy.
+
+### 6. Strategic Recommendations
+
+Synthesize the analysis into actionable recommendations:
+
+**White spaces**: Jobs-to-be-done that no competitor is excelling at — potential areas to own.
+
+**Defensive moves**: Where are competitors gaining ground that threatens your core? What should you protect?
+
+**Positioning sharpening**: Based on the DHM analysis, what is the single most defensible and differentiating position for your product to own?
+
+**Features to not build**: Capabilities where competitors have too much of a head start — better to partner, acquire, or integrate than build.
+
+## Output Format
+
+Structure as a competitive brief with: executive summary, DHM scorecards, feature matrix, pricing table, and strategic recommendations. Use tables extensively. Keep the executive summary to 5 bullets — the kind a CEO would read in 2 minutes.
diff --git a/.claude/skills/pm/executive-update/SKILL.md b/.claude/skills/pm/executive-update/SKILL.md
new file mode 100644
index 00000000000..e8d82c315d7
--- /dev/null
+++ b/.claude/skills/pm/executive-update/SKILL.md
@@ -0,0 +1,60 @@
+---
+description: Create a crisp executive update or status report using the SCQA (Situation, Complication, Question, Answer) framework
+allowed-tools: Read, AskUserQuestion
+argument-hint: "<topic, project, or situation to report on>"
+---
+
+Transform messy context into a crisp, structured executive update using the SCQA framework (Situation, Complication, Question, Answer) — the gold standard for executive communication.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Gather Context
+
+If not provided, ask via `AskUserQuestion`:
+- What is the audience? (CEO, board, cross-functional leadership, skip-level)
+- What format is expected? (email, Slack update, slide, verbal brief)
+- What decision or action, if any, do you need from the audience?
+- What has changed since the last update?
+
+### 2. SCQA Structure
+
+Write the update using the four-part SCQA framework:
+
+**Situation** (1–2 sentences)
+Set shared context. State what's true right now that the audience already knows or would agree with. This is NOT the problem — it's the stable backdrop.
+> Example: "We're 6 weeks into Q2, and our pipeline conversion rate has been a focus area since the Q1 review."
+
+**Complication** (1–3 sentences)
+Introduce the tension. What has changed, gone wrong, or become relevant that makes the situation require attention? This creates the "why are you telling me this" moment.
+> Example: "Conversion rate improved from 18% to 22%, but deal velocity slowed — average close time increased from 28 to 41 days, which puts us at risk of missing the Q2 revenue target."
+
+**Question** (1 sentence, implicit or explicit)
+The natural question the reader is now asking. Often not stated explicitly, but naming it sharpens the answer.
+> Example: "What's driving the slowdown and what should we do about it?"
+
+**Answer** (the bulk of the update)
+Lead with the recommendation or key insight, then support it with evidence. Structure as:
+- **Bottom line up front**: Your conclusion or recommendation in one sentence
+- **Supporting data**: 2–3 data points or observations that back the bottom line
+- **Next steps**: What will happen next and by when, with owners named
+
+### 3. Calibrate for Audience
+
+Adjust the update based on audience:
+- **CEO / Board**: Lead with business impact and decisions needed. Skip operational detail.
+- **Cross-functional leaders**: Emphasize dependencies and what you need from them.
+- **Skip-level**: Include enough operational context to be credible, but still lead with the headline.
+
+### 4. Editing Pass
+
+Review the draft against these criteria:
+- Can the reader understand the key message in the first 30 seconds?
+- Is every sentence earning its place — does it add information or can it be cut?
+- Are there any weasel words or passive constructions hiding uncertainty? If there's uncertainty, name it directly.
+- Is the ask (if any) unambiguous?
+
+## Output Format
+
+Present the final SCQA update in clean prose — no sub-bullets within the Situation or Complication. Reserve bullets for the Answer section's supporting evidence and next steps. Aim for under 250 words for async written formats; include a "TL;DR" one-liner at the top for long updates.
diff --git a/.claude/skills/pm/feature-prioritization/SKILL.md b/.claude/skills/pm/feature-prioritization/SKILL.md
new file mode 100644
index 00000000000..b73b4a6c321
--- /dev/null
+++ b/.claude/skills/pm/feature-prioritization/SKILL.md
@@ -0,0 +1,59 @@
+---
+description: Score and rank a list of features or initiatives using RICE, ICE, or weighted scoring frameworks, with clear rationale for each score
+allowed-tools: Read, AskUserQuestion
+argument-hint: "<list of features, backlog items, or initiatives to prioritize>"
+---
+
+Turn a backlog of features or initiatives into a clearly ranked, defensible prioritization using RICE, ICE, or weighted scoring — with documented rationale for every score.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Choose a Scoring Framework
+
+Ask the user (via `AskUserQuestion`) which framework to use, or recommend based on context:
+
+- **RICE** — best when you have data on reach and effort estimates. Formula: `(Reach × Impact × Confidence) / Effort`
+- **ICE** — best for fast, gut-check prioritization. Formula: `Impact × Confidence × Ease`
+- **Weighted Scoring** — best when specific strategic criteria matter (e.g., strategic alignment, revenue potential, technical debt reduction). Ask the user for their weights.
+
+### 2. Define Scoring Criteria
+
+For RICE:
+- **Reach**: How many users will this affect per quarter? (estimated number)
+- **Impact**: How much will this move the needle per user? (3 = massive, 2 = significant, 1 = low, 0.5 = minimal, 0.25 = trivial)
+- **Confidence**: How confident are you in these estimates? (100% = high, 80% = medium, 50% = low)
+- **Effort**: Total person-months to build, test, and ship.
+
+For ICE:
+- **Impact**: 1–10 scale. How much will this move the key metric?
+- **Confidence**: 1–10 scale. How sure are you it will work?
+- **Ease**: 1–10 scale. How easy/fast is this to ship?
+
+For Weighted Scoring, define 4–6 criteria and assign weights that sum to 100%.
+
+### 3. Score Each Item
+
+Create a scoring table for each feature:
+- Document the score for each dimension
+- Provide a 1-sentence rationale for the score
+- Calculate the final score
+
+### 4. Output a Ranked List
+
+Present:
+1. A **ranked table** (highest score first) with all scores visible
+2. A **recommended top 3** to ship next, with brief justification
+3. **Items to defer or cut**, with the reason why
+
+### 5. Flag Risks and Dependencies
+
+For top-ranked items, note:
+- Dependencies on other teams or systems
+- Technical or business risks that could invalidate the score
+- Any items that scored low but have strategic override reasons (e.g., compliance, exec mandate)
+
+## Output Format
+
+Use a markdown table for the scoring matrix. Follow with a short narrative summary of the recommendations. Avoid jargon — the output should be presentable directly to stakeholders.
diff --git a/.claude/skills/pm/feedback-analysis/SKILL.md b/.claude/skills/pm/feedback-analysis/SKILL.md
new file mode 100644
index 00000000000..345b522e226
--- /dev/null
+++ b/.claude/skills/pm/feedback-analysis/SKILL.md
@@ -0,0 +1,64 @@
+---
+description: Analyze a batch of customer feedback (support tickets, NPS responses, reviews, feature requests) to extract patterns, prioritize opportunities, and surface actionable insights
+allowed-tools: Read, Glob, AskUserQuestion
+argument-hint: "<feedback file, paste of feedback items, or description of feedback source>"
+---
+
+Analyze 10–500+ customer feedback items from any source — support tickets, NPS verbatims, G2/Capterra reviews, feature requests, user interviews — and extract actionable patterns ranked by frequency and impact.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Ingest the Feedback
+
+Accept feedback in any of these forms:
+- A file path (use `Read` tool)
+- Pasted text in the conversation
+- A description of feedback themes (if raw data isn't available)
+
+If the feedback is unstructured, ask via `AskUserQuestion`:
+- What is the source? (NPS, support, reviews, interviews, sales calls)
+- What time period does this cover?
+- What product area or feature set does this relate to?
+
+### 2. Categorize Each Item
+
+For each piece of feedback, identify:
+- **Theme**: The underlying need or pain point (not the surface request)
+- **Sentiment**: Positive / Negative / Neutral
+- **Urgency signal**: Does the user describe churn risk, workaround behavior, or blocking frustration?
+- **User segment** (if inferrable): Power user, new user, enterprise, SMB, etc.
+
+### 3. Extract Patterns
+
+Group feedback items by theme and count frequency. Look for:
+- **High-frequency pain points**: Themes that appear in 10%+ of items
+- **High-severity items**: Individual feedback pieces that signal churn, safety, or legal risk — even if rare
+- **Unmet jobs**: Things users are trying to do that the product doesn't support well
+- **Unexpected use cases**: Users using the product in ways you didn't anticipate — often signals new market opportunities
+- **Positive signals**: What users love — protect these from inadvertent regression in roadmap decisions
+
+### 4. Prioritize Opportunities
+
+Rank the top themes using a simple 2×2:
+- **X-axis**: Frequency (how many users mentioned this)
+- **Y-axis**: Severity (how much does this hurt the user or the business)
+
+Quadrant labels:
+- High frequency + High severity → **Urgent: Fix or build now**
+- Low frequency + High severity → **Risk: Monitor and triage**
+- High frequency + Low severity → **Polish: Quick wins**
+- Low frequency + Low severity → **Backlog: Low priority**
+
+### 5. Surface Insights
+
+Write a synthesis covering:
+- **Top 3 opportunities** with supporting evidence (quote 2–3 representative pieces of feedback for each)
+- **One thing to stop doing** (if the data suggests a feature or behavior is causing net harm)
+- **One underserved segment** that shows up in the data with distinct needs
+- **Recommended next step**: What should the PM do with this analysis? (user interviews, prototype test, quick fix, escalate to leadership, etc.)
+
+## Output Format
+
+Lead with a short executive summary (5 sentences max). Follow with the opportunity ranking table. Then provide detailed write-ups for the top 3 opportunities, each with representative quotes. End with recommendations. Preserve customer voice — use direct quotes rather than paraphrasing whenever possible.
diff --git a/.claude/skills/pm/go-to-market/SKILL.md b/.claude/skills/pm/go-to-market/SKILL.md
new file mode 100644
index 00000000000..b24f5915a2e
--- /dev/null
+++ b/.claude/skills/pm/go-to-market/SKILL.md
@@ -0,0 +1,77 @@
+---
+description: Create a complete Go-to-Market (GTM) plan for a product, feature, or launch — including positioning, channels, messaging, timeline, and success metrics
+allowed-tools: Read, AskUserQuestion, WebSearch
+argument-hint: "<product, feature, or launch to create a GTM plan for>"
+---
+
+Build a complete Go-to-Market plan covering positioning, audience targeting, channel strategy, messaging, launch timeline, and success metrics.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Gather Launch Context
+
+If not provided, use `AskUserQuestion` to ask:
+- What are we launching? (new product, feature, pricing change, expansion)
+- Who is the primary target audience?
+- What is the launch date or target window?
+- What are the top 1–2 business goals for this launch?
+- Any known constraints (budget, team, regions, existing commitments)?
+
+### 2. Positioning Statement
+
+Write a positioning statement using the Geoffrey Moore format:
+
+> For [target customer] who [has this need or problem], [product/feature name] is a [category] that [key benefit]. Unlike [primary alternative], our solution [key differentiator].
+
+Test the positioning against these questions:
+- Is the "unlike" contrast meaningful to the customer (not just internally)?
+- Does the key benefit tie directly to a measurable outcome?
+- Is the category framing right — too narrow (limits growth) or too broad (loses clarity)?
+
+### 3. Audience Segmentation
+
+Define:
+- **Primary audience**: Who this launch is designed for first. Be specific.
+- **Secondary audience**: Who else benefits, and how messaging differs for them.
+- **Influencers and champions**: Who drives adoption within a company or community?
+
+### 4. Messaging Framework
+
+Create a messaging hierarchy:
+- **One-liner** (10 words max): Used in headlines, subject lines, social
+- **Elevator pitch** (2–3 sentences): Used in sales, demos, outbound
+- **Full value proposition** (1 paragraph): Used in landing pages, press materials
+
+For each audience segment, note any messaging adjustments.
+
+### 5. Channel Strategy
+
+For each channel, specify: goal, tactic, owner, and expected impact.
+
+Evaluate which channels to use based on where the audience lives:
+- **Owned**: Blog, in-app notifications, email newsletter, changelog
+- **Earned**: Press, analyst briefings, community word-of-mouth, influencer reviews
+- **Paid**: Ads, sponsored content, events
+- **Partner**: Co-marketing, integrations announcements, referrals
+
+### 6. Launch Timeline
+
+Create a phased timeline:
+- **T-4 weeks**: Internal alignment, sales enablement, beta/preview customers
+- **T-2 weeks**: Soft launch to waitlist or early adopters, collect feedback
+- **T-0 (Launch day)**: Public announcement, coordinated across all channels
+- **T+2 weeks**: Follow-up content, case studies, retargeting
+
+### 7. Success Metrics
+
+Define:
+- **Primary metric**: The one number that signals launch success
+- **Leading indicators**: What to watch in the first 48–72 hours
+- **Lagging indicators**: What to evaluate at 30/60/90 days
+- **Failure signal**: At what threshold do we escalate or pivot?
+
+## Output Format
+
+Structure the output as a standalone GTM brief in clean markdown — concise enough to share with leadership, detailed enough for the team to execute from. Use tables for the channel strategy and timeline.
diff --git a/.claude/skills/pm/metrics-framework/SKILL.md b/.claude/skills/pm/metrics-framework/SKILL.md
new file mode 100644
index 00000000000..d1807d74bb0
--- /dev/null
+++ b/.claude/skills/pm/metrics-framework/SKILL.md
@@ -0,0 +1,87 @@
+---
+description: Build a comprehensive product metrics framework using AARRR (pirate metrics) or input/output methodology, and identify and validate your product's North Star metric
+allowed-tools: Read, AskUserQuestion
+argument-hint: "<product, feature, or business area to build a metrics framework for>"
+---
+
+Design a complete metrics framework for a product or feature — identifying the North Star metric, building out the full AARRR funnel or input/output model, and defining leading and lagging indicators at each stage.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Understand the Product Context
+
+If not provided, ask via `AskUserQuestion`:
+- What does the product do and who uses it?
+- What is the primary business model? (subscription, usage-based, marketplace, freemium, etc.)
+- What stage is the product at? (early/PMF search, growth, scale, mature)
+- Is there an existing set of metrics in use? If so, what are they?
+
+### 2. North Star Metric
+
+Identify the North Star metric: the single number that best captures the core value the product delivers to customers. A good North Star:
+- Reflects customer value (not just revenue or vanity activity)
+- Is leading, not lagging (predicts future business health)
+- Is actionable — the team can affect it directly
+- Is understandable — a new employee can explain it
+
+Present 2–3 candidate North Star metrics and recommend one with reasoning.
+
+**Common examples by business type**:
+- SaaS productivity tool → Weekly active users completing core workflow
+- Marketplace → Successful transactions per month
+- Consumer app → DAU/MAU ratio (stickiness)
+- Data platform → Queries run per active user per week
+
+Validate the North Star by testing: "If this metric goes up while everything else stays the same, is the business actually healthier?"
+
+### 3. AARRR Funnel Metrics
+
+Map the full customer lifecycle with 2–3 metrics per stage:
+
+**Acquisition** — How do users discover and arrive?
+- Sources: Organic search, paid, referral, direct, partner
+- Key metrics: New signups, CAC by channel, trial starts
+
+**Activation** — Do users experience core value quickly?
+- Define the "aha moment" — the action that correlates most strongly with retention
+- Key metrics: Activation rate (% reaching aha moment), time-to-value
+
+**Retention** — Do users keep coming back?
+- Define retention for this product (daily, weekly, monthly depending on use case)
+- Key metrics: D7/D30/D90 retention, churn rate, resurrection rate
+
+**Referral** — Do users tell others?
+- Key metrics: NPS, viral coefficient (K-factor), referral rate, word-of-mouth signups
+
+**Revenue** — Are we monetizing effectively?
+- Key metrics: MRR/ARR, ARPU, LTV, LTV:CAC ratio, expansion revenue
+
+### 4. Input/Output Metric Pairing
+
+For each AARRR stage, pair:
+- **Output metric**: The outcome you're trying to achieve (lagging, harder to move quickly)
+- **Input metric**: The leading indicator or lever the team can pull to affect the output
+
+Example:
+> Output: D30 retention = 40% | Input: % of new users who complete onboarding within 24 hours
+
+### 5. Instrumentation Checklist
+
+For each key metric, document:
+- What event or data point needs to be tracked?
+- Where does this data live today? (product analytics, data warehouse, CRM, etc.)
+- Is this metric currently being measured? If not, what's needed to instrument it?
+- What's the current baseline value (if known)?
+
+### 6. Anti-metrics
+
+Name 2–3 metrics to explicitly NOT optimize for — things that could improve without the product actually getting better:
+- Vanity metrics (e.g., total registered users without activity filter)
+- Metrics that can be gamed easily
+- Metrics that could be optimized at the expense of user trust
+
+## Output Format
+
+Present the North Star recommendation with rationale, then a metrics table organized by AARRR stage with input/output pairs. Follow with the instrumentation checklist. Use a clean table format throughout. Keep the narrative tight — this should be a working document, not a strategy deck.
diff --git a/.claude/skills/pm/okr-writer/SKILL.md b/.claude/skills/pm/okr-writer/SKILL.md
new file mode 100644
index 00000000000..992d5c38f1a
--- /dev/null
+++ b/.claude/skills/pm/okr-writer/SKILL.md
@@ -0,0 +1,64 @@
+---
+description: Write and refine Objectives and Key Results (OKRs) using the Measure What Matters methodology, with coaching on common pitfalls
+allowed-tools: Read, AskUserQuestion
+argument-hint: "<team name, strategic goal, or draft OKRs to refine>"
+---
+
+Write strong OKRs using John Doerr's *Measure What Matters* methodology — or critique and improve a draft set of OKRs the user provides.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Understand Context
+
+If not provided, ask via `AskUserQuestion`:
+- Is this for a company, team, or individual?
+- What time period? (quarterly is standard)
+- What is the overarching company/product goal this OKR should ladder up to?
+- Are these new OKRs or a draft to review?
+
+### 2. OKR Fundamentals (apply throughout)
+
+**Objectives** must be:
+- Inspirational and qualitative — describe a destination, not a task
+- Ambitious but achievable ("moonshot" vs. "roofshot" — label which)
+- Memorable in a single sentence
+- NOT a metric (no numbers in the objective)
+
+**Key Results** must be:
+- Measurable and time-bound
+- Outcome-oriented (measure impact, not output or activity)
+- 3–5 per objective
+- Scored 0–1.0 at the end of the period (0.7 = success; 1.0 = sandbagging)
+
+### 3. Common Pitfalls to Check Against
+
+Flag any of the following:
+- **Task masquerading as KR**: "Launch feature X" is output, not outcome. Rewrite as "Feature X drives 20% increase in Y by [date]."
+- **Vanity metric**: Metrics that look good but don't signal real value (e.g., page views without conversion)
+- **Too safe**: If hitting 1.0 seems easy, push the number higher
+- **No owner**: Each KR should have a clear DRI (directly responsible individual)
+- **Too many**: More than 3 objectives or 5 KRs per objective dilutes focus
+
+### 4. Write or Rewrite OKRs
+
+For each Objective:
+```
+Objective: [Inspiring, qualitative goal]
+  KR1: [Metric] from [baseline] to [target] by [date]
+  KR2: [Metric] from [baseline] to [target] by [date]
+  KR3: [Metric] from [baseline] to [target] by [date]
+```
+
+### 5. Health Check
+
+After drafting, evaluate each OKR set:
+- Does each KR, if achieved, make the objective undeniably true?
+- Are any two KRs measuring the same thing? Consolidate if so.
+- Is there a leading indicator KR (early signal) alongside lagging KRs?
+- Are the KRs collectively sufficient to achieve the objective, or is something missing?
+
+## Output Format
+
+Present final OKRs in clean markdown. For each KR, add a one-line note explaining why this metric was chosen. If reviewing a draft, show the original vs. the improved version side by side.
diff --git a/.claude/skills/pm/prd-generator/SKILL.md b/.claude/skills/pm/prd-generator/SKILL.md
new file mode 100644
index 00000000000..8f144720fb2
--- /dev/null
+++ b/.claude/skills/pm/prd-generator/SKILL.md
@@ -0,0 +1,82 @@
+---
+description: Generate a complete Product Requirements Document (PRD) from a problem statement or feature idea, using JTBD analysis, opportunity trees, and sprint-ready user stories
+allowed-tools: Read, Glob, Grep, AskUserQuestion, WebSearch
+argument-hint: "<problem statement, feature idea, or opportunity>"
+---
+
+Transform a problem statement or feature idea into an engineering-ready PRD using Jobs-to-be-Done analysis, opportunity mapping, and sprint-ready user stories.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Clarify Scope (if input is vague)
+
+If the input lacks sufficient detail, use `AskUserQuestion` to ask:
+- Who is the primary user/customer affected?
+- What outcome are we trying to achieve (not the solution)?
+- What constraints exist (timeline, platform, team size)?
+
+### 2. JTBD Analysis
+
+Frame the problem using the Jobs-to-be-Done format:
+
+> **When** [situation], **I want to** [motivation/job], **so I can** [expected outcome].
+
+Identify:
+- **Functional job**: The practical task the user is trying to accomplish
+- **Emotional job**: How they want to feel
+- **Social job**: How they want to be perceived
+
+### 3. Opportunity Tree
+
+Map the problem space before jumping to solutions:
+
+```
+Goal: [Desired outcome]
+  └── Opportunity: [Why users can't achieve the goal today]
+        ├── Assumption: [What must be true for this opportunity to be real]
+        └── Solution Space: [2–3 possible approaches — do NOT commit to one yet]
+```
+
+### 4. PRD Structure
+
+Write the full PRD with the following sections:
+
+**Overview**
+- Problem statement (1–2 sentences)
+- Why now (business context, urgency)
+- Success metrics (primary KPI + 1–2 supporting metrics)
+
+**Users & Segments**
+- Primary user persona
+- Secondary users (if any)
+- Out of scope users
+
+**Requirements**
+- P0 (must have for launch)
+- P1 (strongly preferred)
+- P2 (nice to have, post-launch)
+
+For each requirement, state: what the system must do, not how.
+
+**Non-Requirements**
+- Explicitly call out what this PRD does NOT cover to prevent scope creep.
+
+**Open Questions**
+- List any unresolved decisions that need stakeholder input before engineering starts.
+
+### 5. Sprint-Ready User Stories
+
+Convert P0 requirements into user stories using the format:
+
+> **As a** [user type], **I want to** [action], **so that** [benefit].
+
+For each story, include:
+- **Acceptance criteria** (3–5 bullet points using Given/When/Then)
+- **Story points estimate** (1, 2, 3, 5, or 8 — Fibonacci scale)
+- **Dependencies** (other stories or systems this relies on)
+
+## Output Format
+
+Use clear markdown with headers. Keep the PRD scannable — PMs and engineers should be able to grasp the full scope in under 5 minutes. Avoid padding; every sentence should add information.
diff --git a/.claude/skills/pm/stakeholder-review/SKILL.md b/.claude/skills/pm/stakeholder-review/SKILL.md
new file mode 100644
index 00000000000..86034a88a98
--- /dev/null
+++ b/.claude/skills/pm/stakeholder-review/SKILL.md
@@ -0,0 +1,61 @@
+---
+description: Run 7 stakeholder perspectives on any document or decision in parallel — Engineering, Design, Executive, Legal, Customer, Devil's Advocate, and Sales — then synthesize consensus, tensions, blockers, and questions
+allowed-tools: Read, AskUserQuestion, Task
+argument-hint: "<document, decision, or proposal to review>"
+---
+
+Stress-test any document or decision by simulating 7 distinct stakeholder perspectives in parallel, then synthesizing the results into a unified review with consensus, tensions, blockers, and key questions to prepare for.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Read and Understand the Input
+
+Read the provided document thoroughly. If it's a file path, use the `Read` tool. Identify:
+- What type of document is this? (PRD, proposal, strategy doc, roadmap, design brief, etc.)
+- What decision or approval is being sought?
+- What is the timeline for feedback?
+
+### 2. Run 7 Parallel Stakeholder Reviews
+
+Use the `Task` tool to spawn 7 parallel agents simultaneously (in a single message), each reviewing the document from a distinct perspective:
+
+**Agent 1 — Engineering Lead**
+Prompt: Review this document as a senior engineering lead. Identify: technical feasibility concerns, missing technical requirements, hidden complexity, system dependencies, and questions you'd ask before starting work. Be specific and practical.
+
+**Agent 2 — Product Designer / UX**
+Prompt: Review this document as a product designer. Identify: user experience gaps, missing user research or validation, design assumptions that need testing, accessibility considerations, and any flows that will be confusing to users.
+
+**Agent 3 — Executive / Business**
+Prompt: Review this document as a C-suite executive. Identify: strategic alignment, ROI clarity, resource implications, risks to company goals, and what's missing that you'd need to approve this.
+
+**Agent 4 — Legal / Compliance**
+Prompt: Review this document as a legal and compliance reviewer. Identify: privacy concerns (data collection, GDPR/CCPA), terms of service implications, regulatory risks, IP considerations, and liability exposure.
+
+**Agent 5 — Customer Voice**
+Prompt: Review this document as an advocate for the end customer. Identify: assumptions about user needs that aren't validated, potential for confusion or frustration, missing use cases, and whether the proposed solution actually solves the stated problem.
+
+**Agent 6 — Devil's Advocate**
+Prompt: Review this document as a skeptic whose job is to find every flaw. What's the strongest case against doing this? What could go wrong? What assumptions are most likely to be wrong? What would you need to be convinced this is worth doing?
+
+**Agent 7 — Sales / Revenue**
+Prompt: Review this document as a sales leader. Identify: how this affects current deals, the sales narrative and messaging implications, pricing or packaging concerns, competitive positioning, and what you'd need to explain this to a customer.
+
+### 3. Synthesize Results
+
+After all agents complete, organize findings into:
+
+**Consensus** — Points raised by 3+ perspectives as significant concerns or needs.
+
+**Tensions** — Points where two perspectives are in conflict (e.g., Engineering says "keep it simple" while Sales says "we need more configuration options").
+
+**Hard Blockers** — Issues that must be resolved before this can move forward (typically Legal, Engineering feasibility, or missing strategic alignment).
+
+**Open Questions to Prepare For** — The most important questions you'll be asked in your next review meeting, ranked by likelihood. Include a suggested answer for each.
+
+**Suggested Revisions** — Top 3 changes to the document that would address the most significant feedback.
+
+## Output Format
+
+Present the synthesis clearly with sections for Consensus, Tensions, Hard Blockers, and Open Questions. Lead with the most critical finding. Keep the stakeholder-by-stakeholder breakdown in an appendix section at the end for reference.
diff --git a/.claude/skills/pm/user-story/SKILL.md b/.claude/skills/pm/user-story/SKILL.md
new file mode 100644
index 00000000000..0f1b9bbe1eb
--- /dev/null
+++ b/.claude/skills/pm/user-story/SKILL.md
@@ -0,0 +1,81 @@
+---
+description: Generate sprint-ready user stories with acceptance criteria, story point estimates, and edge cases from a feature description or PRD section
+allowed-tools: Read, AskUserQuestion
+argument-hint: "<feature description, PRD section, or requirement to break into stories>"
+---
+
+Convert feature descriptions or PRD requirements into sprint-ready user stories with clear acceptance criteria, story point estimates, and edge cases documented — ready to paste into Linear or Jira.
+
+Input: $ARGUMENTS
+
+## Instructions
+
+### 1. Understand the Feature
+
+If the input is a file, use `Read`. If it's vague, ask via `AskUserQuestion`:
+- Who is the primary user of this feature?
+- What is the "happy path" — the most common way this will be used?
+- Are there any known constraints (tech limitations, non-negotiable behaviors)?
+- What does "done" look like from a user perspective?
+
+### 2. Epic Summary (if applicable)
+
+If the input describes a large feature, first write a one-paragraph **epic summary**:
+- What is being built and why
+- Who it's for
+- What the scope boundaries are (what is NOT included)
+
+### 3. Break Into Stories
+
+Apply the INVEST criteria to each story:
+- **Independent**: Can be developed without requiring another story to be done first
+- **Negotiable**: Details can be discussed with engineering
+- **Valuable**: Delivers something meaningful to the user or system
+- **Estimable**: Can be pointed
+- **Small**: Can be completed in one sprint (ideally 1–3 days of work)
+- **Testable**: Has clear, verifiable acceptance criteria
+
+Story format:
+```
+As a [user type],
+I want to [perform an action],
+so that [I achieve a benefit/outcome].
+```
+
+### 4. Acceptance Criteria
+
+For each story, write 3–6 acceptance criteria using Given/When/Then:
+```
+Given [precondition or starting state]
+When [the user takes an action]
+Then [the expected result occurs]
+```
+
+Cover:
+- The happy path
+- Error states and validation
+- Boundary conditions (empty states, max limits)
+- Permission or role-based behavior (if relevant)
+
+### 5. Story Point Estimates
+
+Estimate each story using Fibonacci (1, 2, 3, 5, 8):
+- **1 pt**: Trivial, under 2 hours, no unknowns
+- **2 pt**: Small, half a day, minimal complexity
+- **3 pt**: Medium, 1–2 days, some decisions to make
+- **5 pt**: Large, 3–4 days, multiple components, some uncertainty
+- **8 pt**: Very large — consider splitting before sprint planning
+
+For anything 8+, flag it as a splitting candidate and suggest how to break it up.
+
+### 6. Edge Cases and Notes
+
+For each story, list:
+- **Edge cases**: Unusual but valid user behaviors to handle
+- **Out of scope**: Explicitly call out what this story does NOT cover
+- **Dependencies**: Other stories, APIs, or team work this relies on
+- **Open questions**: Decisions that need to be made before or during development
+
+## Output Format
+
+Structure as a numbered list of stories, each with: title, user story statement, acceptance criteria, story points, and notes. Format acceptance criteria as numbered Given/When/Then bullets. Keep the tone direct and technical — these are written for an engineering team.

From 51a249097cdc287af36825aa29de6fed56a9cf63 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:21:55 -0700
Subject: [PATCH 02/35] feat(admin-console): add superuser auth guard for admin
 layout

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 web-admin/src/routes/-/admin/+layout.ts | 65 +++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/+layout.ts

diff --git a/web-admin/src/routes/-/admin/+layout.ts b/web-admin/src/routes/-/admin/+layout.ts
new file mode 100644
index 00000000000..819d6170694
--- /dev/null
+++ b/web-admin/src/routes/-/admin/+layout.ts
@@ -0,0 +1,65 @@
+// web-admin/src/routes/-/admin/+layout.ts
+import {
+  adminServiceGetCurrentUser,
+  adminServiceListSuperusers,
+  getAdminServiceGetCurrentUserQueryKey,
+  getAdminServiceListSuperusersQueryKey,
+  type V1GetCurrentUserResponse,
+  type V1ListSuperusersResponse,
+} from "@rilldata/web-admin/client";
+import { redirectToLogin } from "@rilldata/web-admin/client/redirect-utils";
+import { queryClient } from "@rilldata/web-common/lib/svelte-query/globalQueryClient";
+import { redirect } from "@sveltejs/kit";
+import { isAxiosError } from "axios";
+
+export const load = async () => {
+  // Get current user
+  let currentUserEmail: string | undefined;
+  try {
+    const userResp = await queryClient.fetchQuery<V1GetCurrentUserResponse>({
+      queryKey: getAdminServiceGetCurrentUserQueryKey(),
+      queryFn: () => adminServiceGetCurrentUser(),
+      staleTime: 5 * 60 * 1000,
+    });
+    currentUserEmail = userResp.user?.email;
+  } catch (e) {
+    if (isAxiosError(e) && e.response?.status === 401) {
+      // redirectToLogin() throws a SvelteKit redirect internally;
+      // call it outside the catch to avoid swallowing the redirect exception
+    } else {
+      throw redirect(307, "/");
+    }
+    redirectToLogin();
+  }
+
+  if (!currentUserEmail) {
+    throw redirect(307, "/");
+  }
+
+  // Check if current user is a superuser
+  try {
+    const superusersResp =
+      await queryClient.fetchQuery<V1ListSuperusersResponse>({
+        queryKey: getAdminServiceListSuperusersQueryKey(),
+        queryFn: () => adminServiceListSuperusers(),
+        staleTime: 5 * 60 * 1000,
+      });
+
+    const isSuperuser = superusersResp.users?.some(
+      (u) => u.email === currentUserEmail,
+    );
+
+    if (!isSuperuser) {
+      throw redirect(307, "/");
+    }
+  } catch (e) {
+    // ListSuperusers itself will 403 if not a superuser
+    if (isAxiosError(e) && e.response?.status === 403) {
+      throw redirect(307, "/");
+    }
+    // Re-throw SvelteKit redirects
+    throw e;
+  }
+
+  return { currentUserEmail };
+};

From e7158a5d1b6216822571329dbe1778f4adb59381 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:21:56 -0700
Subject: [PATCH 03/35] feat(admin-console): add page header component

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../admin/layout/AdminPageHeader.svelte       | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 web-admin/src/features/admin/layout/AdminPageHeader.svelte

diff --git a/web-admin/src/features/admin/layout/AdminPageHeader.svelte b/web-admin/src/features/admin/layout/AdminPageHeader.svelte
new file mode 100644
index 00000000000..6aaeadbae76
--- /dev/null
+++ b/web-admin/src/features/admin/layout/AdminPageHeader.svelte
@@ -0,0 +1,25 @@
+<script lang="ts">
+  export let title: string;
+  export let description: string = "";
+</script>
+
+<div class="page-header">
+  <h1 class="page-title">{title}</h1>
+  {#if description}
+    <p class="page-description">{description}</p>
+  {/if}
+</div>
+
+<style lang="postcss">
+  .page-header {
+    @apply mb-6;
+  }
+
+  .page-title {
+    @apply text-xl font-semibold text-slate-900 dark:text-slate-100;
+  }
+
+  .page-description {
+    @apply text-sm text-slate-500 dark:text-slate-400 mt-1;
+  }
+</style>

From 417e96b0df9d077bb470daf6e90dc30fc42fcdc8 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:22:00 -0700
Subject: [PATCH 04/35] feat(admin-console): add sidebar navigation component

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../features/admin/layout/AdminSidebar.svelte | 109 ++++++++++++++++++
 1 file changed, 109 insertions(+)
 create mode 100644 web-admin/src/features/admin/layout/AdminSidebar.svelte

diff --git a/web-admin/src/features/admin/layout/AdminSidebar.svelte b/web-admin/src/features/admin/layout/AdminSidebar.svelte
new file mode 100644
index 00000000000..94e97ac81ab
--- /dev/null
+++ b/web-admin/src/features/admin/layout/AdminSidebar.svelte
@@ -0,0 +1,109 @@
+<!-- web-admin/src/features/admin/layout/AdminSidebar.svelte -->
+<script lang="ts">
+  import { page } from "$app/stores";
+
+  const navGroups = [
+    {
+      heading: "Overview",
+      items: [{ label: "Dashboard", href: "/-/admin" }],
+    },
+    {
+      heading: "People",
+      items: [
+        { label: "Users", href: "/-/admin/users" },
+        { label: "Superusers", href: "/-/admin/superusers" },
+      ],
+    },
+    {
+      heading: "Billing & Plans",
+      items: [
+        { label: "Billing", href: "/-/admin/billing" },
+        { label: "Quotas", href: "/-/admin/quotas" },
+      ],
+    },
+    {
+      heading: "Resources",
+      items: [
+        { label: "Organizations", href: "/-/admin/organizations" },
+        { label: "Projects", href: "/-/admin/projects" },
+        { label: "Whitelist", href: "/-/admin/whitelist" },
+      ],
+    },
+    {
+      heading: "Advanced",
+      items: [
+        { label: "Annotations", href: "/-/admin/annotations" },
+        { label: "Virtual Files", href: "/-/admin/virtual-files" },
+        { label: "Runtime", href: "/-/admin/runtime" },
+      ],
+    },
+  ];
+
+  function isActive(href: string, pathname: string): boolean {
+    if (href === "/-/admin") return pathname === "/-/admin";
+    return pathname.startsWith(href);
+  }
+</script>
+
+<nav class="sidebar">
+  <div class="sidebar-header">
+    <span class="logo-text">Admin Console</span>
+  </div>
+
+  <div class="sidebar-content">
+    {#each navGroups as group}
+      <div class="nav-group">
+        <span class="group-heading">{group.heading}</span>
+        {#each group.items as item}
+          <a
+            href={item.href}
+            class="nav-item"
+            class:active={isActive(item.href, $page.url.pathname)}
+          >
+            {item.label}
+          </a>
+        {/each}
+      </div>
+    {/each}
+  </div>
+</nav>
+
+<style lang="postcss">
+  .sidebar {
+    @apply w-56 flex-shrink-0 border-r border-slate-200 dark:border-slate-700
+      bg-white dark:bg-slate-900 flex flex-col h-full;
+  }
+
+  .sidebar-header {
+    @apply px-4 py-4 border-b border-slate-200 dark:border-slate-700;
+  }
+
+  .logo-text {
+    @apply text-sm font-semibold text-slate-900 dark:text-slate-100;
+  }
+
+  .sidebar-content {
+    @apply flex-1 overflow-y-auto py-3 px-3;
+  }
+
+  .nav-group {
+    @apply mb-4;
+  }
+
+  .group-heading {
+    @apply text-[11px] font-semibold uppercase tracking-wider
+      text-slate-400 dark:text-slate-500 px-2 mb-1 block;
+  }
+
+  .nav-item {
+    @apply block px-2 py-1.5 text-sm rounded-md
+      text-slate-600 dark:text-slate-300
+      hover:bg-slate-100 dark:hover:bg-slate-800
+      transition-colors;
+  }
+
+  .nav-item.active {
+    @apply bg-slate-100 dark:bg-slate-800
+      text-slate-900 dark:text-slate-100 font-medium;
+  }
+</style>

From 441d77d90675a7bd2a59d0941d8ff8b5a3ec7009 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:22:22 -0700
Subject: [PATCH 05/35] feat(admin-console): add shared UI components
 (ConfirmDialog, StatusBadge, ActionResultBanner, SearchInput)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../admin/shared/ActionResultBanner.svelte    | 49 ++++++++++
 .../admin/shared/ConfirmDialog.svelte         | 91 +++++++++++++++++++
 .../features/admin/shared/SearchInput.svelte  | 51 +++++++++++
 .../features/admin/shared/StatusBadge.svelte  | 33 +++++++
 4 files changed, 224 insertions(+)
 create mode 100644 web-admin/src/features/admin/shared/ActionResultBanner.svelte
 create mode 100644 web-admin/src/features/admin/shared/ConfirmDialog.svelte
 create mode 100644 web-admin/src/features/admin/shared/SearchInput.svelte
 create mode 100644 web-admin/src/features/admin/shared/StatusBadge.svelte

diff --git a/web-admin/src/features/admin/shared/ActionResultBanner.svelte b/web-admin/src/features/admin/shared/ActionResultBanner.svelte
new file mode 100644
index 00000000000..13bcb545147
--- /dev/null
+++ b/web-admin/src/features/admin/shared/ActionResultBanner.svelte
@@ -0,0 +1,49 @@
+<!-- web-admin/src/features/admin/shared/ActionResultBanner.svelte -->
+<script lang="ts">
+  export let type: "success" | "error" | "" = "";
+  export let message: string = "";
+
+  export function show(newType: "success" | "error", newMessage: string) {
+    type = newType;
+    message = newMessage;
+    setTimeout(() => {
+      type = "";
+      message = "";
+    }, 5000);
+  }
+</script>
+
+{#if type && message}
+  <div
+    class="banner"
+    class:success={type === "success"}
+    class:error={type === "error"}
+  >
+    <span>{message}</span>
+    <button
+      class="close-btn"
+      on:click={() => {
+        type = "";
+        message = "";
+      }}>x</button
+    >
+  </div>
+{/if}
+
+<style lang="postcss">
+  .banner {
+    @apply flex items-center justify-between px-4 py-3 rounded-md text-sm mb-4;
+  }
+
+  .success {
+    @apply bg-green-50 text-green-800 dark:bg-green-900/20 dark:text-green-300;
+  }
+
+  .error {
+    @apply bg-red-50 text-red-800 dark:bg-red-900/20 dark:text-red-300;
+  }
+
+  .close-btn {
+    @apply ml-4 text-current opacity-50 hover:opacity-100;
+  }
+</style>
diff --git a/web-admin/src/features/admin/shared/ConfirmDialog.svelte b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
new file mode 100644
index 00000000000..743e7848e34
--- /dev/null
+++ b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
@@ -0,0 +1,91 @@
+<!-- web-admin/src/features/admin/shared/ConfirmDialog.svelte -->
+<script lang="ts">
+  export let open = false;
+  export let title: string;
+  export let description: string = "";
+  export let confirmLabel: string = "Confirm";
+  export let cancelLabel: string = "Cancel";
+  export let destructive: boolean = false;
+  export let onConfirm: () => void | Promise<void>;
+
+  let loading = false;
+
+  async function handleConfirm() {
+    loading = true;
+    try {
+      await onConfirm();
+      open = false;
+    } finally {
+      loading = false;
+    }
+  }
+
+  function handleCancel() {
+    open = false;
+  }
+</script>
+
+{#if open}
+  <!-- svelte-ignore a11y-click-events-have-key-events -->
+  <!-- svelte-ignore a11y-no-static-element-interactions -->
+  <div class="overlay" on:click={handleCancel}>
+    <div class="dialog" on:click|stopPropagation>
+      <h2 class="dialog-title">{title}</h2>
+      {#if description}
+        <p class="dialog-description">{description}</p>
+      {/if}
+      <div class="dialog-actions">
+        <button class="btn-cancel" on:click={handleCancel} disabled={loading}>
+          {cancelLabel}
+        </button>
+        <button
+          class="btn-confirm"
+          class:destructive
+          on:click={handleConfirm}
+          disabled={loading}
+        >
+          {#if loading}Working...{:else}{confirmLabel}{/if}
+        </button>
+      </div>
+    </div>
+  </div>
+{/if}
+
+<style lang="postcss">
+  .overlay {
+    @apply fixed inset-0 bg-black/50 flex items-center justify-center z-50;
+  }
+
+  .dialog {
+    @apply bg-white dark:bg-slate-800 rounded-lg p-6 max-w-md w-full mx-4 shadow-xl;
+  }
+
+  .dialog-title {
+    @apply text-lg font-semibold text-slate-900 dark:text-slate-100;
+  }
+
+  .dialog-description {
+    @apply text-sm text-slate-500 dark:text-slate-400 mt-2;
+  }
+
+  .dialog-actions {
+    @apply flex justify-end gap-3 mt-6;
+  }
+
+  .btn-cancel {
+    @apply px-4 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
+      text-slate-700 dark:text-slate-300 hover:bg-slate-50 dark:hover:bg-slate-700;
+  }
+
+  .btn-confirm {
+    @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700;
+  }
+
+  .btn-confirm.destructive {
+    @apply bg-red-600 hover:bg-red-700;
+  }
+
+  button:disabled {
+    @apply opacity-50 cursor-not-allowed;
+  }
+</style>
diff --git a/web-admin/src/features/admin/shared/SearchInput.svelte b/web-admin/src/features/admin/shared/SearchInput.svelte
new file mode 100644
index 00000000000..161055c618a
--- /dev/null
+++ b/web-admin/src/features/admin/shared/SearchInput.svelte
@@ -0,0 +1,51 @@
+<!-- web-admin/src/features/admin/shared/SearchInput.svelte -->
+<script lang="ts">
+  import { createEventDispatcher } from "svelte";
+
+  export let placeholder: string = "Search...";
+  export let value: string = "";
+  export let debounceMs: number = 300;
+
+  const dispatch = createEventDispatcher<{ search: string }>();
+
+  let timeout: ReturnType<typeof setTimeout>;
+
+  function handleInput(e: Event) {
+    const target = e.target as HTMLInputElement;
+    value = target.value;
+    clearTimeout(timeout);
+    timeout = setTimeout(() => {
+      dispatch("search", value);
+    }, debounceMs);
+  }
+
+  function handleSubmit() {
+    clearTimeout(timeout);
+    dispatch("search", value);
+  }
+</script>
+
+<div class="search-container">
+  <input
+    type="text"
+    class="search-input"
+    {placeholder}
+    {value}
+    on:input={handleInput}
+    on:keydown={(e) => e.key === "Enter" && handleSubmit()}
+  />
+</div>
+
+<style lang="postcss">
+  .search-container {
+    @apply relative;
+  }
+
+  .search-input {
+    @apply w-full px-3 py-2 text-sm rounded-md border border-slate-300
+      dark:border-slate-600 bg-white dark:bg-slate-800
+      text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 dark:placeholder:text-slate-500
+      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
+  }
+</style>
diff --git a/web-admin/src/features/admin/shared/StatusBadge.svelte b/web-admin/src/features/admin/shared/StatusBadge.svelte
new file mode 100644
index 00000000000..bc52339df82
--- /dev/null
+++ b/web-admin/src/features/admin/shared/StatusBadge.svelte
@@ -0,0 +1,33 @@
+<!-- web-admin/src/features/admin/shared/StatusBadge.svelte -->
+<script lang="ts">
+  export let status: "success" | "error" | "pending" | "info" = "info";
+  export let label: string;
+</script>
+
+<span class="badge" class:success={status === "success"}
+  class:error={status === "error"} class:pending={status === "pending"}
+  class:info={status === "info"}>
+  {label}
+</span>
+
+<style lang="postcss">
+  .badge {
+    @apply inline-flex items-center px-2 py-0.5 text-xs font-medium rounded-full;
+  }
+
+  .success {
+    @apply bg-green-100 text-green-700 dark:bg-green-900/30 dark:text-green-400;
+  }
+
+  .error {
+    @apply bg-red-100 text-red-700 dark:bg-red-900/30 dark:text-red-400;
+  }
+
+  .pending {
+    @apply bg-yellow-100 text-yellow-700 dark:bg-yellow-900/30 dark:text-yellow-400;
+  }
+
+  .info {
+    @apply bg-blue-100 text-blue-700 dark:bg-blue-900/30 dark:text-blue-400;
+  }
+</style>

From f8f3cc0e7c11685f4a90f1b1796dc59abd178a0b Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:23:08 -0700
Subject: [PATCH 06/35] feat(admin-console): add admin layout with sidebar +
 content area

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 web-admin/src/routes/-/admin/+layout.svelte | 24 +++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/+layout.svelte

diff --git a/web-admin/src/routes/-/admin/+layout.svelte b/web-admin/src/routes/-/admin/+layout.svelte
new file mode 100644
index 00000000000..4f02d21a778
--- /dev/null
+++ b/web-admin/src/routes/-/admin/+layout.svelte
@@ -0,0 +1,24 @@
+<script lang="ts">
+  import AdminSidebar from "@rilldata/web-admin/features/admin/layout/AdminSidebar.svelte";
+</script>
+
+<svelte:head>
+  <title>Admin Console | Rill</title>
+</svelte:head>
+
+<div class="admin-layout">
+  <AdminSidebar />
+  <div class="admin-content">
+    <slot />
+  </div>
+</div>
+
+<style lang="postcss">
+  .admin-layout {
+    @apply flex h-screen overflow-hidden;
+  }
+
+  .admin-content {
+    @apply flex-1 overflow-y-auto p-8;
+  }
+</style>

From 397919069ffa0bf16cb49c013cf310a4b1085a97 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:23:13 -0700
Subject: [PATCH 07/35] feat(admin-console): add dashboard home page with quick
 action cards

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 web-admin/src/routes/-/admin/+page.svelte | 56 +++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/+page.svelte

diff --git a/web-admin/src/routes/-/admin/+page.svelte b/web-admin/src/routes/-/admin/+page.svelte
new file mode 100644
index 00000000000..ba4dbfb05a6
--- /dev/null
+++ b/web-admin/src/routes/-/admin/+page.svelte
@@ -0,0 +1,56 @@
+<!-- web-admin/src/routes/-/admin/+page.svelte -->
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+</script>
+
+<AdminPageHeader
+  title="Admin Console"
+  description="Internal tools for managing users, billing, organizations, and more."
+/>
+
+<div class="quick-actions">
+  <a href="/-/admin/users" class="action-card">
+    <span class="action-title">Users</span>
+    <span class="action-desc">Search, lookup, and manage user accounts</span>
+  </a>
+  <a href="/-/admin/billing" class="action-card">
+    <span class="action-title">Billing</span>
+    <span class="action-desc">Extend trials, repair billing, manage subscriptions</span>
+  </a>
+  <a href="/-/admin/organizations" class="action-card">
+    <span class="action-title">Organizations</span>
+    <span class="action-desc">Lookup orgs, set custom domains, manage plans</span>
+  </a>
+  <a href="/-/admin/projects" class="action-card">
+    <span class="action-title">Projects</span>
+    <span class="action-desc">Search projects, edit settings, hibernate or reset</span>
+  </a>
+  <a href="/-/admin/quotas" class="action-card">
+    <span class="action-title">Quotas</span>
+    <span class="action-desc">View and adjust organization and user quotas</span>
+  </a>
+  <a href="/-/admin/superusers" class="action-card">
+    <span class="action-title">Superusers</span>
+    <span class="action-desc">Manage superuser access</span>
+  </a>
+</div>
+
+<style lang="postcss">
+  .quick-actions {
+    @apply grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-4;
+  }
+
+  .action-card {
+    @apply block p-4 rounded-lg border border-slate-200 dark:border-slate-700
+      hover:border-blue-300 dark:hover:border-blue-600
+      hover:shadow-sm transition-all;
+  }
+
+  .action-title {
+    @apply block text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1;
+  }
+
+  .action-desc {
+    @apply block text-xs text-slate-500 dark:text-slate-400;
+  }
+</style>

From 29a291557ce7402e0a9d256a988d3710aa760d7d Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:23:50 -0700
Subject: [PATCH 08/35] feat(admin-console): add user management API selectors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/features/admin/users/selectors.ts     | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 web-admin/src/features/admin/users/selectors.ts

diff --git a/web-admin/src/features/admin/users/selectors.ts b/web-admin/src/features/admin/users/selectors.ts
new file mode 100644
index 00000000000..859f37dbc4a
--- /dev/null
+++ b/web-admin/src/features/admin/users/selectors.ts
@@ -0,0 +1,26 @@
+// web-admin/src/features/admin/users/selectors.ts
+import {
+  createAdminServiceSearchUsers,
+  createAdminServiceIssueRepresentativeAuthToken,
+  createAdminServiceRevokeRepresentativeAuthTokens,
+  createAdminServiceDeleteUser,
+} from "@rilldata/web-admin/client";
+
+export function searchUsers(emailQuery: string) {
+  return createAdminServiceSearchUsers(
+    { emailQuery },
+    { query: { enabled: emailQuery.length >= 2 } },
+  );
+}
+
+export function createAssumeUserMutation() {
+  return createAdminServiceIssueRepresentativeAuthToken();
+}
+
+export function createUnassumeUserMutation() {
+  return createAdminServiceRevokeRepresentativeAuthTokens();
+}
+
+export function createDeleteUserMutation() {
+  return createAdminServiceDeleteUser();
+}

From 14647e122fd9a232118c926f47cf2d99822d0b94 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:23:59 -0700
Subject: [PATCH 09/35] feat(admin-console): add billing management API
 selectors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/features/admin/billing/selectors.ts   | 32 +++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 web-admin/src/features/admin/billing/selectors.ts

diff --git a/web-admin/src/features/admin/billing/selectors.ts b/web-admin/src/features/admin/billing/selectors.ts
new file mode 100644
index 00000000000..62f9aba8c44
--- /dev/null
+++ b/web-admin/src/features/admin/billing/selectors.ts
@@ -0,0 +1,32 @@
+// web-admin/src/features/admin/billing/selectors.ts
+import {
+  createAdminServiceSudoExtendTrial,
+  createAdminServiceSudoTriggerBillingRepair,
+  createAdminServiceSudoDeleteOrganizationBillingIssue,
+  createAdminServiceSudoUpdateOrganizationBillingCustomer,
+  createAdminServiceListOrganizationBillingIssues,
+} from "@rilldata/web-admin/client";
+
+export function createExtendTrialMutation() {
+  return createAdminServiceSudoExtendTrial();
+}
+
+export function createBillingRepairMutation() {
+  return createAdminServiceSudoTriggerBillingRepair();
+}
+
+export function createDeleteBillingIssueMutation() {
+  return createAdminServiceSudoDeleteOrganizationBillingIssue();
+}
+
+export function createSetBillingCustomerMutation() {
+  return createAdminServiceSudoUpdateOrganizationBillingCustomer();
+}
+
+export function getBillingIssues(org: string) {
+  return createAdminServiceListOrganizationBillingIssues(
+    org,
+    { superuserForceAccess: true },
+    { query: { enabled: org.length > 0 } },
+  );
+}

From f502d41716e3b6ed85842a4a86c598d6701ec5ff Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:24:48 -0700
Subject: [PATCH 10/35] feat(admin-console): add user management page with
 search, assume, and delete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/routes/-/admin/users/+page.svelte     | 184 ++++++++++++++++++
 1 file changed, 184 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/users/+page.svelte

diff --git a/web-admin/src/routes/-/admin/users/+page.svelte b/web-admin/src/routes/-/admin/users/+page.svelte
new file mode 100644
index 00000000000..75e4d6b9613
--- /dev/null
+++ b/web-admin/src/routes/-/admin/users/+page.svelte
@@ -0,0 +1,184 @@
+<!-- web-admin/src/routes/-/admin/users/+page.svelte -->
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import {
+    searchUsers,
+    createAssumeUserMutation,
+    createDeleteUserMutation,
+  } from "@rilldata/web-admin/features/admin/users/selectors";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let searchQuery = "";
+  let bannerRef: ActionResultBanner;
+  let confirmOpen = false;
+  let confirmTitle = "";
+  let confirmDescription = "";
+  let confirmDestructive = false;
+  let confirmAction: () => Promise<void> = async () => {};
+
+  const queryClient = useQueryClient();
+  const assumeUser = createAssumeUserMutation();
+  const deleteUser = createDeleteUserMutation();
+
+  $: usersQuery = searchUsers(searchQuery);
+
+  function handleSearch(e: CustomEvent<string>) {
+    searchQuery = e.detail;
+  }
+
+  function handleAssume(email: string) {
+    confirmTitle = "Assume User Identity";
+    confirmDescription = `You will browse Rill Cloud as ${email}. Use "Unassume" to return to your own identity.`;
+    confirmDestructive = false;
+    confirmAction = async () => {
+      try {
+        await $assumeUser.mutateAsync({ data: { email } });
+        bannerRef.show("success", `Now browsing as ${email}`);
+      } catch (err) {
+        bannerRef.show("error", `Failed to assume user: ${err}`);
+      }
+    };
+    confirmOpen = true;
+  }
+
+  function handleDelete(email: string) {
+    confirmTitle = "Delete User";
+    confirmDescription = `This will permanently delete the user ${email}. This action cannot be undone.`;
+    confirmDestructive = true;
+    confirmAction = async () => {
+      try {
+        await $deleteUser.mutateAsync({
+          email,
+          superuserForceAccess: true,
+        });
+        bannerRef.show("success", `User ${email} deleted`);
+        await queryClient.invalidateQueries({
+          predicate: (q) => q.queryKey[0] === "/v1/users/search",
+        });
+      } catch (err) {
+        bannerRef.show("error", `Failed to delete user: ${err}`);
+      }
+    };
+    confirmOpen = true;
+  }
+
+  async function handleOpenAsUser(email: string) {
+    // Assume the user's identity first, then open the main page
+    try {
+      await $assumeUser.mutateAsync({ data: { email } });
+      window.open("/", "_blank");
+      bannerRef.show("success", `Opened as ${email} in a new tab. Remember to unassume when done.`);
+    } catch (err) {
+      bannerRef.show("error", `Failed to assume user: ${err}`);
+    }
+  }
+</script>
+
+<AdminPageHeader
+  title="Users"
+  description="Search for users by email, assume their identity for debugging, or manage their accounts."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="mb-4 max-w-md">
+  <SearchInput
+    placeholder="Search by email (min 2 characters)..."
+    on:search={handleSearch}
+  />
+</div>
+
+{#if $usersQuery.isLoading && searchQuery.length >= 2}
+  <p class="text-sm text-slate-500">Searching...</p>
+{:else if $usersQuery.data?.users?.length}
+  <div class="results-table">
+    <table class="w-full">
+      <thead>
+        <tr>
+          <th>Email</th>
+          <th>Display Name</th>
+          <th>Created</th>
+          <th>Actions</th>
+        </tr>
+      </thead>
+      <tbody>
+        {#each $usersQuery.data.users as user}
+          <tr>
+            <td class="font-mono text-xs">{user.email}</td>
+            <td>{user.displayName ?? "-"}</td>
+            <td class="text-xs text-slate-500">
+              {user.createdOn
+                ? new Date(user.createdOn).toLocaleDateString()
+                : "-"}
+            </td>
+            <td>
+              <div class="flex gap-2">
+                <button
+                  class="action-btn"
+                  on:click={() => handleAssume(user.email ?? "")}
+                >
+                  Assume
+                </button>
+                <button
+                  class="action-btn"
+                  on:click={() => handleOpenAsUser(user.email ?? "")}
+                >
+                  Open as User
+                </button>
+                <button
+                  class="action-btn destructive"
+                  on:click={() => handleDelete(user.email ?? "")}
+                >
+                  Delete
+                </button>
+              </div>
+            </td>
+          </tr>
+        {/each}
+      </tbody>
+    </table>
+  </div>
+{:else if searchQuery.length >= 2 && $usersQuery.isSuccess}
+  <p class="text-sm text-slate-500">No users found for "{searchQuery}"</p>
+{/if}
+
+<ConfirmDialog
+  bind:open={confirmOpen}
+  title={confirmTitle}
+  description={confirmDescription}
+  destructive={confirmDestructive}
+  onConfirm={confirmAction}
+/>
+
+<style lang="postcss">
+  table {
+    @apply border-collapse;
+  }
+
+  th {
+    @apply text-left text-xs font-medium text-slate-500 dark:text-slate-400
+      uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700;
+  }
+
+  td {
+    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
+      border-b border-slate-100 dark:border-slate-800;
+  }
+
+  tr:hover td {
+    @apply bg-slate-50 dark:bg-slate-800/50;
+  }
+
+  .action-btn {
+    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
+      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
+  }
+
+  .action-btn.destructive {
+    @apply border-red-300 text-red-600 hover:bg-red-50
+      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
+  }
+</style>

From ccd69055bf8d10d4c46ba83c48ab9f70b20702b7 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:25:10 -0700
Subject: [PATCH 11/35] feat(admin-console): add billing management page with
 trial extension, repair, and issue management

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/routes/-/admin/billing/+page.svelte   | 264 ++++++++++++++++++
 1 file changed, 264 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/billing/+page.svelte

diff --git a/web-admin/src/routes/-/admin/billing/+page.svelte b/web-admin/src/routes/-/admin/billing/+page.svelte
new file mode 100644
index 00000000000..254c6fa746a
--- /dev/null
+++ b/web-admin/src/routes/-/admin/billing/+page.svelte
@@ -0,0 +1,264 @@
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import {
+    createExtendTrialMutation,
+    createBillingRepairMutation,
+    createDeleteBillingIssueMutation,
+    createSetBillingCustomerMutation,
+    getBillingIssues,
+  } from "@rilldata/web-admin/features/admin/billing/selectors";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let bannerRef: ActionResultBanner;
+  let confirmOpen = false;
+  let confirmTitle = "";
+  let confirmDescription = "";
+  let confirmAction: () => Promise<void> = async () => {};
+
+  // Form state
+  let trialOrg = "";
+  let trialDays = 14;
+  let repairOrg = "";
+  let customerIdOrg = "";
+  let customerId = "";
+  let issuesOrg = "";
+
+  const queryClient = useQueryClient();
+  const extendTrial = createExtendTrialMutation();
+  const billingRepair = createBillingRepairMutation();
+  const deleteBillingIssue = createDeleteBillingIssueMutation();
+  const setCustomer = createSetBillingCustomerMutation();
+
+  $: billingIssuesQuery = getBillingIssues(issuesOrg);
+
+  async function handleExtendTrial() {
+    if (!trialOrg) return;
+    try {
+      await $extendTrial.mutateAsync({
+        data: { org: trialOrg, days: trialDays },
+      });
+      bannerRef.show("success", `Trial extended by ${trialDays} days for ${trialOrg}`);
+      trialOrg = "";
+    } catch (err) {
+      bannerRef.show("error", `Failed to extend trial: ${err}`);
+    }
+  }
+
+  async function handleBillingRepair() {
+    if (!repairOrg) return;
+    confirmTitle = "Trigger Billing Repair";
+    confirmDescription = `This will trigger a billing repair for organization "${repairOrg}". This recalculates billing state.`;
+    confirmAction = async () => {
+      try {
+        await $billingRepair.mutateAsync({ data: { org: repairOrg } });
+        bannerRef.show("success", `Billing repair triggered for ${repairOrg}`);
+        repairOrg = "";
+      } catch (err) {
+        bannerRef.show("error", `Failed to trigger billing repair: ${err}`);
+      }
+    };
+    confirmOpen = true;
+  }
+
+  async function handleSetCustomerId() {
+    if (!customerIdOrg || !customerId) return;
+    try {
+      await $setCustomer.mutateAsync({
+        data: { org: customerIdOrg, billingCustomerId: customerId },
+      });
+      bannerRef.show("success", `Billing customer ID set for ${customerIdOrg}`);
+      customerIdOrg = "";
+      customerId = "";
+    } catch (err) {
+      bannerRef.show("error", `Failed to set billing customer ID: ${err}`);
+    }
+  }
+
+  async function handleDeleteIssue(org: string, type: string) {
+    try {
+      await $deleteBillingIssue.mutateAsync({ org, type });
+      bannerRef.show("success", `Billing issue "${type}" deleted for ${org}`);
+      await queryClient.invalidateQueries();
+    } catch (err) {
+      bannerRef.show("error", `Failed to delete billing issue: ${err}`);
+    }
+  }
+</script>
+
+<AdminPageHeader
+  title="Billing"
+  description="Extend trials, repair billing state, manage billing customer IDs, and resolve billing issues."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="sections">
+  <!-- Extend Trial -->
+  <section class="card">
+    <h2 class="card-title">Extend Trial</h2>
+    <p class="card-desc">Add days to an organization's trial period.</p>
+    <div class="form-row">
+      <input
+        type="text"
+        class="input"
+        placeholder="Organization name"
+        bind:value={trialOrg}
+      />
+      <input
+        type="number"
+        class="input w-24"
+        min="1"
+        max="365"
+        bind:value={trialDays}
+      />
+      <button class="btn-primary" on:click={handleExtendTrial}>
+        Extend Trial
+      </button>
+    </div>
+  </section>
+
+  <!-- Set Billing Customer ID -->
+  <section class="card">
+    <h2 class="card-title">Set Billing Customer ID</h2>
+    <p class="card-desc">Associate a Stripe customer ID with an organization.</p>
+    <div class="form-row">
+      <input
+        type="text"
+        class="input"
+        placeholder="Organization name"
+        bind:value={customerIdOrg}
+      />
+      <input
+        type="text"
+        class="input"
+        placeholder="Stripe customer ID (cus_...)"
+        bind:value={customerId}
+      />
+      <button class="btn-primary" on:click={handleSetCustomerId}>
+        Set Customer ID
+      </button>
+    </div>
+  </section>
+
+  <!-- Billing Repair -->
+  <section class="card">
+    <h2 class="card-title">Billing Repair</h2>
+    <p class="card-desc">Trigger a billing state recalculation for an organization.</p>
+    <div class="form-row">
+      <input
+        type="text"
+        class="input"
+        placeholder="Organization name"
+        bind:value={repairOrg}
+      />
+      <button class="btn-primary" on:click={handleBillingRepair}>
+        Trigger Repair
+      </button>
+    </div>
+  </section>
+
+  <!-- Billing Issues -->
+  <section class="card">
+    <h2 class="card-title">Billing Issues</h2>
+    <p class="card-desc">View and resolve billing issues for an organization.</p>
+    <div class="form-row mb-4">
+      <input
+        type="text"
+        class="input"
+        placeholder="Organization name"
+        bind:value={issuesOrg}
+      />
+    </div>
+    {#if $billingIssuesQuery.data?.issues?.length}
+      <div class="issues-list">
+        {#each $billingIssuesQuery.data.issues as issue}
+          <div class="issue-row">
+            <div>
+              <span class="issue-type">{issue.type}</span>
+              <span class="issue-meta">{issue.metadata ?? ""}</span>
+            </div>
+            <button
+              class="action-btn destructive"
+              on:click={() => handleDeleteIssue(issuesOrg, issue.type ?? "")}
+            >
+              Delete Issue
+            </button>
+          </div>
+        {/each}
+      </div>
+    {:else if issuesOrg && $billingIssuesQuery.isSuccess}
+      <p class="text-sm text-slate-500">No billing issues found.</p>
+    {/if}
+  </section>
+</div>
+
+<ConfirmDialog
+  bind:open={confirmOpen}
+  title={confirmTitle}
+  description={confirmDescription}
+  onConfirm={confirmAction}
+/>
+
+<style lang="postcss">
+  .sections {
+    @apply flex flex-col gap-6;
+  }
+
+  .card {
+    @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700;
+  }
+
+  .card-title {
+    @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1;
+  }
+
+  .card-desc {
+    @apply text-xs text-slate-500 dark:text-slate-400 mb-4;
+  }
+
+  .form-row {
+    @apply flex gap-3 items-center flex-wrap;
+  }
+
+  .input {
+    @apply px-3 py-2 text-sm rounded-md border border-slate-300
+      dark:border-slate-600 bg-white dark:bg-slate-800
+      text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 dark:placeholder:text-slate-500
+      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
+  }
+
+  .btn-primary {
+    @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white
+      hover:bg-blue-700 whitespace-nowrap;
+  }
+
+  .issues-list {
+    @apply flex flex-col gap-2;
+  }
+
+  .issue-row {
+    @apply flex items-center justify-between px-3 py-2 rounded
+      bg-slate-50 dark:bg-slate-800;
+  }
+
+  .issue-type {
+    @apply text-sm font-mono text-slate-700 dark:text-slate-300;
+  }
+
+  .issue-meta {
+    @apply text-xs text-slate-500 ml-2;
+  }
+
+  .action-btn {
+    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
+      text-slate-600 dark:text-slate-300;
+  }
+
+  .action-btn.destructive {
+    @apply border-red-300 text-red-600 hover:bg-red-50
+      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
+  }
+</style>

From efff27cdc48be10c1901a52cbd37299fea92d5d3 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:26:27 -0700
Subject: [PATCH 12/35] feat(admin-console): add admin link in top nav for
 superusers

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../features/organizations/OrgHeader.svelte   | 22 ++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/web-admin/src/features/organizations/OrgHeader.svelte b/web-admin/src/features/organizations/OrgHeader.svelte
index 31502a53960..5507aaa0228 100644
--- a/web-admin/src/features/organizations/OrgHeader.svelte
+++ b/web-admin/src/features/organizations/OrgHeader.svelte
@@ -3,7 +3,10 @@
   import Breadcrumbs from "@rilldata/web-common/components/navigation/breadcrumbs/Breadcrumbs.svelte";
   import Header from "@rilldata/web-common/layout/header/Header.svelte";
   import HeaderLogo from "@rilldata/web-common/layout/header/HeaderLogo.svelte";
-  import { createAdminServiceGetCurrentUser } from "../../client";
+  import {
+    createAdminServiceGetCurrentUser,
+    createAdminServiceListSuperusers,
+  } from "../../client";
   import {
     useBreadcrumbOrgPaths,
     useBreadcrumbProjectPaths,
@@ -27,6 +30,15 @@
   $: loggedIn = !!$user.data?.user;
   $: rillLogoHref = !loggedIn ? "https://www.rilldata.com" : "/";
 
+  // Check if the current user is a superuser; the ListSuperusers call returns 403 for non-superusers
+  const superusers = createAdminServiceListSuperusers();
+  $: isSuperuser =
+    $superusers.isSuccess &&
+    !!$user.data?.user?.email &&
+    ($superusers.data?.users ?? []).some(
+      (su) => su.email === $user.data?.user?.email,
+    );
+
   $: orgPathsQuery = useBreadcrumbOrgPaths(
     loggedIn,
     organization,
@@ -48,6 +60,14 @@
   {/if}
 
   <div class="flex gap-x-2 items-center ml-auto">
+    {#if isSuperuser}
+      <a
+        href="/-/admin"
+        class="text-xs font-medium text-gray-500 hover:text-gray-700"
+      >
+        Admin
+      </a>
+    {/if}
     {#if $user.isSuccess}
       {#if $user.data?.user}
         <AvatarButton />

From 55affa1e18aa4101b5ea2f1f45dd0037b3db544d Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:27:11 -0700
Subject: [PATCH 13/35] feat(admin-console): add quota management selectors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/features/admin/quotas/selectors.ts    | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 web-admin/src/features/admin/quotas/selectors.ts

diff --git a/web-admin/src/features/admin/quotas/selectors.ts b/web-admin/src/features/admin/quotas/selectors.ts
new file mode 100644
index 00000000000..6968d035c55
--- /dev/null
+++ b/web-admin/src/features/admin/quotas/selectors.ts
@@ -0,0 +1,22 @@
+// web-admin/src/features/admin/quotas/selectors.ts
+import {
+  createAdminServiceGetOrganization,
+  createAdminServiceSudoUpdateOrganizationQuotas,
+  createAdminServiceSudoUpdateUserQuotas,
+} from "@rilldata/web-admin/client";
+
+export function getOrgForQuotas(org: string) {
+  return createAdminServiceGetOrganization(
+    org,
+    { superuserForceAccess: true },
+    { query: { enabled: org.length > 0 } },
+  );
+}
+
+export function createUpdateOrgQuotasMutation() {
+  return createAdminServiceSudoUpdateOrganizationQuotas();
+}
+
+export function createUpdateUserQuotasMutation() {
+  return createAdminServiceSudoUpdateUserQuotas();
+}

From 722369888743f43244d1ad31ad5fc1167876eac6 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:27:17 -0700
Subject: [PATCH 14/35] feat(admin-console): add organization management
 selectors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../features/admin/organizations/selectors.ts | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 web-admin/src/features/admin/organizations/selectors.ts

diff --git a/web-admin/src/features/admin/organizations/selectors.ts b/web-admin/src/features/admin/organizations/selectors.ts
new file mode 100644
index 00000000000..1cb48e23402
--- /dev/null
+++ b/web-admin/src/features/admin/organizations/selectors.ts
@@ -0,0 +1,31 @@
+// web-admin/src/features/admin/organizations/selectors.ts
+import {
+  createAdminServiceGetOrganization,
+  createAdminServiceSudoUpdateOrganizationCustomDomain,
+  createAdminServiceListOrganizationMemberUsers,
+  createAdminServiceAddOrganizationMemberUser,
+} from "@rilldata/web-admin/client";
+
+export function getOrganization(org: string) {
+  return createAdminServiceGetOrganization(
+    org,
+    { superuserForceAccess: true },
+    { query: { enabled: org.length > 0 } },
+  );
+}
+
+export function getOrgAdmins(org: string) {
+  return createAdminServiceListOrganizationMemberUsers(
+    org,
+    { superuserForceAccess: true },
+    { query: { enabled: org.length > 0 } },
+  );
+}
+
+export function createSetCustomDomainMutation() {
+  return createAdminServiceSudoUpdateOrganizationCustomDomain();
+}
+
+export function createJoinOrgMutation() {
+  return createAdminServiceAddOrganizationMemberUser();
+}

From 5b7a4198a1449cc3a5a6c744c94bddec2e161be3 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:28:11 -0700
Subject: [PATCH 15/35] feat(admin-console): add quota management page with
 editable fields

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../routes/-/admin/organizations/+page.svelte | 165 ++++++++++++++++
 .../src/routes/-/admin/quotas/+page.svelte    | 184 ++++++++++++++++++
 2 files changed, 349 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/organizations/+page.svelte
 create mode 100644 web-admin/src/routes/-/admin/quotas/+page.svelte

diff --git a/web-admin/src/routes/-/admin/organizations/+page.svelte b/web-admin/src/routes/-/admin/organizations/+page.svelte
new file mode 100644
index 00000000000..8a14eb4d4b3
--- /dev/null
+++ b/web-admin/src/routes/-/admin/organizations/+page.svelte
@@ -0,0 +1,165 @@
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import {
+    getOrganization,
+    getOrgAdmins,
+    createSetCustomDomainMutation,
+    createJoinOrgMutation,
+  } from "@rilldata/web-admin/features/admin/organizations/selectors";
+
+  let bannerRef: ActionResultBanner;
+  let orgName = "";
+  let lookupOrg = "";
+  let customDomainOrg = "";
+  let customDomain = "";
+  let joinOrg = "";
+  let joinEmail = "";
+  let joinRole = "admin";
+
+  const setCustomDomain = createSetCustomDomainMutation();
+  const joinOrgMutation = createJoinOrgMutation();
+
+  $: orgQuery = getOrganization(lookupOrg);
+  $: adminsQuery = getOrgAdmins(lookupOrg);
+
+  function handleLookup() {
+    lookupOrg = orgName;
+  }
+
+  async function handleSetCustomDomain() {
+    if (!customDomainOrg || !customDomain) return;
+    try {
+      await $setCustomDomain.mutateAsync({
+        data: { name: customDomainOrg, customDomain },
+      });
+      bannerRef.show("success", `Custom domain set for ${customDomainOrg}`);
+    } catch (err) {
+      bannerRef.show("error", `Failed: ${err}`);
+    }
+  }
+
+  async function handleJoinOrg() {
+    if (!joinOrg || !joinEmail) return;
+    try {
+      await $joinOrgMutation.mutateAsync({
+        org: joinOrg,
+        data: { email: joinEmail, role: joinRole, superuserForceAccess: true },
+      });
+      bannerRef.show("success", `${joinEmail} added to ${joinOrg} as ${joinRole}`);
+    } catch (err) {
+      bannerRef.show("error", `Failed: ${err}`);
+    }
+  }
+</script>
+
+<AdminPageHeader
+  title="Organizations"
+  description="Lookup organizations, view their details, set custom domains, and add users."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="sections">
+  <!-- Org Lookup -->
+  <section class="card">
+    <h2 class="card-title">Organization Lookup</h2>
+    <div class="form-row mb-4">
+      <input
+        type="text"
+        class="input"
+        placeholder="Organization name"
+        bind:value={orgName}
+        on:keydown={(e) => e.key === "Enter" && handleLookup()}
+      />
+      <button class="btn-primary" on:click={handleLookup}>Lookup</button>
+    </div>
+
+    {#if $orgQuery.data?.organization}
+      {@const org = $orgQuery.data.organization}
+      <div class="detail-grid">
+        <div class="detail-item">
+          <span class="detail-label">ID</span>
+          <span class="detail-value font-mono">{org.id}</span>
+        </div>
+        <div class="detail-item">
+          <span class="detail-label">Name</span>
+          <span class="detail-value">{org.name}</span>
+        </div>
+        <div class="detail-item">
+          <span class="detail-label">Description</span>
+          <span class="detail-value">{org.description ?? "-"}</span>
+        </div>
+        <div class="detail-item">
+          <span class="detail-label">Billing Plan</span>
+          <span class="detail-value">{org.billingPlanDisplayName ?? "-"}</span>
+        </div>
+        <div class="detail-item">
+          <span class="detail-label">Custom Domain</span>
+          <span class="detail-value">{org.customDomain ?? "None"}</span>
+        </div>
+        <div class="detail-item">
+          <span class="detail-label">Created</span>
+          <span class="detail-value">
+            {org.createdOn ? new Date(org.createdOn).toLocaleDateString() : "-"}
+          </span>
+        </div>
+      </div>
+
+      {#if $adminsQuery.data?.members?.length}
+        <h3 class="mt-4 text-xs font-semibold text-slate-500 uppercase">Members</h3>
+        <div class="mt-2">
+          {#each $adminsQuery.data.members as member}
+            <div class="member-row">
+              <span class="text-sm">{member.userEmail}</span>
+              <span class="text-xs text-slate-500">{member.roleName}</span>
+            </div>
+          {/each}
+        </div>
+      {/if}
+    {/if}
+  </section>
+
+  <!-- Set Custom Domain -->
+  <section class="card">
+    <h2 class="card-title">Set Custom Domain</h2>
+    <div class="form-row">
+      <input type="text" class="input" placeholder="Organization name" bind:value={customDomainOrg} />
+      <input type="text" class="input" placeholder="Custom domain (e.g. analytics.acme.com)" bind:value={customDomain} />
+      <button class="btn-primary" on:click={handleSetCustomDomain}>Set Domain</button>
+    </div>
+  </section>
+
+  <!-- Join Organization -->
+  <section class="card">
+    <h2 class="card-title">Add User to Organization</h2>
+    <div class="form-row">
+      <input type="text" class="input" placeholder="Organization name" bind:value={joinOrg} />
+      <input type="email" class="input" placeholder="User email" bind:value={joinEmail} />
+      <select class="input" bind:value={joinRole}>
+        <option value="admin">Admin</option>
+        <option value="editor">Editor</option>
+        <option value="viewer">Viewer</option>
+      </select>
+      <button class="btn-primary" on:click={handleJoinOrg}>Add User</button>
+    </div>
+  </section>
+</div>
+
+<style lang="postcss">
+  .sections { @apply flex flex-col gap-6; }
+  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
+  .card-title { @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3; }
+  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .input {
+    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
+      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
+  }
+  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
+  .detail-grid { @apply grid grid-cols-2 lg:grid-cols-3 gap-3; }
+  .detail-item { @apply flex flex-col; }
+  .detail-label { @apply text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider; }
+  .detail-value { @apply text-sm text-slate-900 dark:text-slate-100; }
+  .member-row { @apply flex justify-between items-center px-3 py-1.5 rounded bg-slate-50 dark:bg-slate-800 mb-1; }
+</style>
diff --git a/web-admin/src/routes/-/admin/quotas/+page.svelte b/web-admin/src/routes/-/admin/quotas/+page.svelte
new file mode 100644
index 00000000000..e187e989006
--- /dev/null
+++ b/web-admin/src/routes/-/admin/quotas/+page.svelte
@@ -0,0 +1,184 @@
+<!-- web-admin/src/routes/-/admin/quotas/+page.svelte -->
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import {
+    getOrgForQuotas,
+    createUpdateOrgQuotasMutation,
+    createUpdateUserQuotasMutation,
+  } from "@rilldata/web-admin/features/admin/quotas/selectors";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let bannerRef: ActionResultBanner;
+  let quotaType: "org" | "user" = "org";
+  let lookupValue = "";
+  let activeOrg = "";
+  let activeUser = "";
+  let lookupDone = false;
+
+  const queryClient = useQueryClient();
+  const updateOrgQuotas = createUpdateOrgQuotasMutation();
+  const updateUserQuotas = createUpdateUserQuotasMutation();
+
+  // Quota fields for editing (org quotas)
+  let projects = "";
+  let deployments = "";
+  let slotsTotal = "";
+  let slotsPerDeployment = "";
+  let outstandingInvites = "";
+  let storageLimitBytes = "";
+
+  // Quota fields for editing (user quotas)
+  let singleuserOrgs = "";
+
+  $: orgQuery = getOrgForQuotas(activeOrg);
+
+  function handleLookup() {
+    lookupDone = true;
+    if (quotaType === "org") {
+      activeOrg = lookupValue;
+      activeUser = "";
+    } else {
+      activeUser = lookupValue;
+      activeOrg = "";
+    }
+  }
+
+  // Populate fields when org data loads
+  $: if ($orgQuery.data?.organization?.quotas) {
+    const q = $orgQuery.data.organization.quotas;
+    projects = q.projects ?? "";
+    deployments = q.deployments ?? "";
+    slotsTotal = q.slotsTotal ?? "";
+    slotsPerDeployment = q.slotsPerDeployment ?? "";
+    outstandingInvites = q.outstandingInvites ?? "";
+    storageLimitBytes = q.storageLimitBytesPerDeployment ?? "";
+  }
+
+  async function handleSaveQuotas() {
+    try {
+      if (quotaType === "org") {
+        await $updateOrgQuotas.mutateAsync({
+          data: {
+            org: activeOrg,
+            projects: projects ? Number(projects) : undefined,
+            deployments: deployments ? Number(deployments) : undefined,
+            slotsTotal: slotsTotal ? Number(slotsTotal) : undefined,
+            slotsPerDeployment: slotsPerDeployment ? Number(slotsPerDeployment) : undefined,
+            outstandingInvites: outstandingInvites ? Number(outstandingInvites) : undefined,
+            storageLimitBytesPerDeployment: storageLimitBytes ? storageLimitBytes : undefined,
+          },
+        });
+        bannerRef.show("success", `Quotas updated for org: ${activeOrg}`);
+      } else {
+        await $updateUserQuotas.mutateAsync({
+          data: {
+            email: activeUser,
+            singleuserOrgs: singleuserOrgs ? Number(singleuserOrgs) : undefined,
+          },
+        });
+        bannerRef.show("success", `Quotas updated for user: ${activeUser}`);
+      }
+      await queryClient.invalidateQueries({
+        predicate: (q) =>
+          (q.queryKey[0] as string)?.includes("/v1/superuser/quotas") ||
+          (q.queryKey[0] as string)?.includes("/v1/organizations"),
+      });
+    } catch (err) {
+      bannerRef.show("error", `Failed to update quotas: ${err}`);
+    }
+  }
+</script>
+
+<AdminPageHeader
+  title="Quotas"
+  description="View and adjust resource quotas for organizations and users."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="sections">
+  <section class="card">
+    <div class="flex gap-4 mb-4">
+      <label class="flex items-center gap-2 text-sm">
+        <input type="radio" value="org" bind:group={quotaType} />
+        Organization
+      </label>
+      <label class="flex items-center gap-2 text-sm">
+        <input type="radio" value="user" bind:group={quotaType} />
+        User
+      </label>
+    </div>
+
+    <div class="form-row mb-4">
+      <input
+        type="text"
+        class="input"
+        placeholder={quotaType === "org" ? "Organization name" : "User email"}
+        bind:value={lookupValue}
+        on:keydown={(e) => e.key === "Enter" && handleLookup()}
+      />
+      <button class="btn-primary" on:click={handleLookup}>Lookup</button>
+    </div>
+
+    {#if quotaType === "org" && activeOrg && $orgQuery.data?.organization}
+      <div class="quota-grid">
+        <div class="quota-field">
+          <label class="quota-label" for="projects">Projects</label>
+          <input id="projects" type="number" class="input" bind:value={projects} />
+        </div>
+        <div class="quota-field">
+          <label class="quota-label" for="deployments">Deployments</label>
+          <input id="deployments" type="number" class="input" bind:value={deployments} />
+        </div>
+        <div class="quota-field">
+          <label class="quota-label" for="slotsTotal">Total Slots</label>
+          <input id="slotsTotal" type="number" class="input" bind:value={slotsTotal} />
+        </div>
+        <div class="quota-field">
+          <label class="quota-label" for="slotsPerDeployment">Slots per Deployment</label>
+          <input id="slotsPerDeployment" type="number" class="input" bind:value={slotsPerDeployment} />
+        </div>
+        <div class="quota-field">
+          <label class="quota-label" for="outstandingInvites">Outstanding Invites</label>
+          <input id="outstandingInvites" type="number" class="input" bind:value={outstandingInvites} />
+        </div>
+        <div class="quota-field">
+          <label class="quota-label" for="storageLimitBytes">Storage Limit (bytes)</label>
+          <input id="storageLimitBytes" type="text" class="input" bind:value={storageLimitBytes} />
+        </div>
+      </div>
+
+      <div class="mt-4">
+        <button class="btn-primary" on:click={handleSaveQuotas}>Save Quotas</button>
+      </div>
+    {:else if quotaType === "user" && activeUser && lookupDone}
+      <div class="quota-grid">
+        <div class="quota-field">
+          <label class="quota-label" for="singleuserOrgs">Single-user Orgs Limit</label>
+          <input id="singleuserOrgs" type="number" class="input" bind:value={singleuserOrgs} />
+        </div>
+      </div>
+      <p class="text-xs text-slate-500 mt-2">User quotas are limited to the single-user orgs field. Other quotas are managed at the org level.</p>
+
+      <div class="mt-4">
+        <button class="btn-primary" on:click={handleSaveQuotas}>Save Quotas</button>
+      </div>
+    {/if}
+  </section>
+</div>
+
+<style lang="postcss">
+  .sections { @apply flex flex-col gap-6; }
+  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
+  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .input {
+    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
+      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
+  }
+  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
+  .quota-grid { @apply grid grid-cols-2 lg:grid-cols-3 gap-4; }
+  .quota-field { @apply flex flex-col gap-1; }
+  .quota-label { @apply text-xs font-medium text-slate-500 dark:text-slate-400; }
+</style>

From 61f2da305752d095a2f6728e4d7c27e043cc7fb5 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:31:22 -0700
Subject: [PATCH 16/35] feat(admin-console): add project management selectors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/features/admin/projects/selectors.ts  | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 web-admin/src/features/admin/projects/selectors.ts

diff --git a/web-admin/src/features/admin/projects/selectors.ts b/web-admin/src/features/admin/projects/selectors.ts
new file mode 100644
index 00000000000..9f7b8121d07
--- /dev/null
+++ b/web-admin/src/features/admin/projects/selectors.ts
@@ -0,0 +1,31 @@
+// web-admin/src/features/admin/projects/selectors.ts
+import {
+  createAdminServiceSearchProjectNames,
+  createAdminServiceGetProject,
+  createAdminServiceUpdateProject,
+  createAdminServiceRedeployProject,
+  createAdminServiceHibernateProject,
+} from "@rilldata/web-admin/client";
+
+export function searchProjects(namePattern: string) {
+  return createAdminServiceSearchProjectNames(
+    { namePattern, pageSize: 50 },
+    { query: { enabled: namePattern.length >= 2 } },
+  );
+}
+
+export function getProject(org: string, project: string) {
+  return createAdminServiceGetProject(org, project);
+}
+
+export function createUpdateProjectMutation() {
+  return createAdminServiceUpdateProject();
+}
+
+export function createRedeployProjectMutation() {
+  return createAdminServiceRedeployProject();
+}
+
+export function createHibernateProjectMutation() {
+  return createAdminServiceHibernateProject();
+}

From c92255fb6a2d516fa34e9f63bdcdc7fcb8f591fc Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:31:35 -0700
Subject: [PATCH 17/35] feat(admin-console): add domain whitelist management
 page

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/features/admin/whitelist/selectors.ts |  21 +++
 .../src/routes/-/admin/whitelist/+page.svelte | 131 ++++++++++++++++++
 2 files changed, 152 insertions(+)
 create mode 100644 web-admin/src/features/admin/whitelist/selectors.ts
 create mode 100644 web-admin/src/routes/-/admin/whitelist/+page.svelte

diff --git a/web-admin/src/features/admin/whitelist/selectors.ts b/web-admin/src/features/admin/whitelist/selectors.ts
new file mode 100644
index 00000000000..715c2c9248c
--- /dev/null
+++ b/web-admin/src/features/admin/whitelist/selectors.ts
@@ -0,0 +1,21 @@
+import {
+  createAdminServiceCreateWhitelistedDomain,
+  createAdminServiceRemoveWhitelistedDomain,
+  createAdminServiceListWhitelistedDomains,
+} from "@rilldata/web-admin/client";
+
+export function getWhitelistedDomains(org: string) {
+  return createAdminServiceListWhitelistedDomains(
+    org,
+    { superuserForceAccess: true },
+    { query: { enabled: org.length > 0 } },
+  );
+}
+
+export function createAddWhitelistMutation() {
+  return createAdminServiceCreateWhitelistedDomain();
+}
+
+export function createRemoveWhitelistMutation() {
+  return createAdminServiceRemoveWhitelistedDomain();
+}
diff --git a/web-admin/src/routes/-/admin/whitelist/+page.svelte b/web-admin/src/routes/-/admin/whitelist/+page.svelte
new file mode 100644
index 00000000000..7c463d61bd3
--- /dev/null
+++ b/web-admin/src/routes/-/admin/whitelist/+page.svelte
@@ -0,0 +1,131 @@
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import {
+    getWhitelistedDomains,
+    createAddWhitelistMutation,
+    createRemoveWhitelistMutation,
+  } from "@rilldata/web-admin/features/admin/whitelist/selectors";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let bannerRef: ActionResultBanner;
+  let org = "";
+  let activeOrg = "";
+  let newDomain = "";
+  let newRole = "viewer";
+  let confirmOpen = false;
+  let confirmTitle = "";
+  let confirmDescription = "";
+  let confirmAction: () => Promise<void> = async () => {};
+
+  const queryClient = useQueryClient();
+  const addWhitelist = createAddWhitelistMutation();
+  const removeWhitelist = createRemoveWhitelistMutation();
+
+  $: domainsQuery = getWhitelistedDomains(activeOrg);
+
+  function handleLookup() {
+    activeOrg = org;
+  }
+
+  async function handleAdd() {
+    if (!activeOrg || !newDomain) return;
+    try {
+      await $addWhitelist.mutateAsync({
+        org: activeOrg,
+        data: { domain: newDomain, role: newRole },
+      });
+      bannerRef.show("success", `Domain ${newDomain} whitelisted for ${activeOrg}`);
+      newDomain = "";
+      await queryClient.invalidateQueries();
+    } catch (err) {
+      bannerRef.show("error", `Failed: ${err}`);
+    }
+  }
+
+  function handleRemove(domain: string) {
+    confirmTitle = "Remove Whitelisted Domain";
+    confirmDescription = `Remove "${domain}" from the whitelist for ${activeOrg}?`;
+    confirmAction = async () => {
+      try {
+        await $removeWhitelist.mutateAsync({ org: activeOrg, domain });
+        bannerRef.show("success", `Domain ${domain} removed from whitelist`);
+        await queryClient.invalidateQueries();
+      } catch (err) {
+        bannerRef.show("error", `Failed: ${err}`);
+      }
+    };
+    confirmOpen = true;
+  }
+</script>
+
+<AdminPageHeader
+  title="Domain Whitelist"
+  description="Manage whitelisted email domains for organizations."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="sections">
+  <section class="card">
+    <div class="form-row mb-4">
+      <input type="text" class="input" placeholder="Organization name" bind:value={org}
+        on:keydown={(e) => e.key === "Enter" && handleLookup()} />
+      <button class="btn-primary" on:click={handleLookup}>Lookup</button>
+    </div>
+
+    {#if activeOrg}
+      <div class="form-row mb-4">
+        <input type="text" class="input" placeholder="Domain (e.g. acme.com)" bind:value={newDomain} />
+        <select class="input" bind:value={newRole}>
+          <option value="admin">Admin</option>
+          <option value="editor">Editor</option>
+          <option value="viewer">Viewer</option>
+        </select>
+        <button class="btn-primary" on:click={handleAdd}>Add Domain</button>
+      </div>
+
+      {#if $domainsQuery.data?.domains?.length}
+        <table class="w-full">
+          <thead>
+            <tr><th>Domain</th><th>Role</th><th>Actions</th></tr>
+          </thead>
+          <tbody>
+            {#each $domainsQuery.data.domains as d}
+              <tr>
+                <td class="font-mono text-xs">{d.domain}</td>
+                <td class="text-xs">{d.role}</td>
+                <td>
+                  <button class="action-btn destructive" on:click={() => handleRemove(d.domain ?? "")}>
+                    Remove
+                  </button>
+                </td>
+              </tr>
+            {/each}
+          </tbody>
+        </table>
+      {:else if $domainsQuery.isSuccess}
+        <p class="text-sm text-slate-500">No whitelisted domains.</p>
+      {/if}
+    {/if}
+  </section>
+</div>
+
+<ConfirmDialog bind:open={confirmOpen} title={confirmTitle} description={confirmDescription} onConfirm={confirmAction} />
+
+<style lang="postcss">
+  .sections { @apply flex flex-col gap-6; }
+  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
+  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .input {
+    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
+      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
+  }
+  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
+  th { @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700; }
+  td { @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800; }
+  .action-btn { @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300; }
+  .action-btn.destructive { @apply border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400; }
+</style>

From 2abf00e0554c261eb069c45e88aa439b6945567b Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:32:41 -0700
Subject: [PATCH 18/35] feat(admin-console): add project management page with
 search, hibernate, and redeploy

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/routes/-/admin/projects/+page.svelte  | 145 ++++++++++++++++++
 1 file changed, 145 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/projects/+page.svelte

diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
new file mode 100644
index 00000000000..4f1b9815a15
--- /dev/null
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -0,0 +1,145 @@
+<!-- web-admin/src/routes/-/admin/projects/+page.svelte -->
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
+  import {
+    searchProjects,
+    createRedeployProjectMutation,
+    createHibernateProjectMutation,
+  } from "@rilldata/web-admin/features/admin/projects/selectors";
+
+  let bannerRef: ActionResultBanner;
+  let searchQuery = "";
+  let confirmOpen = false;
+  let confirmTitle = "";
+  let confirmDescription = "";
+  let confirmDestructive = false;
+  let confirmAction: () => Promise<void> = async () => {};
+
+  const redeployProject = createRedeployProjectMutation();
+  const hibernateProject = createHibernateProjectMutation();
+
+  $: projectsQuery = searchProjects(searchQuery);
+
+  function handleSearch(e: CustomEvent<string>) {
+    searchQuery = e.detail;
+  }
+
+  function handleHibernate(name: string) {
+    const [org, project] = name.split("/");
+    confirmTitle = "Hibernate Project";
+    confirmDescription = `This will hibernate the deployment for ${name}. The project data will be preserved but the deployment will be stopped.`;
+    confirmDestructive = false;
+    confirmAction = async () => {
+      try {
+        await $hibernateProject.mutateAsync({ organization: org, project });
+        bannerRef.show("success", `Project ${name} hibernated`);
+      } catch (err) {
+        bannerRef.show("error", `Failed: ${err}`);
+      }
+    };
+    confirmOpen = true;
+  }
+
+  function handleRedeploy(name: string) {
+    const [org, project] = name.split("/");
+    confirmTitle = "Redeploy Project";
+    confirmDescription = `This will completely redeploy ${name}. This is a disruptive operation.`;
+    confirmDestructive = true;
+    confirmAction = async () => {
+      try {
+        await $redeployProject.mutateAsync({ organization: org, project });
+        bannerRef.show("success", `Project ${name} redeployed`);
+      } catch (err) {
+        bannerRef.show("error", `Failed: ${err}`);
+      }
+    };
+    confirmOpen = true;
+  }
+</script>
+
+<AdminPageHeader
+  title="Projects"
+  description="Search projects by name pattern, view details, hibernate or redeploy."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="mb-4 max-w-md">
+  <SearchInput
+    placeholder="Search projects (e.g. org/project, min 2 chars)..."
+    on:search={handleSearch}
+  />
+</div>
+
+{#if $projectsQuery.isLoading && searchQuery.length >= 2}
+  <p class="text-sm text-slate-500">Searching...</p>
+{:else if $projectsQuery.data?.names?.length}
+  <table class="w-full">
+    <thead>
+      <tr>
+        <th>Project</th>
+        <th>Actions</th>
+      </tr>
+    </thead>
+    <tbody>
+      {#each $projectsQuery.data.names as name}
+        <tr>
+          <td class="font-mono text-xs">{name}</td>
+          <td>
+            <div class="flex gap-2">
+              <a
+                href={`/${name}`}
+                target="_blank"
+                class="action-btn"
+              >
+                View
+              </a>
+              <button class="action-btn" on:click={() => handleHibernate(name)}>
+                Hibernate
+              </button>
+              <button
+                class="action-btn destructive"
+                on:click={() => handleRedeploy(name)}
+              >
+                Redeploy
+              </button>
+            </div>
+          </td>
+        </tr>
+      {/each}
+    </tbody>
+  </table>
+{:else if searchQuery.length >= 2 && $projectsQuery.isSuccess}
+  <p class="text-sm text-slate-500">No projects found for "{searchQuery}"</p>
+{/if}
+
+<ConfirmDialog
+  bind:open={confirmOpen}
+  title={confirmTitle}
+  description={confirmDescription}
+  destructive={confirmDestructive}
+  onConfirm={confirmAction}
+/>
+
+<style lang="postcss">
+  th {
+    @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider
+      px-4 py-2 border-b border-slate-200 dark:border-slate-700;
+  }
+  td {
+    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
+      border-b border-slate-100 dark:border-slate-800;
+  }
+  tr:hover td { @apply bg-slate-50 dark:bg-slate-800/50; }
+  .action-btn {
+    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
+      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
+  }
+  .action-btn.destructive {
+    @apply border-red-300 text-red-600 hover:bg-red-50
+      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
+  }
+</style>

From b5561a86bd6d3934ede36731fad0086164e81741 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:33:27 -0700
Subject: [PATCH 19/35] feat(admin-console): add annotations management page

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../routes/-/admin/annotations/+page.svelte   | 91 +++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/annotations/+page.svelte

diff --git a/web-admin/src/routes/-/admin/annotations/+page.svelte b/web-admin/src/routes/-/admin/annotations/+page.svelte
new file mode 100644
index 00000000000..f3016fcaf0c
--- /dev/null
+++ b/web-admin/src/routes/-/admin/annotations/+page.svelte
@@ -0,0 +1,91 @@
+<script lang="ts">
+  import {
+    createAdminServiceSudoUpdateAnnotations,
+    createAdminServiceSudoGetResource,
+  } from "@rilldata/web-admin/client";
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+
+  let bannerRef: ActionResultBanner;
+  let org = "";
+  let project = "";
+  let annotationsJson = "{}";
+  let loaded = false;
+
+  const updateAnnotations = createAdminServiceSudoUpdateAnnotations();
+
+  async function handleLoad() {
+    if (!org || !project) return;
+    try {
+      // Load existing project annotations via GetProject
+      // The project's annotations field contains the current values
+      const resp = await fetch(`/v1/organizations/${org}/projects/${project}`);
+      if (resp.ok) {
+        const data = await resp.json();
+        const existing = data.project?.annotations ?? {};
+        annotationsJson = JSON.stringify(existing, null, 2);
+        loaded = true;
+        bannerRef.show("success", `Loaded annotations for ${org}/${project}`);
+      } else {
+        bannerRef.show("error", `Project not found or access denied`);
+      }
+    } catch (err) {
+      bannerRef.show("error", `Failed to load annotations: ${err}`);
+    }
+  }
+
+  async function handleSave() {
+    if (!org || !project) return;
+    try {
+      const annotations = JSON.parse(annotationsJson);
+      await $updateAnnotations.mutateAsync({
+        data: { organization: org, project, annotations },
+      });
+      bannerRef.show("success", `Annotations updated for ${org}/${project}`);
+    } catch (err) {
+      if (err instanceof SyntaxError) {
+        bannerRef.show("error", "Invalid JSON format");
+      } else {
+        bannerRef.show("error", `Failed: ${err}`);
+      }
+    }
+  }
+</script>
+
+<AdminPageHeader
+  title="Annotations"
+  description="View and update project annotations (key-value metadata used for billing, categorization, etc.)."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="card">
+  <div class="form-row mb-4">
+    <input type="text" class="input" placeholder="Organization name" bind:value={org} />
+    <input type="text" class="input" placeholder="Project name" bind:value={project} />
+    <button class="btn-primary" on:click={handleLoad}>Load Current</button>
+  </div>
+  <div class="mb-4">
+    <label class="text-xs font-medium text-slate-500 mb-1 block">
+      Annotations (JSON) {#if !loaded}<span class="text-yellow-600">— click "Load Current" first to avoid overwriting</span>{/if}
+    </label>
+    <textarea
+      class="input w-full h-32 font-mono text-xs"
+      placeholder='{"key": "value"}'
+      bind:value={annotationsJson}
+    ></textarea>
+  </div>
+  <button class="btn-primary" on:click={handleSave}>Save Annotations</button>
+</div>
+
+<style lang="postcss">
+  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
+  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .input {
+    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
+      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
+  }
+  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700; }
+  textarea { @apply resize-y; }
+</style>

From 0e76ab74fd084f930126c1d0b754b116bc2f3707 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:33:28 -0700
Subject: [PATCH 20/35] feat(admin-console): add superuser management page

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../routes/-/admin/superusers/+page.svelte    | 106 ++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/superusers/+page.svelte

diff --git a/web-admin/src/routes/-/admin/superusers/+page.svelte b/web-admin/src/routes/-/admin/superusers/+page.svelte
new file mode 100644
index 00000000000..9138d475149
--- /dev/null
+++ b/web-admin/src/routes/-/admin/superusers/+page.svelte
@@ -0,0 +1,106 @@
+<!-- web-admin/src/routes/-/admin/superusers/+page.svelte -->
+<script lang="ts">
+  import {
+    createAdminServiceListSuperusers,
+    createAdminServiceSetSuperuser,
+  } from "@rilldata/web-admin/client";
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let bannerRef: ActionResultBanner;
+  let newEmail = "";
+  let confirmOpen = false;
+  let confirmTitle = "";
+  let confirmDescription = "";
+  let confirmDestructive = false;
+  let confirmAction: () => Promise<void> = async () => {};
+
+  const queryClient = useQueryClient();
+  const superusersQuery = createAdminServiceListSuperusers();
+  const setSuperuser = createAdminServiceSetSuperuser();
+
+  async function handleAdd() {
+    if (!newEmail) return;
+    try {
+      await $setSuperuser.mutateAsync({ data: { email: newEmail, superuser: true } });
+      bannerRef.show("success", `${newEmail} added as superuser`);
+      newEmail = "";
+      await queryClient.invalidateQueries();
+    } catch (err) {
+      bannerRef.show("error", `Failed: ${err}`);
+    }
+  }
+
+  function handleRemove(email: string) {
+    confirmTitle = "Remove Superuser";
+    confirmDescription = `Remove superuser access for ${email}? They will lose access to this admin console.`;
+    confirmDestructive = true;
+    confirmAction = async () => {
+      try {
+        await $setSuperuser.mutateAsync({ data: { email, superuser: false } });
+        bannerRef.show("success", `${email} removed as superuser`);
+        await queryClient.invalidateQueries();
+      } catch (err) {
+        bannerRef.show("error", `Failed: ${err}`);
+      }
+    };
+    confirmOpen = true;
+  }
+</script>
+
+<AdminPageHeader
+  title="Superusers"
+  description="Manage who has superuser (super admin) access to Rill Cloud."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="card mb-6">
+  <h2 class="card-title">Add Superuser</h2>
+  <div class="form-row">
+    <input type="email" class="input" placeholder="Email address" bind:value={newEmail}
+      on:keydown={(e) => e.key === "Enter" && handleAdd()} />
+    <button class="btn-primary" on:click={handleAdd}>Add Superuser</button>
+  </div>
+</div>
+
+{#if $superusersQuery.data?.users?.length}
+  <table class="w-full">
+    <thead>
+      <tr><th>Email</th><th>Display Name</th><th>Actions</th></tr>
+    </thead>
+    <tbody>
+      {#each $superusersQuery.data.users as user}
+        <tr>
+          <td class="font-mono text-xs">{user.email}</td>
+          <td>{user.displayName ?? "-"}</td>
+          <td>
+            <button class="action-btn destructive" on:click={() => handleRemove(user.email ?? "")}>
+              Remove
+            </button>
+          </td>
+        </tr>
+      {/each}
+    </tbody>
+  </table>
+{/if}
+
+<ConfirmDialog bind:open={confirmOpen} title={confirmTitle} description={confirmDescription}
+  destructive={confirmDestructive} onConfirm={confirmAction} />
+
+<style lang="postcss">
+  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
+  .card-title { @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3; }
+  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .input {
+    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
+      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
+  }
+  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
+  th { @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700; }
+  td { @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800; }
+  .action-btn.destructive { @apply text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400; }
+</style>

From 6d280083fb0968784fba39217c2493718cd54fb6 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:33:30 -0700
Subject: [PATCH 21/35] feat(admin-console): add stub pages for virtual files
 and runtime management

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../src/routes/-/admin/runtime/+page.svelte   | 30 ++++++++++++++
 .../routes/-/admin/virtual-files/+page.svelte | 41 +++++++++++++++++++
 2 files changed, 71 insertions(+)
 create mode 100644 web-admin/src/routes/-/admin/runtime/+page.svelte
 create mode 100644 web-admin/src/routes/-/admin/virtual-files/+page.svelte

diff --git a/web-admin/src/routes/-/admin/runtime/+page.svelte b/web-admin/src/routes/-/admin/runtime/+page.svelte
new file mode 100644
index 00000000000..85b2f582369
--- /dev/null
+++ b/web-admin/src/routes/-/admin/runtime/+page.svelte
@@ -0,0 +1,30 @@
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+
+  let bannerRef: ActionResultBanner;
+
+  // Runtime management will be implemented in a follow-up.
+  // The API calls needed are:
+  // - SudoIssueRuntimeManagerToken
+  // - ListInstances (via runtime client)
+  // - DeleteInstance (via runtime client)
+</script>
+
+<AdminPageHeader
+  title="Runtime"
+  description="Manage runtime instances, issue manager tokens, and view deployment infrastructure."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="card">
+  <p class="text-sm text-slate-500">Runtime management will be available in a future update. Use the CLI for now:</p>
+  <pre class="mt-2 p-3 bg-slate-100 dark:bg-slate-800 rounded text-xs font-mono">rill sudo runtime list-instances &lt;host&gt;
+rill sudo runtime delete-instance &lt;host&gt; &lt;instance_id&gt;
+rill sudo runtime manager-token &lt;host&gt;</pre>
+</div>
+
+<style lang="postcss">
+  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
+</style>
diff --git a/web-admin/src/routes/-/admin/virtual-files/+page.svelte b/web-admin/src/routes/-/admin/virtual-files/+page.svelte
new file mode 100644
index 00000000000..e5ae4c824c9
--- /dev/null
+++ b/web-admin/src/routes/-/admin/virtual-files/+page.svelte
@@ -0,0 +1,41 @@
+<script lang="ts">
+  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+
+  let bannerRef: ActionResultBanner;
+  let org = "";
+  let project = "";
+
+  // Virtual files management will be implemented in a follow-up.
+  // The API calls needed are:
+  // - PullVirtualRepo (list)
+  // - GetVirtualFile (read)
+  // - DeleteVirtualFile (delete)
+</script>
+
+<AdminPageHeader
+  title="Virtual Files"
+  description="Browse, read, and delete virtual files in project deployments."
+/>
+
+<ActionResultBanner bind:this={bannerRef} />
+
+<div class="card">
+  <div class="form-row mb-4">
+    <input type="text" class="input" placeholder="Organization name" bind:value={org} />
+    <input type="text" class="input" placeholder="Project name" bind:value={project} />
+    <button class="btn-primary" disabled>List Files (Coming Soon)</button>
+  </div>
+  <p class="text-sm text-slate-500">Virtual file management will be available in a future update.</p>
+</div>
+
+<style lang="postcss">
+  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
+  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .input {
+    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
+      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
+  }
+  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 disabled:opacity-50; }
+</style>

From 33f445e1cbb9ed06b310e4e3e4b41ecfd359c674 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Thu, 19 Mar 2026 12:53:21 -0700
Subject: [PATCH 22/35] fix(admin-console): fix annotations page Svelte
 template compile error

---
 web-admin/src/routes/-/admin/annotations/+page.svelte | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/web-admin/src/routes/-/admin/annotations/+page.svelte b/web-admin/src/routes/-/admin/annotations/+page.svelte
index f3016fcaf0c..21c177e023d 100644
--- a/web-admin/src/routes/-/admin/annotations/+page.svelte
+++ b/web-admin/src/routes/-/admin/annotations/+page.svelte
@@ -1,7 +1,6 @@
 <script lang="ts">
   import {
     createAdminServiceSudoUpdateAnnotations,
-    createAdminServiceSudoGetResource,
   } from "@rilldata/web-admin/client";
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
   import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
@@ -71,7 +70,7 @@
     </label>
     <textarea
       class="input w-full h-32 font-mono text-xs"
-      placeholder='{"key": "value"}'
+      placeholder={'{"key": "value"}'}
       bind:value={annotationsJson}
     ></textarea>
   </div>

From c81c0f6b79cb31c73a7b4ffcf3c3caef0b1b5e69 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Fri, 20 Mar 2026 11:23:32 -0700
Subject: [PATCH 23/35] Revert "Add Claude Code PM skills"

This reverts commit 633cda1a5a1fcf2b9a6ba34ab2a2977d4c63023c.
---
 .../skills/pm/competitive-analysis/SKILL.md   | 69 ---------------
 .claude/skills/pm/executive-update/SKILL.md   | 60 -------------
 .../skills/pm/feature-prioritization/SKILL.md | 59 -------------
 .claude/skills/pm/feedback-analysis/SKILL.md  | 64 --------------
 .claude/skills/pm/go-to-market/SKILL.md       | 77 ----------------
 .claude/skills/pm/metrics-framework/SKILL.md  | 87 -------------------
 .claude/skills/pm/okr-writer/SKILL.md         | 64 --------------
 .claude/skills/pm/prd-generator/SKILL.md      | 82 -----------------
 .claude/skills/pm/stakeholder-review/SKILL.md | 61 -------------
 .claude/skills/pm/user-story/SKILL.md         | 81 -----------------
 10 files changed, 704 deletions(-)
 delete mode 100644 .claude/skills/pm/competitive-analysis/SKILL.md
 delete mode 100644 .claude/skills/pm/executive-update/SKILL.md
 delete mode 100644 .claude/skills/pm/feature-prioritization/SKILL.md
 delete mode 100644 .claude/skills/pm/feedback-analysis/SKILL.md
 delete mode 100644 .claude/skills/pm/go-to-market/SKILL.md
 delete mode 100644 .claude/skills/pm/metrics-framework/SKILL.md
 delete mode 100644 .claude/skills/pm/okr-writer/SKILL.md
 delete mode 100644 .claude/skills/pm/prd-generator/SKILL.md
 delete mode 100644 .claude/skills/pm/stakeholder-review/SKILL.md
 delete mode 100644 .claude/skills/pm/user-story/SKILL.md

diff --git a/.claude/skills/pm/competitive-analysis/SKILL.md b/.claude/skills/pm/competitive-analysis/SKILL.md
deleted file mode 100644
index d8c5d22c467..00000000000
--- a/.claude/skills/pm/competitive-analysis/SKILL.md
+++ /dev/null
@@ -1,69 +0,0 @@
----
-description: Conduct a competitive analysis using Gibson Biddle's DHM (Delight customers, Hard to copy, Margin-enhancing) framework, with strategic positioning recommendations
-allowed-tools: Read, AskUserQuestion, WebSearch, Task
-argument-hint: "<your product/company and list of competitors, or just the product space>"
----
-
-Build a comprehensive competitive analysis using Gibson Biddle's DHM framework — researching up to 5 competitors in parallel and synthesizing strategic positioning recommendations.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Define the Competitive Landscape
-
-If competitors aren't specified, ask via `AskUserQuestion`:
-- What product or space are we analyzing?
-- Who are the top 3–5 competitors (direct and adjacent)?
-- What is the primary job-to-be-done we're competing on?
-
-### 2. Research Competitors in Parallel
-
-Use the `Task` tool to spawn parallel `Explore` agents — one per competitor — each tasked with finding:
-- Product positioning and key messaging
-- Pricing model and tiers
-- Key features and differentiators
-- Known strengths and weaknesses (reviews, press, community feedback)
-- Recent product moves (launches, pivots, funding)
-
-Consolidate findings before proceeding.
-
-### 3. DHM Analysis
-
-For each competitor (including your own product), evaluate across the three DHM dimensions:
-
-**Delight (D)**: What features or experiences genuinely delight customers? What do users love about this product?
-
-**Hard to Copy (H)**: What aspects of their product, data network, brand, or business model are difficult for a new entrant to replicate? Rate each: Low / Medium / High defensibility.
-
-**Margin-enhancing (M)**: How does this product structure itself to improve margins over time? (e.g., automation, self-serve, network effects, data flywheel)
-
-### 4. Feature Comparison Matrix
-
-Create a table comparing all competitors across key dimensions relevant to the space. Mark: ✅ (has it), ⚠️ (partial), ❌ (missing), 🔄 (in progress/announced).
-
-### 5. Pricing Comparison
-
-Document each competitor's pricing structure:
-- Free tier (if any)
-- Core paid plan
-- Enterprise pricing signals
-- Pricing model (seat-based, usage-based, flat, hybrid)
-
-Note where your product is priced relative to the field and whether that positioning is strategic or legacy.
-
-### 6. Strategic Recommendations
-
-Synthesize the analysis into actionable recommendations:
-
-**White spaces**: Jobs-to-be-done that no competitor is excelling at — potential areas to own.
-
-**Defensive moves**: Where are competitors gaining ground that threatens your core? What should you protect?
-
-**Positioning sharpening**: Based on the DHM analysis, what is the single most defensible and differentiating position for your product to own?
-
-**Features to not build**: Capabilities where competitors have too much of a head start — better to partner, acquire, or integrate than build.
-
-## Output Format
-
-Structure as a competitive brief with: executive summary, DHM scorecards, feature matrix, pricing table, and strategic recommendations. Use tables extensively. Keep the executive summary to 5 bullets — the kind a CEO would read in 2 minutes.
diff --git a/.claude/skills/pm/executive-update/SKILL.md b/.claude/skills/pm/executive-update/SKILL.md
deleted file mode 100644
index e8d82c315d7..00000000000
--- a/.claude/skills/pm/executive-update/SKILL.md
+++ /dev/null
@@ -1,60 +0,0 @@
----
-description: Create a crisp executive update or status report using the SCQA (Situation, Complication, Question, Answer) framework
-allowed-tools: Read, AskUserQuestion
-argument-hint: "<topic, project, or situation to report on>"
----
-
-Transform messy context into a crisp, structured executive update using the SCQA framework (Situation, Complication, Question, Answer) — the gold standard for executive communication.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Gather Context
-
-If not provided, ask via `AskUserQuestion`:
-- What is the audience? (CEO, board, cross-functional leadership, skip-level)
-- What format is expected? (email, Slack update, slide, verbal brief)
-- What decision or action, if any, do you need from the audience?
-- What has changed since the last update?
-
-### 2. SCQA Structure
-
-Write the update using the four-part SCQA framework:
-
-**Situation** (1–2 sentences)
-Set shared context. State what's true right now that the audience already knows or would agree with. This is NOT the problem — it's the stable backdrop.
-> Example: "We're 6 weeks into Q2, and our pipeline conversion rate has been a focus area since the Q1 review."
-
-**Complication** (1–3 sentences)
-Introduce the tension. What has changed, gone wrong, or become relevant that makes the situation require attention? This creates the "why are you telling me this" moment.
-> Example: "Conversion rate improved from 18% to 22%, but deal velocity slowed — average close time increased from 28 to 41 days, which puts us at risk of missing the Q2 revenue target."
-
-**Question** (1 sentence, implicit or explicit)
-The natural question the reader is now asking. Often not stated explicitly, but naming it sharpens the answer.
-> Example: "What's driving the slowdown and what should we do about it?"
-
-**Answer** (the bulk of the update)
-Lead with the recommendation or key insight, then support it with evidence. Structure as:
-- **Bottom line up front**: Your conclusion or recommendation in one sentence
-- **Supporting data**: 2–3 data points or observations that back the bottom line
-- **Next steps**: What will happen next and by when, with owners named
-
-### 3. Calibrate for Audience
-
-Adjust the update based on audience:
-- **CEO / Board**: Lead with business impact and decisions needed. Skip operational detail.
-- **Cross-functional leaders**: Emphasize dependencies and what you need from them.
-- **Skip-level**: Include enough operational context to be credible, but still lead with the headline.
-
-### 4. Editing Pass
-
-Review the draft against these criteria:
-- Can the reader understand the key message in the first 30 seconds?
-- Is every sentence earning its place — does it add information or can it be cut?
-- Are there any weasel words or passive constructions hiding uncertainty? If there's uncertainty, name it directly.
-- Is the ask (if any) unambiguous?
-
-## Output Format
-
-Present the final SCQA update in clean prose — no sub-bullets within the Situation or Complication. Reserve bullets for the Answer section's supporting evidence and next steps. Aim for under 250 words for async written formats; include a "TL;DR" one-liner at the top for long updates.
diff --git a/.claude/skills/pm/feature-prioritization/SKILL.md b/.claude/skills/pm/feature-prioritization/SKILL.md
deleted file mode 100644
index b73b4a6c321..00000000000
--- a/.claude/skills/pm/feature-prioritization/SKILL.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-description: Score and rank a list of features or initiatives using RICE, ICE, or weighted scoring frameworks, with clear rationale for each score
-allowed-tools: Read, AskUserQuestion
-argument-hint: "<list of features, backlog items, or initiatives to prioritize>"
----
-
-Turn a backlog of features or initiatives into a clearly ranked, defensible prioritization using RICE, ICE, or weighted scoring — with documented rationale for every score.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Choose a Scoring Framework
-
-Ask the user (via `AskUserQuestion`) which framework to use, or recommend based on context:
-
-- **RICE** — best when you have data on reach and effort estimates. Formula: `(Reach × Impact × Confidence) / Effort`
-- **ICE** — best for fast, gut-check prioritization. Formula: `Impact × Confidence × Ease`
-- **Weighted Scoring** — best when specific strategic criteria matter (e.g., strategic alignment, revenue potential, technical debt reduction). Ask the user for their weights.
-
-### 2. Define Scoring Criteria
-
-For RICE:
-- **Reach**: How many users will this affect per quarter? (estimated number)
-- **Impact**: How much will this move the needle per user? (3 = massive, 2 = significant, 1 = low, 0.5 = minimal, 0.25 = trivial)
-- **Confidence**: How confident are you in these estimates? (100% = high, 80% = medium, 50% = low)
-- **Effort**: Total person-months to build, test, and ship.
-
-For ICE:
-- **Impact**: 1–10 scale. How much will this move the key metric?
-- **Confidence**: 1–10 scale. How sure are you it will work?
-- **Ease**: 1–10 scale. How easy/fast is this to ship?
-
-For Weighted Scoring, define 4–6 criteria and assign weights that sum to 100%.
-
-### 3. Score Each Item
-
-Create a scoring table for each feature:
-- Document the score for each dimension
-- Provide a 1-sentence rationale for the score
-- Calculate the final score
-
-### 4. Output a Ranked List
-
-Present:
-1. A **ranked table** (highest score first) with all scores visible
-2. A **recommended top 3** to ship next, with brief justification
-3. **Items to defer or cut**, with the reason why
-
-### 5. Flag Risks and Dependencies
-
-For top-ranked items, note:
-- Dependencies on other teams or systems
-- Technical or business risks that could invalidate the score
-- Any items that scored low but have strategic override reasons (e.g., compliance, exec mandate)
-
-## Output Format
-
-Use a markdown table for the scoring matrix. Follow with a short narrative summary of the recommendations. Avoid jargon — the output should be presentable directly to stakeholders.
diff --git a/.claude/skills/pm/feedback-analysis/SKILL.md b/.claude/skills/pm/feedback-analysis/SKILL.md
deleted file mode 100644
index 345b522e226..00000000000
--- a/.claude/skills/pm/feedback-analysis/SKILL.md
+++ /dev/null
@@ -1,64 +0,0 @@
----
-description: Analyze a batch of customer feedback (support tickets, NPS responses, reviews, feature requests) to extract patterns, prioritize opportunities, and surface actionable insights
-allowed-tools: Read, Glob, AskUserQuestion
-argument-hint: "<feedback file, paste of feedback items, or description of feedback source>"
----
-
-Analyze 10–500+ customer feedback items from any source — support tickets, NPS verbatims, G2/Capterra reviews, feature requests, user interviews — and extract actionable patterns ranked by frequency and impact.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Ingest the Feedback
-
-Accept feedback in any of these forms:
-- A file path (use `Read` tool)
-- Pasted text in the conversation
-- A description of feedback themes (if raw data isn't available)
-
-If the feedback is unstructured, ask via `AskUserQuestion`:
-- What is the source? (NPS, support, reviews, interviews, sales calls)
-- What time period does this cover?
-- What product area or feature set does this relate to?
-
-### 2. Categorize Each Item
-
-For each piece of feedback, identify:
-- **Theme**: The underlying need or pain point (not the surface request)
-- **Sentiment**: Positive / Negative / Neutral
-- **Urgency signal**: Does the user describe churn risk, workaround behavior, or blocking frustration?
-- **User segment** (if inferrable): Power user, new user, enterprise, SMB, etc.
-
-### 3. Extract Patterns
-
-Group feedback items by theme and count frequency. Look for:
-- **High-frequency pain points**: Themes that appear in 10%+ of items
-- **High-severity items**: Individual feedback pieces that signal churn, safety, or legal risk — even if rare
-- **Unmet jobs**: Things users are trying to do that the product doesn't support well
-- **Unexpected use cases**: Users using the product in ways you didn't anticipate — often signals new market opportunities
-- **Positive signals**: What users love — protect these from inadvertent regression in roadmap decisions
-
-### 4. Prioritize Opportunities
-
-Rank the top themes using a simple 2×2:
-- **X-axis**: Frequency (how many users mentioned this)
-- **Y-axis**: Severity (how much does this hurt the user or the business)
-
-Quadrant labels:
-- High frequency + High severity → **Urgent: Fix or build now**
-- Low frequency + High severity → **Risk: Monitor and triage**
-- High frequency + Low severity → **Polish: Quick wins**
-- Low frequency + Low severity → **Backlog: Low priority**
-
-### 5. Surface Insights
-
-Write a synthesis covering:
-- **Top 3 opportunities** with supporting evidence (quote 2–3 representative pieces of feedback for each)
-- **One thing to stop doing** (if the data suggests a feature or behavior is causing net harm)
-- **One underserved segment** that shows up in the data with distinct needs
-- **Recommended next step**: What should the PM do with this analysis? (user interviews, prototype test, quick fix, escalate to leadership, etc.)
-
-## Output Format
-
-Lead with a short executive summary (5 sentences max). Follow with the opportunity ranking table. Then provide detailed write-ups for the top 3 opportunities, each with representative quotes. End with recommendations. Preserve customer voice — use direct quotes rather than paraphrasing whenever possible.
diff --git a/.claude/skills/pm/go-to-market/SKILL.md b/.claude/skills/pm/go-to-market/SKILL.md
deleted file mode 100644
index b24f5915a2e..00000000000
--- a/.claude/skills/pm/go-to-market/SKILL.md
+++ /dev/null
@@ -1,77 +0,0 @@
----
-description: Create a complete Go-to-Market (GTM) plan for a product, feature, or launch — including positioning, channels, messaging, timeline, and success metrics
-allowed-tools: Read, AskUserQuestion, WebSearch
-argument-hint: "<product, feature, or launch to create a GTM plan for>"
----
-
-Build a complete Go-to-Market plan covering positioning, audience targeting, channel strategy, messaging, launch timeline, and success metrics.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Gather Launch Context
-
-If not provided, use `AskUserQuestion` to ask:
-- What are we launching? (new product, feature, pricing change, expansion)
-- Who is the primary target audience?
-- What is the launch date or target window?
-- What are the top 1–2 business goals for this launch?
-- Any known constraints (budget, team, regions, existing commitments)?
-
-### 2. Positioning Statement
-
-Write a positioning statement using the Geoffrey Moore format:
-
-> For [target customer] who [has this need or problem], [product/feature name] is a [category] that [key benefit]. Unlike [primary alternative], our solution [key differentiator].
-
-Test the positioning against these questions:
-- Is the "unlike" contrast meaningful to the customer (not just internally)?
-- Does the key benefit tie directly to a measurable outcome?
-- Is the category framing right — too narrow (limits growth) or too broad (loses clarity)?
-
-### 3. Audience Segmentation
-
-Define:
-- **Primary audience**: Who this launch is designed for first. Be specific.
-- **Secondary audience**: Who else benefits, and how messaging differs for them.
-- **Influencers and champions**: Who drives adoption within a company or community?
-
-### 4. Messaging Framework
-
-Create a messaging hierarchy:
-- **One-liner** (10 words max): Used in headlines, subject lines, social
-- **Elevator pitch** (2–3 sentences): Used in sales, demos, outbound
-- **Full value proposition** (1 paragraph): Used in landing pages, press materials
-
-For each audience segment, note any messaging adjustments.
-
-### 5. Channel Strategy
-
-For each channel, specify: goal, tactic, owner, and expected impact.
-
-Evaluate which channels to use based on where the audience lives:
-- **Owned**: Blog, in-app notifications, email newsletter, changelog
-- **Earned**: Press, analyst briefings, community word-of-mouth, influencer reviews
-- **Paid**: Ads, sponsored content, events
-- **Partner**: Co-marketing, integrations announcements, referrals
-
-### 6. Launch Timeline
-
-Create a phased timeline:
-- **T-4 weeks**: Internal alignment, sales enablement, beta/preview customers
-- **T-2 weeks**: Soft launch to waitlist or early adopters, collect feedback
-- **T-0 (Launch day)**: Public announcement, coordinated across all channels
-- **T+2 weeks**: Follow-up content, case studies, retargeting
-
-### 7. Success Metrics
-
-Define:
-- **Primary metric**: The one number that signals launch success
-- **Leading indicators**: What to watch in the first 48–72 hours
-- **Lagging indicators**: What to evaluate at 30/60/90 days
-- **Failure signal**: At what threshold do we escalate or pivot?
-
-## Output Format
-
-Structure the output as a standalone GTM brief in clean markdown — concise enough to share with leadership, detailed enough for the team to execute from. Use tables for the channel strategy and timeline.
diff --git a/.claude/skills/pm/metrics-framework/SKILL.md b/.claude/skills/pm/metrics-framework/SKILL.md
deleted file mode 100644
index d1807d74bb0..00000000000
--- a/.claude/skills/pm/metrics-framework/SKILL.md
+++ /dev/null
@@ -1,87 +0,0 @@
----
-description: Build a comprehensive product metrics framework using AARRR (pirate metrics) or input/output methodology, and identify and validate your product's North Star metric
-allowed-tools: Read, AskUserQuestion
-argument-hint: "<product, feature, or business area to build a metrics framework for>"
----
-
-Design a complete metrics framework for a product or feature — identifying the North Star metric, building out the full AARRR funnel or input/output model, and defining leading and lagging indicators at each stage.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Understand the Product Context
-
-If not provided, ask via `AskUserQuestion`:
-- What does the product do and who uses it?
-- What is the primary business model? (subscription, usage-based, marketplace, freemium, etc.)
-- What stage is the product at? (early/PMF search, growth, scale, mature)
-- Is there an existing set of metrics in use? If so, what are they?
-
-### 2. North Star Metric
-
-Identify the North Star metric: the single number that best captures the core value the product delivers to customers. A good North Star:
-- Reflects customer value (not just revenue or vanity activity)
-- Is leading, not lagging (predicts future business health)
-- Is actionable — the team can affect it directly
-- Is understandable — a new employee can explain it
-
-Present 2–3 candidate North Star metrics and recommend one with reasoning.
-
-**Common examples by business type**:
-- SaaS productivity tool → Weekly active users completing core workflow
-- Marketplace → Successful transactions per month
-- Consumer app → DAU/MAU ratio (stickiness)
-- Data platform → Queries run per active user per week
-
-Validate the North Star by testing: "If this metric goes up while everything else stays the same, is the business actually healthier?"
-
-### 3. AARRR Funnel Metrics
-
-Map the full customer lifecycle with 2–3 metrics per stage:
-
-**Acquisition** — How do users discover and arrive?
-- Sources: Organic search, paid, referral, direct, partner
-- Key metrics: New signups, CAC by channel, trial starts
-
-**Activation** — Do users experience core value quickly?
-- Define the "aha moment" — the action that correlates most strongly with retention
-- Key metrics: Activation rate (% reaching aha moment), time-to-value
-
-**Retention** — Do users keep coming back?
-- Define retention for this product (daily, weekly, monthly depending on use case)
-- Key metrics: D7/D30/D90 retention, churn rate, resurrection rate
-
-**Referral** — Do users tell others?
-- Key metrics: NPS, viral coefficient (K-factor), referral rate, word-of-mouth signups
-
-**Revenue** — Are we monetizing effectively?
-- Key metrics: MRR/ARR, ARPU, LTV, LTV:CAC ratio, expansion revenue
-
-### 4. Input/Output Metric Pairing
-
-For each AARRR stage, pair:
-- **Output metric**: The outcome you're trying to achieve (lagging, harder to move quickly)
-- **Input metric**: The leading indicator or lever the team can pull to affect the output
-
-Example:
-> Output: D30 retention = 40% | Input: % of new users who complete onboarding within 24 hours
-
-### 5. Instrumentation Checklist
-
-For each key metric, document:
-- What event or data point needs to be tracked?
-- Where does this data live today? (product analytics, data warehouse, CRM, etc.)
-- Is this metric currently being measured? If not, what's needed to instrument it?
-- What's the current baseline value (if known)?
-
-### 6. Anti-metrics
-
-Name 2–3 metrics to explicitly NOT optimize for — things that could improve without the product actually getting better:
-- Vanity metrics (e.g., total registered users without activity filter)
-- Metrics that can be gamed easily
-- Metrics that could be optimized at the expense of user trust
-
-## Output Format
-
-Present the North Star recommendation with rationale, then a metrics table organized by AARRR stage with input/output pairs. Follow with the instrumentation checklist. Use a clean table format throughout. Keep the narrative tight — this should be a working document, not a strategy deck.
diff --git a/.claude/skills/pm/okr-writer/SKILL.md b/.claude/skills/pm/okr-writer/SKILL.md
deleted file mode 100644
index 992d5c38f1a..00000000000
--- a/.claude/skills/pm/okr-writer/SKILL.md
+++ /dev/null
@@ -1,64 +0,0 @@
----
-description: Write and refine Objectives and Key Results (OKRs) using the Measure What Matters methodology, with coaching on common pitfalls
-allowed-tools: Read, AskUserQuestion
-argument-hint: "<team name, strategic goal, or draft OKRs to refine>"
----
-
-Write strong OKRs using John Doerr's *Measure What Matters* methodology — or critique and improve a draft set of OKRs the user provides.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Understand Context
-
-If not provided, ask via `AskUserQuestion`:
-- Is this for a company, team, or individual?
-- What time period? (quarterly is standard)
-- What is the overarching company/product goal this OKR should ladder up to?
-- Are these new OKRs or a draft to review?
-
-### 2. OKR Fundamentals (apply throughout)
-
-**Objectives** must be:
-- Inspirational and qualitative — describe a destination, not a task
-- Ambitious but achievable ("moonshot" vs. "roofshot" — label which)
-- Memorable in a single sentence
-- NOT a metric (no numbers in the objective)
-
-**Key Results** must be:
-- Measurable and time-bound
-- Outcome-oriented (measure impact, not output or activity)
-- 3–5 per objective
-- Scored 0–1.0 at the end of the period (0.7 = success; 1.0 = sandbagging)
-
-### 3. Common Pitfalls to Check Against
-
-Flag any of the following:
-- **Task masquerading as KR**: "Launch feature X" is output, not outcome. Rewrite as "Feature X drives 20% increase in Y by [date]."
-- **Vanity metric**: Metrics that look good but don't signal real value (e.g., page views without conversion)
-- **Too safe**: If hitting 1.0 seems easy, push the number higher
-- **No owner**: Each KR should have a clear DRI (directly responsible individual)
-- **Too many**: More than 3 objectives or 5 KRs per objective dilutes focus
-
-### 4. Write or Rewrite OKRs
-
-For each Objective:
-```
-Objective: [Inspiring, qualitative goal]
-  KR1: [Metric] from [baseline] to [target] by [date]
-  KR2: [Metric] from [baseline] to [target] by [date]
-  KR3: [Metric] from [baseline] to [target] by [date]
-```
-
-### 5. Health Check
-
-After drafting, evaluate each OKR set:
-- Does each KR, if achieved, make the objective undeniably true?
-- Are any two KRs measuring the same thing? Consolidate if so.
-- Is there a leading indicator KR (early signal) alongside lagging KRs?
-- Are the KRs collectively sufficient to achieve the objective, or is something missing?
-
-## Output Format
-
-Present final OKRs in clean markdown. For each KR, add a one-line note explaining why this metric was chosen. If reviewing a draft, show the original vs. the improved version side by side.
diff --git a/.claude/skills/pm/prd-generator/SKILL.md b/.claude/skills/pm/prd-generator/SKILL.md
deleted file mode 100644
index 8f144720fb2..00000000000
--- a/.claude/skills/pm/prd-generator/SKILL.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-description: Generate a complete Product Requirements Document (PRD) from a problem statement or feature idea, using JTBD analysis, opportunity trees, and sprint-ready user stories
-allowed-tools: Read, Glob, Grep, AskUserQuestion, WebSearch
-argument-hint: "<problem statement, feature idea, or opportunity>"
----
-
-Transform a problem statement or feature idea into an engineering-ready PRD using Jobs-to-be-Done analysis, opportunity mapping, and sprint-ready user stories.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Clarify Scope (if input is vague)
-
-If the input lacks sufficient detail, use `AskUserQuestion` to ask:
-- Who is the primary user/customer affected?
-- What outcome are we trying to achieve (not the solution)?
-- What constraints exist (timeline, platform, team size)?
-
-### 2. JTBD Analysis
-
-Frame the problem using the Jobs-to-be-Done format:
-
-> **When** [situation], **I want to** [motivation/job], **so I can** [expected outcome].
-
-Identify:
-- **Functional job**: The practical task the user is trying to accomplish
-- **Emotional job**: How they want to feel
-- **Social job**: How they want to be perceived
-
-### 3. Opportunity Tree
-
-Map the problem space before jumping to solutions:
-
-```
-Goal: [Desired outcome]
-  └── Opportunity: [Why users can't achieve the goal today]
-        ├── Assumption: [What must be true for this opportunity to be real]
-        └── Solution Space: [2–3 possible approaches — do NOT commit to one yet]
-```
-
-### 4. PRD Structure
-
-Write the full PRD with the following sections:
-
-**Overview**
-- Problem statement (1–2 sentences)
-- Why now (business context, urgency)
-- Success metrics (primary KPI + 1–2 supporting metrics)
-
-**Users & Segments**
-- Primary user persona
-- Secondary users (if any)
-- Out of scope users
-
-**Requirements**
-- P0 (must have for launch)
-- P1 (strongly preferred)
-- P2 (nice to have, post-launch)
-
-For each requirement, state: what the system must do, not how.
-
-**Non-Requirements**
-- Explicitly call out what this PRD does NOT cover to prevent scope creep.
-
-**Open Questions**
-- List any unresolved decisions that need stakeholder input before engineering starts.
-
-### 5. Sprint-Ready User Stories
-
-Convert P0 requirements into user stories using the format:
-
-> **As a** [user type], **I want to** [action], **so that** [benefit].
-
-For each story, include:
-- **Acceptance criteria** (3–5 bullet points using Given/When/Then)
-- **Story points estimate** (1, 2, 3, 5, or 8 — Fibonacci scale)
-- **Dependencies** (other stories or systems this relies on)
-
-## Output Format
-
-Use clear markdown with headers. Keep the PRD scannable — PMs and engineers should be able to grasp the full scope in under 5 minutes. Avoid padding; every sentence should add information.
diff --git a/.claude/skills/pm/stakeholder-review/SKILL.md b/.claude/skills/pm/stakeholder-review/SKILL.md
deleted file mode 100644
index 86034a88a98..00000000000
--- a/.claude/skills/pm/stakeholder-review/SKILL.md
+++ /dev/null
@@ -1,61 +0,0 @@
----
-description: Run 7 stakeholder perspectives on any document or decision in parallel — Engineering, Design, Executive, Legal, Customer, Devil's Advocate, and Sales — then synthesize consensus, tensions, blockers, and questions
-allowed-tools: Read, AskUserQuestion, Task
-argument-hint: "<document, decision, or proposal to review>"
----
-
-Stress-test any document or decision by simulating 7 distinct stakeholder perspectives in parallel, then synthesizing the results into a unified review with consensus, tensions, blockers, and key questions to prepare for.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Read and Understand the Input
-
-Read the provided document thoroughly. If it's a file path, use the `Read` tool. Identify:
-- What type of document is this? (PRD, proposal, strategy doc, roadmap, design brief, etc.)
-- What decision or approval is being sought?
-- What is the timeline for feedback?
-
-### 2. Run 7 Parallel Stakeholder Reviews
-
-Use the `Task` tool to spawn 7 parallel agents simultaneously (in a single message), each reviewing the document from a distinct perspective:
-
-**Agent 1 — Engineering Lead**
-Prompt: Review this document as a senior engineering lead. Identify: technical feasibility concerns, missing technical requirements, hidden complexity, system dependencies, and questions you'd ask before starting work. Be specific and practical.
-
-**Agent 2 — Product Designer / UX**
-Prompt: Review this document as a product designer. Identify: user experience gaps, missing user research or validation, design assumptions that need testing, accessibility considerations, and any flows that will be confusing to users.
-
-**Agent 3 — Executive / Business**
-Prompt: Review this document as a C-suite executive. Identify: strategic alignment, ROI clarity, resource implications, risks to company goals, and what's missing that you'd need to approve this.
-
-**Agent 4 — Legal / Compliance**
-Prompt: Review this document as a legal and compliance reviewer. Identify: privacy concerns (data collection, GDPR/CCPA), terms of service implications, regulatory risks, IP considerations, and liability exposure.
-
-**Agent 5 — Customer Voice**
-Prompt: Review this document as an advocate for the end customer. Identify: assumptions about user needs that aren't validated, potential for confusion or frustration, missing use cases, and whether the proposed solution actually solves the stated problem.
-
-**Agent 6 — Devil's Advocate**
-Prompt: Review this document as a skeptic whose job is to find every flaw. What's the strongest case against doing this? What could go wrong? What assumptions are most likely to be wrong? What would you need to be convinced this is worth doing?
-
-**Agent 7 — Sales / Revenue**
-Prompt: Review this document as a sales leader. Identify: how this affects current deals, the sales narrative and messaging implications, pricing or packaging concerns, competitive positioning, and what you'd need to explain this to a customer.
-
-### 3. Synthesize Results
-
-After all agents complete, organize findings into:
-
-**Consensus** — Points raised by 3+ perspectives as significant concerns or needs.
-
-**Tensions** — Points where two perspectives are in conflict (e.g., Engineering says "keep it simple" while Sales says "we need more configuration options").
-
-**Hard Blockers** — Issues that must be resolved before this can move forward (typically Legal, Engineering feasibility, or missing strategic alignment).
-
-**Open Questions to Prepare For** — The most important questions you'll be asked in your next review meeting, ranked by likelihood. Include a suggested answer for each.
-
-**Suggested Revisions** — Top 3 changes to the document that would address the most significant feedback.
-
-## Output Format
-
-Present the synthesis clearly with sections for Consensus, Tensions, Hard Blockers, and Open Questions. Lead with the most critical finding. Keep the stakeholder-by-stakeholder breakdown in an appendix section at the end for reference.
diff --git a/.claude/skills/pm/user-story/SKILL.md b/.claude/skills/pm/user-story/SKILL.md
deleted file mode 100644
index 0f1b9bbe1eb..00000000000
--- a/.claude/skills/pm/user-story/SKILL.md
+++ /dev/null
@@ -1,81 +0,0 @@
----
-description: Generate sprint-ready user stories with acceptance criteria, story point estimates, and edge cases from a feature description or PRD section
-allowed-tools: Read, AskUserQuestion
-argument-hint: "<feature description, PRD section, or requirement to break into stories>"
----
-
-Convert feature descriptions or PRD requirements into sprint-ready user stories with clear acceptance criteria, story point estimates, and edge cases documented — ready to paste into Linear or Jira.
-
-Input: $ARGUMENTS
-
-## Instructions
-
-### 1. Understand the Feature
-
-If the input is a file, use `Read`. If it's vague, ask via `AskUserQuestion`:
-- Who is the primary user of this feature?
-- What is the "happy path" — the most common way this will be used?
-- Are there any known constraints (tech limitations, non-negotiable behaviors)?
-- What does "done" look like from a user perspective?
-
-### 2. Epic Summary (if applicable)
-
-If the input describes a large feature, first write a one-paragraph **epic summary**:
-- What is being built and why
-- Who it's for
-- What the scope boundaries are (what is NOT included)
-
-### 3. Break Into Stories
-
-Apply the INVEST criteria to each story:
-- **Independent**: Can be developed without requiring another story to be done first
-- **Negotiable**: Details can be discussed with engineering
-- **Valuable**: Delivers something meaningful to the user or system
-- **Estimable**: Can be pointed
-- **Small**: Can be completed in one sprint (ideally 1–3 days of work)
-- **Testable**: Has clear, verifiable acceptance criteria
-
-Story format:
-```
-As a [user type],
-I want to [perform an action],
-so that [I achieve a benefit/outcome].
-```
-
-### 4. Acceptance Criteria
-
-For each story, write 3–6 acceptance criteria using Given/When/Then:
-```
-Given [precondition or starting state]
-When [the user takes an action]
-Then [the expected result occurs]
-```
-
-Cover:
-- The happy path
-- Error states and validation
-- Boundary conditions (empty states, max limits)
-- Permission or role-based behavior (if relevant)
-
-### 5. Story Point Estimates
-
-Estimate each story using Fibonacci (1, 2, 3, 5, 8):
-- **1 pt**: Trivial, under 2 hours, no unknowns
-- **2 pt**: Small, half a day, minimal complexity
-- **3 pt**: Medium, 1–2 days, some decisions to make
-- **5 pt**: Large, 3–4 days, multiple components, some uncertainty
-- **8 pt**: Very large — consider splitting before sprint planning
-
-For anything 8+, flag it as a splitting candidate and suggest how to break it up.
-
-### 6. Edge Cases and Notes
-
-For each story, list:
-- **Edge cases**: Unusual but valid user behaviors to handle
-- **Out of scope**: Explicitly call out what this story does NOT cover
-- **Dependencies**: Other stories, APIs, or team work this relies on
-- **Open questions**: Decisions that need to be made before or during development
-
-## Output Format
-
-Structure as a numbered list of stories, each with: title, user story statement, acceptance criteria, story points, and notes. Format acceptance criteria as numbered Given/When/Then bullets. Keep the tone direct and technical — these are written for an engineering team.

From 61d9d3666661e92495da91e9aab2b2fdde859d8b Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Fri, 20 Mar 2026 13:27:02 -0700
Subject: [PATCH 24/35] fix(admin-console): fix type errors, scoped query
 invalidation, and review issues
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Fix mutateAsync param names: organization → org for hibernate/redeploy
- Fix billing issue type to use V1BillingIssueType enum instead of string
- Fix quota fields: convert API numbers to strings for form binding
- Remove invalid superuserForceAccess from deleteUser call
- Scope invalidateQueries in superusers and billing pages instead of invalidating all
- Fix ConfirmDialog to keep dialog open on error for retry
- Clean up auth guard control flow in admin layout
- Remove unreachable notifySuccess after assume navigation
- Fix a11y: change label to span for non-input billing text

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../features/admin/organizations/selectors.ts |  22 +-
 .../src/features/admin/quotas/selectors.ts    |   5 -
 .../admin/shared/ConfirmDialog.svelte         |   3 +
 web-admin/src/routes/-/admin/+layout.ts       |   9 +-
 web-admin/src/routes/-/admin/+page.svelte     | 254 ++++++++--
 .../src/routes/-/admin/billing/+page.svelte   | 273 +++++++++--
 .../routes/-/admin/organizations/+page.svelte | 445 ++++++++++++++----
 .../src/routes/-/admin/projects/+page.svelte  |  78 ++-
 .../src/routes/-/admin/quotas/+page.svelte    | 127 ++---
 .../routes/-/admin/superusers/+page.svelte    | 135 +++++-
 10 files changed, 1014 insertions(+), 337 deletions(-)

diff --git a/web-admin/src/features/admin/organizations/selectors.ts b/web-admin/src/features/admin/organizations/selectors.ts
index 1cb48e23402..0e0d25046f9 100644
--- a/web-admin/src/features/admin/organizations/selectors.ts
+++ b/web-admin/src/features/admin/organizations/selectors.ts
@@ -1,9 +1,9 @@
 // web-admin/src/features/admin/organizations/selectors.ts
 import {
   createAdminServiceGetOrganization,
-  createAdminServiceSudoUpdateOrganizationCustomDomain,
   createAdminServiceListOrganizationMemberUsers,
-  createAdminServiceAddOrganizationMemberUser,
+  createAdminServiceListProjectsForOrganization,
+  createAdminServiceSearchProjectNames,
 } from "@rilldata/web-admin/client";
 
 export function getOrganization(org: string) {
@@ -14,7 +14,7 @@ export function getOrganization(org: string) {
   );
 }
 
-export function getOrgAdmins(org: string) {
+export function getOrgMembers(org: string) {
   return createAdminServiceListOrganizationMemberUsers(
     org,
     { superuserForceAccess: true },
@@ -22,10 +22,18 @@ export function getOrgAdmins(org: string) {
   );
 }
 
-export function createSetCustomDomainMutation() {
-  return createAdminServiceSudoUpdateOrganizationCustomDomain();
+export function getOrgProjects(org: string) {
+  return createAdminServiceListProjectsForOrganization(
+    org,
+    {},
+    { query: { enabled: org.length > 0 } },
+  );
 }
 
-export function createJoinOrgMutation() {
-  return createAdminServiceAddOrganizationMemberUser();
+// Search for org names by searching project paths (org/project) and extracting unique org names
+export function searchOrgNames(query: string) {
+  return createAdminServiceSearchProjectNames(
+    { namePattern: `%${query}%/%`, pageSize: 100 },
+    { query: { enabled: query.length >= 3 } },
+  );
 }
diff --git a/web-admin/src/features/admin/quotas/selectors.ts b/web-admin/src/features/admin/quotas/selectors.ts
index 6968d035c55..86220b40870 100644
--- a/web-admin/src/features/admin/quotas/selectors.ts
+++ b/web-admin/src/features/admin/quotas/selectors.ts
@@ -2,7 +2,6 @@
 import {
   createAdminServiceGetOrganization,
   createAdminServiceSudoUpdateOrganizationQuotas,
-  createAdminServiceSudoUpdateUserQuotas,
 } from "@rilldata/web-admin/client";
 
 export function getOrgForQuotas(org: string) {
@@ -16,7 +15,3 @@ export function getOrgForQuotas(org: string) {
 export function createUpdateOrgQuotasMutation() {
   return createAdminServiceSudoUpdateOrganizationQuotas();
 }
-
-export function createUpdateUserQuotasMutation() {
-  return createAdminServiceSudoUpdateUserQuotas();
-}
diff --git a/web-admin/src/features/admin/shared/ConfirmDialog.svelte b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
index 743e7848e34..a71e3e0b58e 100644
--- a/web-admin/src/features/admin/shared/ConfirmDialog.svelte
+++ b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
@@ -15,6 +15,9 @@
     try {
       await onConfirm();
       open = false;
+    } catch {
+      // Error handling is the caller's responsibility (via notifyError in onConfirm).
+      // Keep dialog open so the user can retry or cancel.
     } finally {
       loading = false;
     }
diff --git a/web-admin/src/routes/-/admin/+layout.ts b/web-admin/src/routes/-/admin/+layout.ts
index 819d6170694..7dd63351c0b 100644
--- a/web-admin/src/routes/-/admin/+layout.ts
+++ b/web-admin/src/routes/-/admin/+layout.ts
@@ -24,12 +24,11 @@ export const load = async () => {
     currentUserEmail = userResp.user?.email;
   } catch (e) {
     if (isAxiosError(e) && e.response?.status === 401) {
-      // redirectToLogin() throws a SvelteKit redirect internally;
-      // call it outside the catch to avoid swallowing the redirect exception
-    } else {
-      throw redirect(307, "/");
+      // redirectToLogin() throws a SvelteKit redirect internally.
+      // It's safe to call here; the redirect propagates out of the catch block.
+      redirectToLogin();
     }
-    redirectToLogin();
+    throw redirect(307, "/");
   }
 
   if (!currentUserEmail) {
diff --git a/web-admin/src/routes/-/admin/+page.svelte b/web-admin/src/routes/-/admin/+page.svelte
index ba4dbfb05a6..37a72535a6d 100644
--- a/web-admin/src/routes/-/admin/+page.svelte
+++ b/web-admin/src/routes/-/admin/+page.svelte
@@ -1,56 +1,234 @@
-<!-- web-admin/src/routes/-/admin/+page.svelte -->
 <script lang="ts">
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
+  import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
+  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import {
+    notifySuccess,
+    notifyError,
+  } from "@rilldata/web-admin/features/admin/shared/notify";
+  import {
+    searchUsers,
+    createDeleteUserMutation,
+  } from "@rilldata/web-admin/features/admin/users/selectors";
+  import { assumedUser } from "@rilldata/web-admin/features/admin/users/assume-state";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let searchQuery = "";
+  let confirmOpen = false;
+  let confirmTitle = "";
+  let confirmDescription = "";
+  let confirmDestructive = false;
+  let confirmAction: () => Promise<void> = async () => {};
+  let actionInProgress = "";
+
+  const queryClient = useQueryClient();
+  const deleteUser = createDeleteUserMutation();
+
+  $: usersQuery = searchUsers(searchQuery);
+
+  function handleSearch(e: CustomEvent<string>) {
+    searchQuery = e.detail;
+  }
+
+  function handleAssume(email: string) {
+    confirmTitle = "Open as User";
+    confirmDescription = `You will start browsing Rill Cloud as ${email}. The session will expire after 60 minutes. Use the banner to unassume when done.`;
+    confirmDestructive = false;
+    confirmAction = async () => {
+      // assume() navigates away via window.location.href, so no code after it runs
+      assumedUser.assume(email);
+    };
+    confirmOpen = true;
+  }
+
+  function handleUnassume() {
+    assumedUser.unassume();
+  }
+
+  function handleDelete(email: string) {
+    confirmTitle = "Delete User";
+    confirmDescription = `This will permanently delete the user ${email}. This action cannot be undone.`;
+    confirmDestructive = true;
+    confirmAction = async () => {
+      actionInProgress = `delete:${email}`;
+      try {
+        await $deleteUser.mutateAsync({
+          email,
+        });
+        notifySuccess(`User ${email} deleted`);
+        await queryClient.invalidateQueries({
+          predicate: (q) => q.queryKey[0] === "/v1/users/search",
+        });
+      } catch (err) {
+        notifyError(`Failed to delete user: ${err}`);
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    confirmOpen = true;
+  }
 </script>
 
 <AdminPageHeader
-  title="Admin Console"
-  description="Internal tools for managing users, billing, organizations, and more."
+  title="Users"
+  description="Search for users by email across all organizations."
 />
 
-<div class="quick-actions">
-  <a href="/-/admin/users" class="action-card">
-    <span class="action-title">Users</span>
-    <span class="action-desc">Search, lookup, and manage user accounts</span>
-  </a>
-  <a href="/-/admin/billing" class="action-card">
-    <span class="action-title">Billing</span>
-    <span class="action-desc">Extend trials, repair billing, manage subscriptions</span>
-  </a>
-  <a href="/-/admin/organizations" class="action-card">
-    <span class="action-title">Organizations</span>
-    <span class="action-desc">Lookup orgs, set custom domains, manage plans</span>
-  </a>
-  <a href="/-/admin/projects" class="action-card">
-    <span class="action-title">Projects</span>
-    <span class="action-desc">Search projects, edit settings, hibernate or reset</span>
-  </a>
-  <a href="/-/admin/quotas" class="action-card">
-    <span class="action-title">Quotas</span>
-    <span class="action-desc">View and adjust organization and user quotas</span>
-  </a>
-  <a href="/-/admin/superusers" class="action-card">
-    <span class="action-title">Superusers</span>
-    <span class="action-desc">Manage superuser access</span>
-  </a>
+{#if $assumedUser}
+  <div class="assume-banner">
+    <span>Currently assumed as <strong>{$assumedUser}</strong></span>
+    <button class="unassume-btn" on:click={handleUnassume}>
+      Unassume
+    </button>
+  </div>
+{/if}
+
+<div class="mb-4 max-w-md">
+  <SearchInput
+    placeholder="Search by email (min 3 characters)..."
+    on:search={handleSearch}
+  />
 </div>
 
+{#if $usersQuery.isFetching && searchQuery.length >= 3}
+  <div class="loading">
+    <div class="spinner" />
+    <span class="text-sm text-slate-500">Searching users...</span>
+  </div>
+{:else if $usersQuery.data?.users?.length}
+  <p class="text-xs text-slate-500 mb-2">
+    {$usersQuery.data.users.length} result{$usersQuery.data.users.length === 1
+      ? ""
+      : "s"}
+  </p>
+  <div class="results-table">
+    <table class="w-full">
+      <thead>
+        <tr>
+          <th>Email</th>
+          <th>Display Name</th>
+          <th>Created</th>
+          <th>Actions</th>
+        </tr>
+      </thead>
+      <tbody>
+        {#each $usersQuery.data.users as user}
+          {@const isAssumed = $assumedUser === user.email}
+          <tr>
+            <td class="font-mono text-xs">{user.email}</td>
+            <td>{user.displayName ?? "-"}</td>
+            <td class="text-xs text-slate-500">
+              {user.createdOn
+                ? new Date(user.createdOn).toLocaleDateString()
+                : "-"}
+            </td>
+            <td>
+              <div class="flex gap-2">
+                {#if isAssumed}
+                  <button
+                    class="action-btn assume-active"
+                    on:click={handleUnassume}
+                  >
+                    Unassume
+                  </button>
+                {:else}
+                  <button
+                    class="action-btn"
+                    on:click={() => handleAssume(user.email ?? "")}
+                  >
+                    Open as User
+                  </button>
+                {/if}
+                <button
+                  class="action-btn destructive"
+                  disabled={actionInProgress === `delete:${user.email}`}
+                  on:click={() => handleDelete(user.email ?? "")}
+                >
+                  {actionInProgress === `delete:${user.email}`
+                    ? "Deleting..."
+                    : "Delete"}
+                </button>
+              </div>
+            </td>
+          </tr>
+        {/each}
+      </tbody>
+    </table>
+  </div>
+{:else if searchQuery.length >= 3 && $usersQuery.isSuccess}
+  <p class="text-sm text-slate-500">No users found for "{searchQuery}"</p>
+{:else if searchQuery.length < 3}
+  <p class="text-sm text-slate-400">
+    Type at least 3 characters to search across all organizations.
+  </p>
+{/if}
+
+<ConfirmDialog
+  bind:open={confirmOpen}
+  title={confirmTitle}
+  description={confirmDescription}
+  destructive={confirmDestructive}
+  onConfirm={confirmAction}
+/>
+
 <style lang="postcss">
-  .quick-actions {
-    @apply grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-4;
+  table {
+    @apply border-collapse;
+  }
+
+  th {
+    @apply text-left text-xs font-medium text-slate-500 dark:text-slate-400
+      uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700;
+  }
+
+  td {
+    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
+      border-b border-slate-100 dark:border-slate-800;
+  }
+
+  tr:hover td {
+    @apply bg-slate-50 dark:bg-slate-800/50;
+  }
+
+  .action-btn {
+    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
+      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
+  }
+
+  .action-btn:disabled {
+    @apply opacity-50 cursor-not-allowed;
+  }
+
+  .action-btn.assume-active {
+    @apply border-amber-400 bg-amber-50 text-amber-700
+      hover:bg-amber-100
+      dark:border-amber-600 dark:bg-amber-900/20 dark:text-amber-300
+      dark:hover:bg-amber-900/40;
+  }
+
+  .action-btn.destructive {
+    @apply border-red-300 text-red-600 hover:bg-red-50
+      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
+  }
+
+  .assume-banner {
+    @apply flex items-center gap-3 mb-4 px-4 py-2 rounded-md
+      bg-amber-50 border border-amber-200 text-amber-800 text-sm
+      dark:bg-amber-900/20 dark:border-amber-700 dark:text-amber-300;
   }
 
-  .action-card {
-    @apply block p-4 rounded-lg border border-slate-200 dark:border-slate-700
-      hover:border-blue-300 dark:hover:border-blue-600
-      hover:shadow-sm transition-all;
+  .unassume-btn {
+    @apply text-xs px-3 py-1 rounded border border-amber-400 bg-white text-amber-700
+      hover:bg-amber-50
+      dark:bg-amber-900/30 dark:border-amber-600 dark:text-amber-300
+      dark:hover:bg-amber-900/50;
   }
 
-  .action-title {
-    @apply block text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1;
+  .loading {
+    @apply flex items-center gap-2 py-4;
   }
 
-  .action-desc {
-    @apply block text-xs text-slate-500 dark:text-slate-400;
+  .spinner {
+    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
   }
 </style>
diff --git a/web-admin/src/routes/-/admin/billing/+page.svelte b/web-admin/src/routes/-/admin/billing/+page.svelte
index 254c6fa746a..37df7f2205e 100644
--- a/web-admin/src/routes/-/admin/billing/+page.svelte
+++ b/web-admin/src/routes/-/admin/billing/+page.svelte
@@ -1,8 +1,14 @@
 <script lang="ts">
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
   import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
   import {
+    notifySuccess,
+    notifyError,
+  } from "@rilldata/web-admin/features/admin/shared/notify";
+  import OrgSearchInput from "@rilldata/web-admin/features/admin/shared/OrgSearchInput.svelte";
+  import type { V1BillingIssueType } from "@rilldata/web-admin/client";
+  import {
+    getBillingSetupURL,
     createExtendTrialMutation,
     createBillingRepairMutation,
     createDeleteBillingIssueMutation,
@@ -11,18 +17,24 @@
   } from "@rilldata/web-admin/features/admin/billing/selectors";
   import { useQueryClient } from "@tanstack/svelte-query";
 
-  let bannerRef: ActionResultBanner;
   let confirmOpen = false;
   let confirmTitle = "";
   let confirmDescription = "";
   let confirmAction: () => Promise<void> = async () => {};
 
+  // Billing Setup state
+  let setupOrg = "";
+  let setupLoading = false;
+  let setupUrl = "";
+
   // Form state
   let trialOrg = "";
   let trialDays = 14;
+  let trialLoading = false;
   let repairOrg = "";
   let customerIdOrg = "";
   let customerId = "";
+  let customerIdLoading = false;
   let issuesOrg = "";
 
   const queryClient = useQueryClient();
@@ -33,16 +45,40 @@
 
   $: billingIssuesQuery = getBillingIssues(issuesOrg);
 
+  async function handleBillingSetup() {
+    if (!setupOrg) return;
+    setupLoading = true;
+    setupUrl = "";
+    try {
+      const url = await getBillingSetupURL(setupOrg);
+      if (url) {
+        setupUrl = url;
+        notifySuccess( `Billing setup URL generated for ${setupOrg}`);
+      } else {
+        notifyError( "No URL returned; check the org name.");
+      }
+    } catch (err) {
+      notifyError( `Failed to generate billing setup URL: ${err}`);
+    } finally {
+      setupLoading = false;
+    }
+  }
+
   async function handleExtendTrial() {
     if (!trialOrg) return;
+    trialLoading = true;
     try {
       await $extendTrial.mutateAsync({
         data: { org: trialOrg, days: trialDays },
       });
-      bannerRef.show("success", `Trial extended by ${trialDays} days for ${trialOrg}`);
+      notifySuccess(
+        `Trial extended by ${trialDays} days for ${trialOrg}`,
+      );
       trialOrg = "";
     } catch (err) {
-      bannerRef.show("error", `Failed to extend trial: ${err}`);
+      notifyError( `Failed to extend trial: ${err}`);
+    } finally {
+      trialLoading = false;
     }
   }
 
@@ -53,10 +89,10 @@
     confirmAction = async () => {
       try {
         await $billingRepair.mutateAsync({ data: { org: repairOrg } });
-        bannerRef.show("success", `Billing repair triggered for ${repairOrg}`);
+        notifySuccess( `Billing repair triggered for ${repairOrg}`);
         repairOrg = "";
       } catch (err) {
-        bannerRef.show("error", `Failed to trigger billing repair: ${err}`);
+        notifyError( `Failed to trigger billing repair: ${err}`);
       }
     };
     confirmOpen = true;
@@ -64,48 +100,110 @@
 
   async function handleSetCustomerId() {
     if (!customerIdOrg || !customerId) return;
+    customerIdLoading = true;
     try {
       await $setCustomer.mutateAsync({
         data: { org: customerIdOrg, billingCustomerId: customerId },
       });
-      bannerRef.show("success", `Billing customer ID set for ${customerIdOrg}`);
+      notifySuccess(
+        `Billing customer ID set for ${customerIdOrg}`,
+      );
       customerIdOrg = "";
       customerId = "";
     } catch (err) {
-      bannerRef.show("error", `Failed to set billing customer ID: ${err}`);
+      notifyError( `Failed to set billing customer ID: ${err}`);
+    } finally {
+      customerIdLoading = false;
     }
   }
 
-  async function handleDeleteIssue(org: string, type: string) {
+  async function handleDeleteIssue(org: string, type: V1BillingIssueType) {
     try {
       await $deleteBillingIssue.mutateAsync({ org, type });
-      bannerRef.show("success", `Billing issue "${type}" deleted for ${org}`);
-      await queryClient.invalidateQueries();
+      notifySuccess( `Billing issue "${type}" deleted for ${org}`);
+      await queryClient.invalidateQueries({
+        predicate: (q) =>
+          (q.queryKey[0] as string)?.includes("/v1/organizations") ||
+          (q.queryKey[0] as string)?.includes("/v1/superuser/billing"),
+      });
     } catch (err) {
-      bannerRef.show("error", `Failed to delete billing issue: ${err}`);
+      notifyError( `Failed to delete billing issue: ${err}`);
     }
   }
 </script>
 
 <AdminPageHeader
   title="Billing"
-  description="Extend trials, repair billing state, manage billing customer IDs, and resolve billing issues."
+  description="Generate billing setup links, extend trials, repair billing state, and manage billing issues."
 />
 
-<ActionResultBanner bind:this={bannerRef} />
-
 <div class="sections">
+  <!-- Billing Setup (Primary feature) -->
+  <section class="card highlight">
+    <h2 class="card-title">Billing Setup</h2>
+    <p class="card-desc">
+      Generate a Stripe checkout page link for an organization to enter their
+      billing information.
+    </p>
+    <div class="form-row">
+      <div class="w-64">
+        <OrgSearchInput
+          bind:value={setupOrg}
+          placeholder="Search organization..."
+        />
+      </div>
+      <button
+        class="btn-primary"
+        on:click={handleBillingSetup}
+        disabled={setupLoading || !setupOrg}
+      >
+        {#if setupLoading}
+          <span class="btn-spinner" />
+          Generating...
+        {:else}
+          Generate Setup Link
+        {/if}
+      </button>
+    </div>
+    {#if setupUrl}
+      <div class="url-result">
+        <span class="text-xs text-slate-500"
+          >Share this link with the customer:</span
+        >
+        <div class="url-box">
+          <a
+            href={setupUrl}
+            target="_blank"
+            rel="noreferrer"
+            class="url-link"
+          >
+            {setupUrl}
+          </a>
+          <button
+            class="copy-btn"
+            on:click={() => {
+              navigator.clipboard.writeText(setupUrl);
+              notifySuccess( "URL copied to clipboard");
+            }}
+          >
+            Copy
+          </button>
+        </div>
+      </div>
+    {/if}
+  </section>
+
   <!-- Extend Trial -->
   <section class="card">
     <h2 class="card-title">Extend Trial</h2>
     <p class="card-desc">Add days to an organization's trial period.</p>
     <div class="form-row">
-      <input
-        type="text"
-        class="input"
-        placeholder="Organization name"
-        bind:value={trialOrg}
-      />
+      <div class="w-64">
+        <OrgSearchInput
+          bind:value={trialOrg}
+          placeholder="Search organization..."
+        />
+      </div>
       <input
         type="number"
         class="input w-24"
@@ -113,8 +211,17 @@
         max="365"
         bind:value={trialDays}
       />
-      <button class="btn-primary" on:click={handleExtendTrial}>
-        Extend Trial
+      <button
+        class="btn-primary"
+        on:click={handleExtendTrial}
+        disabled={trialLoading || !trialOrg}
+      >
+        {#if trialLoading}
+          <span class="btn-spinner" />
+          Extending...
+        {:else}
+          Extend Trial
+        {/if}
       </button>
     </div>
   </section>
@@ -122,22 +229,33 @@
   <!-- Set Billing Customer ID -->
   <section class="card">
     <h2 class="card-title">Set Billing Customer ID</h2>
-    <p class="card-desc">Associate a Stripe customer ID with an organization.</p>
+    <p class="card-desc">
+      Associate a Stripe customer ID with an organization.
+    </p>
     <div class="form-row">
-      <input
-        type="text"
-        class="input"
-        placeholder="Organization name"
-        bind:value={customerIdOrg}
-      />
+      <div class="w-64">
+        <OrgSearchInput
+          bind:value={customerIdOrg}
+          placeholder="Search organization..."
+        />
+      </div>
       <input
         type="text"
         class="input"
         placeholder="Stripe customer ID (cus_...)"
         bind:value={customerId}
       />
-      <button class="btn-primary" on:click={handleSetCustomerId}>
-        Set Customer ID
+      <button
+        class="btn-primary"
+        on:click={handleSetCustomerId}
+        disabled={customerIdLoading || !customerIdOrg || !customerId}
+      >
+        {#if customerIdLoading}
+          <span class="btn-spinner" />
+          Setting...
+        {:else}
+          Set Customer ID
+        {/if}
       </button>
     </div>
   </section>
@@ -145,15 +263,21 @@
   <!-- Billing Repair -->
   <section class="card">
     <h2 class="card-title">Billing Repair</h2>
-    <p class="card-desc">Trigger a billing state recalculation for an organization.</p>
+    <p class="card-desc">
+      Trigger a billing state recalculation for an organization.
+    </p>
     <div class="form-row">
-      <input
-        type="text"
-        class="input"
-        placeholder="Organization name"
-        bind:value={repairOrg}
-      />
-      <button class="btn-primary" on:click={handleBillingRepair}>
+      <div class="w-64">
+        <OrgSearchInput
+          bind:value={repairOrg}
+          placeholder="Search organization..."
+        />
+      </div>
+      <button
+        class="btn-primary"
+        on:click={handleBillingRepair}
+        disabled={!repairOrg}
+      >
         Trigger Repair
       </button>
     </div>
@@ -162,16 +286,23 @@
   <!-- Billing Issues -->
   <section class="card">
     <h2 class="card-title">Billing Issues</h2>
-    <p class="card-desc">View and resolve billing issues for an organization.</p>
+    <p class="card-desc">
+      View and resolve billing issues for an organization.
+    </p>
     <div class="form-row mb-4">
-      <input
-        type="text"
-        class="input"
-        placeholder="Organization name"
-        bind:value={issuesOrg}
-      />
+      <div class="w-64">
+        <OrgSearchInput
+          bind:value={issuesOrg}
+          placeholder="Search organization..."
+        />
+      </div>
     </div>
-    {#if $billingIssuesQuery.data?.issues?.length}
+    {#if $billingIssuesQuery.isFetching}
+      <div class="loading">
+        <div class="spinner" />
+        <span class="text-sm text-slate-500">Loading issues...</span>
+      </div>
+    {:else if $billingIssuesQuery.data?.issues?.length}
       <div class="issues-list">
         {#each $billingIssuesQuery.data.issues as issue}
           <div class="issue-row">
@@ -181,7 +312,8 @@
             </div>
             <button
               class="action-btn destructive"
-              on:click={() => handleDeleteIssue(issuesOrg, issue.type ?? "")}
+              on:click={() =>
+                handleDeleteIssue(issuesOrg, issue.type ?? "BILLING_ISSUE_TYPE_UNSPECIFIED")}
             >
               Delete Issue
             </button>
@@ -203,13 +335,17 @@
 
 <style lang="postcss">
   .sections {
-    @apply flex flex-col gap-6;
+    @apply flex flex-col gap-6 pb-12;
   }
 
   .card {
     @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700;
   }
 
+  .card.highlight {
+    @apply border-blue-200 dark:border-blue-800 bg-blue-50/50 dark:bg-blue-900/10;
+  }
+
   .card-title {
     @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1;
   }
@@ -232,7 +368,34 @@
 
   .btn-primary {
     @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white
-      hover:bg-blue-700 whitespace-nowrap;
+      hover:bg-blue-700 whitespace-nowrap flex items-center gap-2;
+  }
+
+  .btn-primary:disabled {
+    @apply opacity-50 cursor-not-allowed;
+  }
+
+  .btn-spinner {
+    @apply inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin;
+  }
+
+  .url-result {
+    @apply mt-4 flex flex-col gap-1;
+  }
+
+  .url-box {
+    @apply flex items-center gap-2 p-3 rounded-md bg-white dark:bg-slate-800
+      border border-slate-200 dark:border-slate-700;
+  }
+
+  .url-link {
+    @apply flex-1 text-sm text-blue-600 dark:text-blue-400 break-all hover:underline;
+  }
+
+  .copy-btn {
+    @apply text-xs px-3 py-1 rounded border border-slate-300 dark:border-slate-600
+      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700
+      whitespace-nowrap;
   }
 
   .issues-list {
@@ -261,4 +424,12 @@
     @apply border-red-300 text-red-600 hover:bg-red-50
       dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
   }
+
+  .loading {
+    @apply flex items-center gap-2 py-2;
+  }
+
+  .spinner {
+    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
+  }
 </style>
diff --git a/web-admin/src/routes/-/admin/organizations/+page.svelte b/web-admin/src/routes/-/admin/organizations/+page.svelte
index 8a14eb4d4b3..52a065bd457 100644
--- a/web-admin/src/routes/-/admin/organizations/+page.svelte
+++ b/web-admin/src/routes/-/admin/organizations/+page.svelte
@@ -1,86 +1,181 @@
 <script lang="ts">
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import {
+    notifySuccess,
+    notifyError,
+  } from "@rilldata/web-admin/features/admin/shared/notify";
   import {
     getOrganization,
-    getOrgAdmins,
-    createSetCustomDomainMutation,
-    createJoinOrgMutation,
+    getOrgMembers,
+    getOrgProjects,
+    searchOrgNames,
   } from "@rilldata/web-admin/features/admin/organizations/selectors";
+  import {
+    createRedeployProjectMutation,
+    createHibernateProjectMutation,
+  } from "@rilldata/web-admin/features/admin/projects/selectors";
 
-  let bannerRef: ActionResultBanner;
-  let orgName = "";
+  let searchInput = "";
   let lookupOrg = "";
-  let customDomainOrg = "";
-  let customDomain = "";
-  let joinOrg = "";
-  let joinEmail = "";
-  let joinRole = "admin";
+  let showDropdown = false;
+  let justSelected = false;
+  let confirmOpen = false;
+  let confirmTitle = "";
+  let confirmDescription = "";
+  let confirmDestructive = false;
+  let confirmAction: () => Promise<void> = async () => {};
+  let actionInProgress = "";
+
+  const redeployProject = createRedeployProjectMutation();
+  const hibernateProject = createHibernateProjectMutation();
 
-  const setCustomDomain = createSetCustomDomainMutation();
-  const joinOrgMutation = createJoinOrgMutation();
+  $: orgSearchQuery = searchOrgNames(searchInput);
+  $: orgNames = extractUniqueOrgs($orgSearchQuery.data?.names ?? []);
 
   $: orgQuery = getOrganization(lookupOrg);
-  $: adminsQuery = getOrgAdmins(lookupOrg);
+  $: membersQuery = getOrgMembers(lookupOrg);
+  $: projectsQuery = getOrgProjects(lookupOrg);
+
+  function extractUniqueOrgs(projectPaths: string[]): string[] {
+    const orgs = new Set<string>();
+    for (const path of projectPaths) {
+      const org = path.split("/")[0];
+      if (org) orgs.add(org);
+    }
+    return [...orgs].sort();
+  }
 
-  function handleLookup() {
-    lookupOrg = orgName;
+  function selectOrg(org: string) {
+    searchInput = org;
+    lookupOrg = org;
+    showDropdown = false;
+    justSelected = true;
   }
 
-  async function handleSetCustomDomain() {
-    if (!customDomainOrg || !customDomain) return;
-    try {
-      await $setCustomDomain.mutateAsync({
-        data: { name: customDomainOrg, customDomain },
-      });
-      bannerRef.show("success", `Custom domain set for ${customDomainOrg}`);
-    } catch (err) {
-      bannerRef.show("error", `Failed: ${err}`);
+  function handleInputKeydown(e: KeyboardEvent) {
+    if (e.key === "Enter" && searchInput) {
+      lookupOrg = searchInput;
+      showDropdown = false;
+      justSelected = true;
     }
   }
 
-  async function handleJoinOrg() {
-    if (!joinOrg || !joinEmail) return;
-    try {
-      await $joinOrgMutation.mutateAsync({
-        org: joinOrg,
-        data: { email: joinEmail, role: joinRole, superuserForceAccess: true },
-      });
-      bannerRef.show("success", `${joinEmail} added to ${joinOrg} as ${joinRole}`);
-    } catch (err) {
-      bannerRef.show("error", `Failed: ${err}`);
+  function handleInput() {
+    justSelected = false;
+    if (searchInput.length >= 3) {
+      showDropdown = true;
+    } else {
+      showDropdown = false;
     }
   }
+
+  function handleBlur() {
+    setTimeout(() => {
+      showDropdown = false;
+    }, 150);
+  }
+
+  function handleHibernate(orgName: string, projectName: string) {
+    confirmTitle = "Hibernate Project";
+    confirmDescription = `This will hibernate the deployment for ${orgName}/${projectName}. The project data will be preserved but the deployment will be stopped.`;
+    confirmDestructive = false;
+    confirmAction = async () => {
+      actionInProgress = `hibernate:${projectName}`;
+      try {
+        await $hibernateProject.mutateAsync({ org: orgName, project: projectName });
+        notifySuccess(`Project ${orgName}/${projectName} hibernated`);
+      } catch (err) {
+        notifyError(`Failed: ${err}`);
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    confirmOpen = true;
+  }
+
+  function handleRedeploy(orgName: string, projectName: string) {
+    confirmTitle = "Redeploy Project";
+    confirmDescription = `This will completely redeploy ${orgName}/${projectName}. This is a disruptive operation.`;
+    confirmDestructive = true;
+    confirmAction = async () => {
+      actionInProgress = `redeploy:${projectName}`;
+      try {
+        await $redeployProject.mutateAsync({ org: orgName, project: projectName });
+        notifySuccess(`Project ${orgName}/${projectName} redeployed`);
+      } catch (err) {
+        notifyError(`Failed: ${err}`);
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    confirmOpen = true;
+  }
+
+  $: if (orgNames.length > 0 && searchInput.length >= 3 && !justSelected) {
+    showDropdown = true;
+  }
 </script>
 
 <AdminPageHeader
   title="Organizations"
-  description="Lookup organizations, view their details, set custom domains, and add users."
+  description="Search for any organization by name to view details, members, and projects."
 />
 
-<ActionResultBanner bind:this={bannerRef} />
-
-<div class="sections">
-  <!-- Org Lookup -->
-  <section class="card">
-    <h2 class="card-title">Organization Lookup</h2>
-    <div class="form-row mb-4">
-      <input
-        type="text"
-        class="input"
-        placeholder="Organization name"
-        bind:value={orgName}
-        on:keydown={(e) => e.key === "Enter" && handleLookup()}
-      />
-      <button class="btn-primary" on:click={handleLookup}>Lookup</button>
-    </div>
-
-    {#if $orgQuery.data?.organization}
-      {@const org = $orgQuery.data.organization}
+<div class="mb-6 max-w-lg">
+  <div class="search-container">
+    <input
+      type="text"
+      class="input w-full"
+      placeholder="Search organizations (min 3 characters)..."
+      bind:value={searchInput}
+      on:keydown={handleInputKeydown}
+      on:input={handleInput}
+      on:blur={handleBlur}
+    />
+    {#if $orgSearchQuery.isFetching && searchInput.length >= 3}
+      <div class="search-spinner" />
+    {/if}
+    {#if showDropdown && orgNames.length > 0}
+      <div class="dropdown">
+        {#each orgNames as org}
+          <button
+            class="dropdown-item"
+            on:mousedown|preventDefault={() => selectOrg(org)}
+          >
+            {org}
+          </button>
+        {/each}
+      </div>
+    {:else if showDropdown && searchInput.length >= 3 && $orgSearchQuery.isSuccess && orgNames.length === 0}
+      <div class="dropdown">
+        <div class="dropdown-empty">No organizations found</div>
+      </div>
+    {/if}
+  </div>
+  <p class="text-xs text-slate-400 mt-1">
+    Type to search, then select or press Enter for exact match.
+  </p>
+</div>
+
+{#if $orgQuery.isFetching}
+  <div class="loading">
+    <div class="spinner" />
+    <span class="text-sm text-slate-500">Looking up organization...</span>
+  </div>
+{:else if $orgQuery.isError && lookupOrg}
+  <p class="text-sm text-red-600">
+    Organization "{lookupOrg}" not found or access denied.
+  </p>
+{:else if $orgQuery.data?.organization}
+  {@const org = $orgQuery.data.organization}
+  <div class="org-details">
+    <section class="card">
+      <h2 class="card-title">Organization Details</h2>
       <div class="detail-grid">
         <div class="detail-item">
           <span class="detail-label">ID</span>
-          <span class="detail-value font-mono">{org.id}</span>
+          <span class="detail-value font-mono text-xs">{org.id}</span>
         </div>
         <div class="detail-item">
           <span class="detail-label">Name</span>
@@ -94,6 +189,12 @@
           <span class="detail-label">Billing Plan</span>
           <span class="detail-value">{org.billingPlanDisplayName ?? "-"}</span>
         </div>
+        <div class="detail-item">
+          <span class="detail-label">Billing Customer ID</span>
+          <span class="detail-value font-mono text-xs"
+            >{org.billingCustomerId ?? "-"}</span
+          >
+        </div>
         <div class="detail-item">
           <span class="detail-label">Custom Domain</span>
           <span class="detail-value">{org.customDomain ?? "None"}</span>
@@ -101,65 +202,205 @@
         <div class="detail-item">
           <span class="detail-label">Created</span>
           <span class="detail-value">
-            {org.createdOn ? new Date(org.createdOn).toLocaleDateString() : "-"}
+            {org.createdOn
+              ? new Date(org.createdOn).toLocaleDateString()
+              : "-"}
+          </span>
+        </div>
+        <div class="detail-item">
+          <span class="detail-label">Projects</span>
+          <span class="detail-value">
+            {#if $projectsQuery.isFetching}
+              <span class="text-slate-400">Loading...</span>
+            {:else if $projectsQuery.data?.projects}
+              {$projectsQuery.data.projects.length}
+            {:else}
+              0
+            {/if}
           </span>
         </div>
       </div>
+    </section>
 
-      {#if $adminsQuery.data?.members?.length}
-        <h3 class="mt-4 text-xs font-semibold text-slate-500 uppercase">Members</h3>
-        <div class="mt-2">
-          {#each $adminsQuery.data.members as member}
-            <div class="member-row">
-              <span class="text-sm">{member.userEmail}</span>
-              <span class="text-xs text-slate-500">{member.roleName}</span>
+    <!-- Projects list -->
+    {#if $projectsQuery.data?.projects?.length}
+      <section class="card">
+        <h2 class="card-title">
+          Projects ({$projectsQuery.data.projects.length})
+        </h2>
+        <div class="project-list">
+          {#each $projectsQuery.data.projects as project}
+            <div class="project-row">
+              <a
+                href={`/${org.name}/${project.name}`}
+                target="_blank"
+                class="project-name"
+              >
+                {project.name}
+              </a>
+              <div class="flex gap-2">
+                <button
+                  class="action-btn"
+                  disabled={actionInProgress === `hibernate:${project.name}`}
+                  on:click={() => handleHibernate(org.name ?? "", project.name ?? "")}
+                >
+                  {actionInProgress === `hibernate:${project.name}` ? "Hibernating..." : "Hibernate"}
+                </button>
+                <button
+                  class="action-btn destructive"
+                  disabled={actionInProgress === `redeploy:${project.name}`}
+                  on:click={() => handleRedeploy(org.name ?? "", project.name ?? "")}
+                >
+                  {actionInProgress === `redeploy:${project.name}` ? "Redeploying..." : "Redeploy"}
+                </button>
+              </div>
             </div>
           {/each}
         </div>
-      {/if}
+      </section>
     {/if}
-  </section>
-
-  <!-- Set Custom Domain -->
-  <section class="card">
-    <h2 class="card-title">Set Custom Domain</h2>
-    <div class="form-row">
-      <input type="text" class="input" placeholder="Organization name" bind:value={customDomainOrg} />
-      <input type="text" class="input" placeholder="Custom domain (e.g. analytics.acme.com)" bind:value={customDomain} />
-      <button class="btn-primary" on:click={handleSetCustomDomain}>Set Domain</button>
-    </div>
-  </section>
-
-  <!-- Join Organization -->
-  <section class="card">
-    <h2 class="card-title">Add User to Organization</h2>
-    <div class="form-row">
-      <input type="text" class="input" placeholder="Organization name" bind:value={joinOrg} />
-      <input type="email" class="input" placeholder="User email" bind:value={joinEmail} />
-      <select class="input" bind:value={joinRole}>
-        <option value="admin">Admin</option>
-        <option value="editor">Editor</option>
-        <option value="viewer">Viewer</option>
-      </select>
-      <button class="btn-primary" on:click={handleJoinOrg}>Add User</button>
-    </div>
-  </section>
-</div>
+
+    <!-- Members list -->
+    {#if $membersQuery.isFetching}
+      <div class="loading">
+        <div class="spinner" />
+        <span class="text-sm text-slate-500">Loading members...</span>
+      </div>
+    {:else if $membersQuery.data?.members?.length}
+      <section class="card">
+        <h2 class="card-title">
+          Members ({$membersQuery.data.members.length})
+        </h2>
+        <table class="w-full">
+          <thead>
+            <tr>
+              <th>Email</th>
+              <th>Role</th>
+            </tr>
+          </thead>
+          <tbody>
+            {#each $membersQuery.data.members as member}
+              <tr>
+                <td class="font-mono text-xs">{member.userEmail}</td>
+                <td>{member.roleName}</td>
+              </tr>
+            {/each}
+          </tbody>
+        </table>
+      </section>
+    {/if}
+  </div>
+{/if}
+
+<ConfirmDialog
+  bind:open={confirmOpen}
+  title={confirmTitle}
+  description={confirmDescription}
+  destructive={confirmDestructive}
+  onConfirm={confirmAction}
+/>
 
 <style lang="postcss">
-  .sections { @apply flex flex-col gap-6; }
-  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
-  .card-title { @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3; }
-  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .search-container {
+    @apply relative;
+  }
+
+  .search-spinner {
+    @apply absolute right-3 top-1/2 -translate-y-1/2
+      w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
+  }
+
+  .dropdown {
+    @apply absolute z-10 w-full mt-1 bg-white dark:bg-slate-800
+      border border-slate-200 dark:border-slate-700
+      rounded-md shadow-lg max-h-48 overflow-y-auto;
+  }
+
+  .dropdown-item {
+    @apply w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300
+      hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer;
+  }
+
+  .dropdown-empty {
+    @apply px-3 py-2 text-sm text-slate-400;
+  }
+
   .input {
     @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
       bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
       placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
   }
-  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
-  .detail-grid { @apply grid grid-cols-2 lg:grid-cols-3 gap-3; }
-  .detail-item { @apply flex flex-col; }
-  .detail-label { @apply text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider; }
-  .detail-value { @apply text-sm text-slate-900 dark:text-slate-100; }
-  .member-row { @apply flex justify-between items-center px-3 py-1.5 rounded bg-slate-50 dark:bg-slate-800 mb-1; }
+
+  .org-details {
+    @apply flex flex-col gap-4;
+  }
+
+  .card {
+    @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700;
+  }
+
+  .card-title {
+    @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3;
+  }
+
+  .detail-grid {
+    @apply grid grid-cols-2 lg:grid-cols-4 gap-3;
+  }
+
+  .detail-item {
+    @apply flex flex-col;
+  }
+
+  .detail-label {
+    @apply text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider;
+  }
+
+  .detail-value {
+    @apply text-sm text-slate-900 dark:text-slate-100;
+  }
+
+  .project-list {
+    @apply flex flex-col gap-1;
+  }
+
+  .project-row {
+    @apply flex items-center justify-between px-3 py-2 rounded
+      bg-slate-50 dark:bg-slate-800;
+  }
+
+  .project-name {
+    @apply text-sm text-blue-600 dark:text-blue-400 hover:underline;
+  }
+
+  th {
+    @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider
+      px-4 py-2 border-b border-slate-200 dark:border-slate-700;
+  }
+
+  td {
+    @apply px-4 py-2 text-sm text-slate-700 dark:text-slate-300
+      border-b border-slate-100 dark:border-slate-800;
+  }
+
+  .action-btn {
+    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
+      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
+  }
+
+  .action-btn:disabled {
+    @apply opacity-50 cursor-not-allowed;
+  }
+
+  .action-btn.destructive {
+    @apply border-red-300 text-red-600 hover:bg-red-50
+      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
+  }
+
+  .loading {
+    @apply flex items-center gap-2 py-4;
+  }
+
+  .spinner {
+    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
+  }
 </style>
diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
index 4f1b9815a15..b0eb6ff8253 100644
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -1,8 +1,11 @@
 <!-- web-admin/src/routes/-/admin/projects/+page.svelte -->
 <script lang="ts">
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
   import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import {
+    notifySuccess,
+    notifyError,
+  } from "@rilldata/web-admin/features/admin/shared/notify";
   import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
   import {
     searchProjects,
@@ -10,13 +13,13 @@
     createHibernateProjectMutation,
   } from "@rilldata/web-admin/features/admin/projects/selectors";
 
-  let bannerRef: ActionResultBanner;
   let searchQuery = "";
   let confirmOpen = false;
   let confirmTitle = "";
   let confirmDescription = "";
   let confirmDestructive = false;
   let confirmAction: () => Promise<void> = async () => {};
+  let actionInProgress = "";
 
   const redeployProject = createRedeployProjectMutation();
   const hibernateProject = createHibernateProjectMutation();
@@ -33,11 +36,14 @@
     confirmDescription = `This will hibernate the deployment for ${name}. The project data will be preserved but the deployment will be stopped.`;
     confirmDestructive = false;
     confirmAction = async () => {
+      actionInProgress = `hibernate:${name}`;
       try {
-        await $hibernateProject.mutateAsync({ organization: org, project });
-        bannerRef.show("success", `Project ${name} hibernated`);
+        await $hibernateProject.mutateAsync({ org, project });
+        notifySuccess( `Project ${name} hibernated`);
       } catch (err) {
-        bannerRef.show("error", `Failed: ${err}`);
+        notifyError( `Failed: ${err}`);
+      } finally {
+        actionInProgress = "";
       }
     };
     confirmOpen = true;
@@ -49,11 +55,14 @@
     confirmDescription = `This will completely redeploy ${name}. This is a disruptive operation.`;
     confirmDestructive = true;
     confirmAction = async () => {
+      actionInProgress = `redeploy:${name}`;
       try {
-        await $redeployProject.mutateAsync({ organization: org, project });
-        bannerRef.show("success", `Project ${name} redeployed`);
+        await $redeployProject.mutateAsync({ org, project });
+        notifySuccess( `Project ${name} redeployed`);
       } catch (err) {
-        bannerRef.show("error", `Failed: ${err}`);
+        notifyError( `Failed: ${err}`);
+      } finally {
+        actionInProgress = "";
       }
     };
     confirmOpen = true;
@@ -62,21 +71,25 @@
 
 <AdminPageHeader
   title="Projects"
-  description="Search projects by name pattern, view details, hibernate or redeploy."
+  description="Search projects across all organizations by name pattern."
 />
 
-<ActionResultBanner bind:this={bannerRef} />
-
 <div class="mb-4 max-w-md">
   <SearchInput
-    placeholder="Search projects (e.g. org/project, min 2 chars)..."
+    placeholder="Search projects (e.g. org/project, min 3 chars)..."
     on:search={handleSearch}
   />
 </div>
 
-{#if $projectsQuery.isLoading && searchQuery.length >= 2}
-  <p class="text-sm text-slate-500">Searching...</p>
+{#if $projectsQuery.isFetching && searchQuery.length >= 3}
+  <div class="loading">
+    <div class="spinner" />
+    <span class="text-sm text-slate-500">Searching projects...</span>
+  </div>
 {:else if $projectsQuery.data?.names?.length}
+  <p class="text-xs text-slate-500 mb-2">
+    {$projectsQuery.data.names.length} result{$projectsQuery.data.names.length === 1 ? "" : "s"}
+  </p>
   <table class="w-full">
     <thead>
       <tr>
@@ -97,14 +110,19 @@
               >
                 View
               </a>
-              <button class="action-btn" on:click={() => handleHibernate(name)}>
-                Hibernate
+              <button
+                class="action-btn"
+                disabled={actionInProgress === `hibernate:${name}`}
+                on:click={() => handleHibernate(name)}
+              >
+                {actionInProgress === `hibernate:${name}` ? "Hibernating..." : "Hibernate"}
               </button>
               <button
                 class="action-btn destructive"
+                disabled={actionInProgress === `redeploy:${name}`}
                 on:click={() => handleRedeploy(name)}
               >
-                Redeploy
+                {actionInProgress === `redeploy:${name}` ? "Redeploying..." : "Redeploy"}
               </button>
             </div>
           </td>
@@ -112,8 +130,12 @@
       {/each}
     </tbody>
   </table>
-{:else if searchQuery.length >= 2 && $projectsQuery.isSuccess}
+{:else if searchQuery.length >= 3 && $projectsQuery.isSuccess}
   <p class="text-sm text-slate-500">No projects found for "{searchQuery}"</p>
+{:else if searchQuery.length < 3}
+  <p class="text-sm text-slate-400">
+    Type at least 3 characters to search across all organizations.
+  </p>
 {/if}
 
 <ConfirmDialog
@@ -129,17 +151,35 @@
     @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider
       px-4 py-2 border-b border-slate-200 dark:border-slate-700;
   }
+
   td {
     @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
       border-b border-slate-100 dark:border-slate-800;
   }
-  tr:hover td { @apply bg-slate-50 dark:bg-slate-800/50; }
+
+  tr:hover td {
+    @apply bg-slate-50 dark:bg-slate-800/50;
+  }
+
   .action-btn {
     @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
       text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
   }
+
+  .action-btn:disabled {
+    @apply opacity-50 cursor-not-allowed;
+  }
+
   .action-btn.destructive {
     @apply border-red-300 text-red-600 hover:bg-red-50
       dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
   }
+
+  .loading {
+    @apply flex items-center gap-2 py-4;
+  }
+
+  .spinner {
+    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
+  }
 </style>
diff --git a/web-admin/src/routes/-/admin/quotas/+page.svelte b/web-admin/src/routes/-/admin/quotas/+page.svelte
index e187e989006..5750b434791 100644
--- a/web-admin/src/routes/-/admin/quotas/+page.svelte
+++ b/web-admin/src/routes/-/admin/quotas/+page.svelte
@@ -1,26 +1,24 @@
 <!-- web-admin/src/routes/-/admin/quotas/+page.svelte -->
 <script lang="ts">
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
+  import OrgSearchInput from "@rilldata/web-admin/features/admin/shared/OrgSearchInput.svelte";
+  import {
+    notifySuccess,
+    notifyError,
+  } from "@rilldata/web-admin/features/admin/shared/notify";
   import {
     getOrgForQuotas,
     createUpdateOrgQuotasMutation,
-    createUpdateUserQuotasMutation,
   } from "@rilldata/web-admin/features/admin/quotas/selectors";
   import { useQueryClient } from "@tanstack/svelte-query";
 
-  let bannerRef: ActionResultBanner;
-  let quotaType: "org" | "user" = "org";
-  let lookupValue = "";
+  let orgValue = "";
   let activeOrg = "";
-  let activeUser = "";
-  let lookupDone = false;
 
   const queryClient = useQueryClient();
   const updateOrgQuotas = createUpdateOrgQuotasMutation();
-  const updateUserQuotas = createUpdateUserQuotasMutation();
 
-  // Quota fields for editing (org quotas)
+  // Quota fields for editing
   let projects = "";
   let deployments = "";
   let slotsTotal = "";
@@ -28,100 +26,71 @@
   let outstandingInvites = "";
   let storageLimitBytes = "";
 
-  // Quota fields for editing (user quotas)
-  let singleuserOrgs = "";
-
   $: orgQuery = getOrgForQuotas(activeOrg);
 
-  function handleLookup() {
-    lookupDone = true;
-    if (quotaType === "org") {
-      activeOrg = lookupValue;
-      activeUser = "";
-    } else {
-      activeUser = lookupValue;
-      activeOrg = "";
-    }
+  function handleOrgSelect(e: CustomEvent<string>) {
+    activeOrg = e.detail;
   }
 
   // Populate fields when org data loads
   $: if ($orgQuery.data?.organization?.quotas) {
     const q = $orgQuery.data.organization.quotas;
-    projects = q.projects ?? "";
-    deployments = q.deployments ?? "";
-    slotsTotal = q.slotsTotal ?? "";
-    slotsPerDeployment = q.slotsPerDeployment ?? "";
-    outstandingInvites = q.outstandingInvites ?? "";
+    projects = q.projects != null ? String(q.projects) : "";
+    deployments = q.deployments != null ? String(q.deployments) : "";
+    slotsTotal = q.slotsTotal != null ? String(q.slotsTotal) : "";
+    slotsPerDeployment = q.slotsPerDeployment != null ? String(q.slotsPerDeployment) : "";
+    outstandingInvites = q.outstandingInvites != null ? String(q.outstandingInvites) : "";
     storageLimitBytes = q.storageLimitBytesPerDeployment ?? "";
   }
 
   async function handleSaveQuotas() {
     try {
-      if (quotaType === "org") {
-        await $updateOrgQuotas.mutateAsync({
-          data: {
-            org: activeOrg,
-            projects: projects ? Number(projects) : undefined,
-            deployments: deployments ? Number(deployments) : undefined,
-            slotsTotal: slotsTotal ? Number(slotsTotal) : undefined,
-            slotsPerDeployment: slotsPerDeployment ? Number(slotsPerDeployment) : undefined,
-            outstandingInvites: outstandingInvites ? Number(outstandingInvites) : undefined,
-            storageLimitBytesPerDeployment: storageLimitBytes ? storageLimitBytes : undefined,
-          },
-        });
-        bannerRef.show("success", `Quotas updated for org: ${activeOrg}`);
-      } else {
-        await $updateUserQuotas.mutateAsync({
-          data: {
-            email: activeUser,
-            singleuserOrgs: singleuserOrgs ? Number(singleuserOrgs) : undefined,
-          },
-        });
-        bannerRef.show("success", `Quotas updated for user: ${activeUser}`);
-      }
+      await $updateOrgQuotas.mutateAsync({
+        data: {
+          org: activeOrg,
+          projects: projects ? Number(projects) : undefined,
+          deployments: deployments ? Number(deployments) : undefined,
+          slotsTotal: slotsTotal ? Number(slotsTotal) : undefined,
+          slotsPerDeployment: slotsPerDeployment ? Number(slotsPerDeployment) : undefined,
+          outstandingInvites: outstandingInvites ? Number(outstandingInvites) : undefined,
+          storageLimitBytesPerDeployment: storageLimitBytes ? storageLimitBytes : undefined,
+        },
+      });
+      notifySuccess(`Quotas updated for org: ${activeOrg}`);
       await queryClient.invalidateQueries({
         predicate: (q) =>
           (q.queryKey[0] as string)?.includes("/v1/superuser/quotas") ||
           (q.queryKey[0] as string)?.includes("/v1/organizations"),
       });
     } catch (err) {
-      bannerRef.show("error", `Failed to update quotas: ${err}`);
+      notifyError(`Failed to update quotas: ${err}`);
     }
   }
 </script>
 
 <AdminPageHeader
   title="Quotas"
-  description="View and adjust resource quotas for organizations and users."
+  description="View and adjust resource quotas for organizations."
 />
 
-<ActionResultBanner bind:this={bannerRef} />
-
 <div class="sections">
   <section class="card">
-    <div class="flex gap-4 mb-4">
-      <label class="flex items-center gap-2 text-sm">
-        <input type="radio" value="org" bind:group={quotaType} />
-        Organization
-      </label>
-      <label class="flex items-center gap-2 text-sm">
-        <input type="radio" value="user" bind:group={quotaType} />
-        User
-      </label>
-    </div>
-
     <div class="form-row mb-4">
-      <input
-        type="text"
-        class="input"
-        placeholder={quotaType === "org" ? "Organization name" : "User email"}
-        bind:value={lookupValue}
-        on:keydown={(e) => e.key === "Enter" && handleLookup()}
-      />
-      <button class="btn-primary" on:click={handleLookup}>Lookup</button>
+      <div class="w-64">
+        <OrgSearchInput
+          bind:value={orgValue}
+          placeholder="Search organization..."
+          on:select={handleOrgSelect}
+        />
+      </div>
     </div>
 
-    {#if quotaType === "org" && activeOrg && $orgQuery.data?.organization}
+    {#if activeOrg && $orgQuery.isFetching}
+      <div class="loading">
+        <div class="spinner" />
+        <span class="text-sm text-slate-500">Loading quotas...</span>
+      </div>
+    {:else if activeOrg && $orgQuery.data?.organization}
       <div class="quota-grid">
         <div class="quota-field">
           <label class="quota-label" for="projects">Projects</label>
@@ -149,18 +118,6 @@
         </div>
       </div>
 
-      <div class="mt-4">
-        <button class="btn-primary" on:click={handleSaveQuotas}>Save Quotas</button>
-      </div>
-    {:else if quotaType === "user" && activeUser && lookupDone}
-      <div class="quota-grid">
-        <div class="quota-field">
-          <label class="quota-label" for="singleuserOrgs">Single-user Orgs Limit</label>
-          <input id="singleuserOrgs" type="number" class="input" bind:value={singleuserOrgs} />
-        </div>
-      </div>
-      <p class="text-xs text-slate-500 mt-2">User quotas are limited to the single-user orgs field. Other quotas are managed at the org level.</p>
-
       <div class="mt-4">
         <button class="btn-primary" on:click={handleSaveQuotas}>Save Quotas</button>
       </div>
@@ -181,4 +138,6 @@
   .quota-grid { @apply grid grid-cols-2 lg:grid-cols-3 gap-4; }
   .quota-field { @apply flex flex-col gap-1; }
   .quota-label { @apply text-xs font-medium text-slate-500 dark:text-slate-400; }
+  .loading { @apply flex items-center gap-2 py-4; }
+  .spinner { @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin; }
 </style>
diff --git a/web-admin/src/routes/-/admin/superusers/+page.svelte b/web-admin/src/routes/-/admin/superusers/+page.svelte
index 9138d475149..be6a6bce02d 100644
--- a/web-admin/src/routes/-/admin/superusers/+page.svelte
+++ b/web-admin/src/routes/-/admin/superusers/+page.svelte
@@ -5,12 +5,15 @@
     createAdminServiceSetSuperuser,
   } from "@rilldata/web-admin/client";
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
   import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
+  import {
+    notifySuccess,
+    notifyError,
+  } from "@rilldata/web-admin/features/admin/shared/notify";
   import { useQueryClient } from "@tanstack/svelte-query";
 
-  let bannerRef: ActionResultBanner;
   let newEmail = "";
+  let addLoading = false;
   let confirmOpen = false;
   let confirmTitle = "";
   let confirmDescription = "";
@@ -23,13 +26,19 @@
 
   async function handleAdd() {
     if (!newEmail) return;
+    addLoading = true;
     try {
       await $setSuperuser.mutateAsync({ data: { email: newEmail, superuser: true } });
-      bannerRef.show("success", `${newEmail} added as superuser`);
+      notifySuccess( `${newEmail} added as superuser`);
       newEmail = "";
-      await queryClient.invalidateQueries();
+      await queryClient.invalidateQueries({
+        predicate: (q) =>
+          (q.queryKey[0] as string)?.includes("/v1/superuser"),
+      });
     } catch (err) {
-      bannerRef.show("error", `Failed: ${err}`);
+      notifyError( `Failed: ${err}`);
+    } finally {
+      addLoading = false;
     }
   }
 
@@ -40,10 +49,13 @@
     confirmAction = async () => {
       try {
         await $setSuperuser.mutateAsync({ data: { email, superuser: false } });
-        bannerRef.show("success", `${email} removed as superuser`);
-        await queryClient.invalidateQueries();
+        notifySuccess( `${email} removed as superuser`);
+        await queryClient.invalidateQueries({
+          predicate: (q) =>
+            (q.queryKey[0] as string)?.includes("/v1/superuser"),
+        });
       } catch (err) {
-        bannerRef.show("error", `Failed: ${err}`);
+        notifyError( `Failed: ${err}`);
       }
     };
     confirmOpen = true;
@@ -52,24 +64,46 @@
 
 <AdminPageHeader
   title="Superusers"
-  description="Manage who has superuser (super admin) access to Rill Cloud."
+  description="Manage who has superuser (super admin) access across all of Rill Cloud."
 />
 
-<ActionResultBanner bind:this={bannerRef} />
-
 <div class="card mb-6">
   <h2 class="card-title">Add Superuser</h2>
   <div class="form-row">
-    <input type="email" class="input" placeholder="Email address" bind:value={newEmail}
-      on:keydown={(e) => e.key === "Enter" && handleAdd()} />
-    <button class="btn-primary" on:click={handleAdd}>Add Superuser</button>
+    <input
+      type="email"
+      class="input"
+      placeholder="Email address"
+      bind:value={newEmail}
+      on:keydown={(e) => e.key === "Enter" && handleAdd()}
+    />
+    <button class="btn-primary" on:click={handleAdd} disabled={addLoading || !newEmail}>
+      {#if addLoading}
+        <span class="btn-spinner" />
+        Adding...
+      {:else}
+        Add Superuser
+      {/if}
+    </button>
   </div>
 </div>
 
-{#if $superusersQuery.data?.users?.length}
+{#if $superusersQuery.isFetching}
+  <div class="loading">
+    <div class="spinner" />
+    <span class="text-sm text-slate-500">Loading superusers...</span>
+  </div>
+{:else if $superusersQuery.data?.users?.length}
+  <p class="text-xs text-slate-500 mb-2">
+    {$superusersQuery.data.users.length} superuser{$superusersQuery.data.users.length === 1 ? "" : "s"}
+  </p>
   <table class="w-full">
     <thead>
-      <tr><th>Email</th><th>Display Name</th><th>Actions</th></tr>
+      <tr>
+        <th>Email</th>
+        <th>Display Name</th>
+        <th>Actions</th>
+      </tr>
     </thead>
     <tbody>
       {#each $superusersQuery.data.users as user}
@@ -77,7 +111,10 @@
           <td class="font-mono text-xs">{user.email}</td>
           <td>{user.displayName ?? "-"}</td>
           <td>
-            <button class="action-btn destructive" on:click={() => handleRemove(user.email ?? "")}>
+            <button
+              class="action-btn destructive"
+              on:click={() => handleRemove(user.email ?? "")}
+            >
               Remove
             </button>
           </td>
@@ -87,20 +124,66 @@
   </table>
 {/if}
 
-<ConfirmDialog bind:open={confirmOpen} title={confirmTitle} description={confirmDescription}
-  destructive={confirmDestructive} onConfirm={confirmAction} />
+<ConfirmDialog
+  bind:open={confirmOpen}
+  title={confirmTitle}
+  description={confirmDescription}
+  destructive={confirmDestructive}
+  onConfirm={confirmAction}
+/>
 
 <style lang="postcss">
-  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
-  .card-title { @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3; }
-  .form-row { @apply flex gap-3 items-center flex-wrap; }
+  .card {
+    @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700;
+  }
+
+  .card-title {
+    @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3;
+  }
+
+  .form-row {
+    @apply flex gap-3 items-center flex-wrap;
+  }
+
   .input {
     @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
       bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
       placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
   }
-  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
-  th { @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700; }
-  td { @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800; }
-  .action-btn.destructive { @apply text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400; }
+
+  .btn-primary {
+    @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700
+      whitespace-nowrap flex items-center gap-2;
+  }
+
+  .btn-primary:disabled {
+    @apply opacity-50 cursor-not-allowed;
+  }
+
+  .btn-spinner {
+    @apply inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin;
+  }
+
+  th {
+    @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider
+      px-4 py-2 border-b border-slate-200 dark:border-slate-700;
+  }
+
+  td {
+    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
+      border-b border-slate-100 dark:border-slate-800;
+  }
+
+  .action-btn.destructive {
+    @apply text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50
+      dark:border-red-700 dark:text-red-400;
+  }
+
+  .loading {
+    @apply flex items-center gap-2 py-4;
+  }
+
+  .spinner {
+    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
+  }
 </style>

From e058d493c4486a3524ce9cfdf351bed58afef6df Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Fri, 20 Mar 2026 23:44:16 -0700
Subject: [PATCH 25/35] fix(admin-console): add missing new files and remove
 deleted pages

Add new shared components (OrgSearchInput, UserSearchInput, notify,
RepresentingBanner, assume-state) that were missing from previous
commits. Remove obsolete pages (annotations, runtime, users,
virtual-files, whitelist) and unused components (ActionResultBanner,
StatusBadge, whitelist selectors) that were deleted locally but
not staged.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../admin/shared/ActionResultBanner.svelte    |  49 -----
 .../admin/shared/OrgSearchInput.svelte        | 118 +++++++++++
 .../features/admin/shared/StatusBadge.svelte  |  33 ----
 .../admin/shared/UserSearchInput.svelte       | 107 ++++++++++
 web-admin/src/features/admin/shared/notify.ts |   9 +
 .../admin/users/RepresentingBanner.svelte     |  50 +++++
 .../src/features/admin/users/assume-state.ts  |  53 +++++
 .../src/features/admin/whitelist/selectors.ts |  21 --
 .../routes/-/admin/annotations/+page.svelte   |  90 ---------
 .../src/routes/-/admin/runtime/+page.svelte   |  30 ---
 .../src/routes/-/admin/users/+page.svelte     | 184 ------------------
 .../routes/-/admin/virtual-files/+page.svelte |  41 ----
 .../src/routes/-/admin/whitelist/+page.svelte | 131 -------------
 13 files changed, 337 insertions(+), 579 deletions(-)
 delete mode 100644 web-admin/src/features/admin/shared/ActionResultBanner.svelte
 create mode 100644 web-admin/src/features/admin/shared/OrgSearchInput.svelte
 delete mode 100644 web-admin/src/features/admin/shared/StatusBadge.svelte
 create mode 100644 web-admin/src/features/admin/shared/UserSearchInput.svelte
 create mode 100644 web-admin/src/features/admin/shared/notify.ts
 create mode 100644 web-admin/src/features/admin/users/RepresentingBanner.svelte
 create mode 100644 web-admin/src/features/admin/users/assume-state.ts
 delete mode 100644 web-admin/src/features/admin/whitelist/selectors.ts
 delete mode 100644 web-admin/src/routes/-/admin/annotations/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/runtime/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/users/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/virtual-files/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/whitelist/+page.svelte

diff --git a/web-admin/src/features/admin/shared/ActionResultBanner.svelte b/web-admin/src/features/admin/shared/ActionResultBanner.svelte
deleted file mode 100644
index 13bcb545147..00000000000
--- a/web-admin/src/features/admin/shared/ActionResultBanner.svelte
+++ /dev/null
@@ -1,49 +0,0 @@
-<!-- web-admin/src/features/admin/shared/ActionResultBanner.svelte -->
-<script lang="ts">
-  export let type: "success" | "error" | "" = "";
-  export let message: string = "";
-
-  export function show(newType: "success" | "error", newMessage: string) {
-    type = newType;
-    message = newMessage;
-    setTimeout(() => {
-      type = "";
-      message = "";
-    }, 5000);
-  }
-</script>
-
-{#if type && message}
-  <div
-    class="banner"
-    class:success={type === "success"}
-    class:error={type === "error"}
-  >
-    <span>{message}</span>
-    <button
-      class="close-btn"
-      on:click={() => {
-        type = "";
-        message = "";
-      }}>x</button
-    >
-  </div>
-{/if}
-
-<style lang="postcss">
-  .banner {
-    @apply flex items-center justify-between px-4 py-3 rounded-md text-sm mb-4;
-  }
-
-  .success {
-    @apply bg-green-50 text-green-800 dark:bg-green-900/20 dark:text-green-300;
-  }
-
-  .error {
-    @apply bg-red-50 text-red-800 dark:bg-red-900/20 dark:text-red-300;
-  }
-
-  .close-btn {
-    @apply ml-4 text-current opacity-50 hover:opacity-100;
-  }
-</style>
diff --git a/web-admin/src/features/admin/shared/OrgSearchInput.svelte b/web-admin/src/features/admin/shared/OrgSearchInput.svelte
new file mode 100644
index 00000000000..5d981a5b940
--- /dev/null
+++ b/web-admin/src/features/admin/shared/OrgSearchInput.svelte
@@ -0,0 +1,118 @@
+<!-- Org name input with search dropdown powered by project name search -->
+<script lang="ts">
+  import { createEventDispatcher } from "svelte";
+  import { searchOrgNames } from "@rilldata/web-admin/features/admin/organizations/selectors";
+
+  export let value = "";
+  export let placeholder = "Organization name";
+
+  const dispatch = createEventDispatcher<{ select: string }>();
+
+  let showDropdown = false;
+  let justSelected = false;
+
+  $: orgSearchQuery = searchOrgNames(value);
+  $: orgNames = extractUniqueOrgs($orgSearchQuery.data?.names ?? []);
+
+  function extractUniqueOrgs(projectPaths: string[]): string[] {
+    const orgs = new Set<string>();
+    for (const path of projectPaths) {
+      const org = path.split("/")[0];
+      if (org) orgs.add(org);
+    }
+    return [...orgs].sort();
+  }
+
+  function selectOrg(org: string) {
+    value = org;
+    showDropdown = false;
+    justSelected = true;
+    dispatch("select", org);
+  }
+
+  function handleKeydown(e: KeyboardEvent) {
+    if (e.key === "Enter") {
+      showDropdown = false;
+      justSelected = true;
+      dispatch("select", value);
+    }
+  }
+
+  function handleInput() {
+    justSelected = false;
+    if (value.length >= 3) {
+      showDropdown = true;
+    } else {
+      showDropdown = false;
+    }
+  }
+
+  function handleBlur() {
+    // Delay to allow mousedown on dropdown items to fire first
+    setTimeout(() => {
+      showDropdown = false;
+    }, 150);
+  }
+
+  // When new results arrive, show dropdown only if user is actively typing
+  $: if (orgNames.length > 0 && value.length >= 3 && !justSelected) {
+    showDropdown = true;
+  }
+</script>
+
+<div class="search-container">
+  <input
+    type="text"
+    class="input"
+    {placeholder}
+    bind:value
+    on:keydown={handleKeydown}
+    on:input={handleInput}
+    on:blur={handleBlur}
+  />
+  {#if $orgSearchQuery.isFetching && value.length >= 3}
+    <div class="search-spinner" />
+  {/if}
+  {#if showDropdown && orgNames.length > 0}
+    <div class="dropdown">
+      {#each orgNames as org}
+        <button
+          class="dropdown-item"
+          on:mousedown|preventDefault={() => selectOrg(org)}
+        >
+          {org}
+        </button>
+      {/each}
+    </div>
+  {/if}
+</div>
+
+<style lang="postcss">
+  .search-container {
+    @apply relative;
+  }
+
+  .input {
+    @apply w-full px-3 py-2 text-sm rounded-md border border-slate-300
+      dark:border-slate-600 bg-white dark:bg-slate-800
+      text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 dark:placeholder:text-slate-500
+      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
+  }
+
+  .search-spinner {
+    @apply absolute right-3 top-1/2 -translate-y-1/2
+      w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
+  }
+
+  .dropdown {
+    @apply absolute z-10 w-full mt-1 bg-white dark:bg-slate-800
+      border border-slate-200 dark:border-slate-700
+      rounded-md shadow-lg max-h-48 overflow-y-auto;
+  }
+
+  .dropdown-item {
+    @apply w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300
+      hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer;
+  }
+</style>
diff --git a/web-admin/src/features/admin/shared/StatusBadge.svelte b/web-admin/src/features/admin/shared/StatusBadge.svelte
deleted file mode 100644
index bc52339df82..00000000000
--- a/web-admin/src/features/admin/shared/StatusBadge.svelte
+++ /dev/null
@@ -1,33 +0,0 @@
-<!-- web-admin/src/features/admin/shared/StatusBadge.svelte -->
-<script lang="ts">
-  export let status: "success" | "error" | "pending" | "info" = "info";
-  export let label: string;
-</script>
-
-<span class="badge" class:success={status === "success"}
-  class:error={status === "error"} class:pending={status === "pending"}
-  class:info={status === "info"}>
-  {label}
-</span>
-
-<style lang="postcss">
-  .badge {
-    @apply inline-flex items-center px-2 py-0.5 text-xs font-medium rounded-full;
-  }
-
-  .success {
-    @apply bg-green-100 text-green-700 dark:bg-green-900/30 dark:text-green-400;
-  }
-
-  .error {
-    @apply bg-red-100 text-red-700 dark:bg-red-900/30 dark:text-red-400;
-  }
-
-  .pending {
-    @apply bg-yellow-100 text-yellow-700 dark:bg-yellow-900/30 dark:text-yellow-400;
-  }
-
-  .info {
-    @apply bg-blue-100 text-blue-700 dark:bg-blue-900/30 dark:text-blue-400;
-  }
-</style>
diff --git a/web-admin/src/features/admin/shared/UserSearchInput.svelte b/web-admin/src/features/admin/shared/UserSearchInput.svelte
new file mode 100644
index 00000000000..e0950221f4d
--- /dev/null
+++ b/web-admin/src/features/admin/shared/UserSearchInput.svelte
@@ -0,0 +1,107 @@
+<!-- User email input with search dropdown powered by user search -->
+<script lang="ts">
+  import { createEventDispatcher } from "svelte";
+  import { searchUsers } from "@rilldata/web-admin/features/admin/users/selectors";
+
+  export let value = "";
+  export let placeholder = "Search by email...";
+
+  const dispatch = createEventDispatcher<{ select: string }>();
+
+  let showDropdown = false;
+  let justSelected = false;
+
+  $: usersQuery = searchUsers(value);
+  $: emails = ($usersQuery.data?.users ?? []).map((u) => u.email ?? "").filter(Boolean);
+
+  function selectUser(email: string) {
+    value = email;
+    showDropdown = false;
+    justSelected = true;
+    dispatch("select", email);
+  }
+
+  function handleKeydown(e: KeyboardEvent) {
+    if (e.key === "Enter") {
+      showDropdown = false;
+      justSelected = true;
+      dispatch("select", value);
+    }
+  }
+
+  function handleInput() {
+    justSelected = false;
+    if (value.length >= 3) {
+      showDropdown = true;
+    } else {
+      showDropdown = false;
+    }
+  }
+
+  function handleBlur() {
+    setTimeout(() => {
+      showDropdown = false;
+    }, 150);
+  }
+
+  $: if (emails.length > 0 && value.length >= 3 && !justSelected) {
+    showDropdown = true;
+  }
+</script>
+
+<div class="search-container">
+  <input
+    type="text"
+    class="input"
+    {placeholder}
+    bind:value
+    on:keydown={handleKeydown}
+    on:input={handleInput}
+    on:blur={handleBlur}
+  />
+  {#if $usersQuery.isFetching && value.length >= 3}
+    <div class="search-spinner" />
+  {/if}
+  {#if showDropdown && emails.length > 0}
+    <div class="dropdown">
+      {#each emails as email}
+        <button
+          class="dropdown-item"
+          on:mousedown|preventDefault={() => selectUser(email)}
+        >
+          {email}
+        </button>
+      {/each}
+    </div>
+  {/if}
+</div>
+
+<style lang="postcss">
+  .search-container {
+    @apply relative;
+  }
+
+  .input {
+    @apply w-full px-3 py-2 text-sm rounded-md border border-slate-300
+      dark:border-slate-600 bg-white dark:bg-slate-800
+      text-slate-900 dark:text-slate-100
+      placeholder:text-slate-400 dark:placeholder:text-slate-500
+      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
+  }
+
+  .search-spinner {
+    @apply absolute right-3 top-1/2 -translate-y-1/2
+      w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
+  }
+
+  .dropdown {
+    @apply absolute z-10 w-full mt-1 bg-white dark:bg-slate-800
+      border border-slate-200 dark:border-slate-700
+      rounded-md shadow-lg max-h-48 overflow-y-auto;
+  }
+
+  .dropdown-item {
+    @apply w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300
+      hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer;
+  }
+</style>
diff --git a/web-admin/src/features/admin/shared/notify.ts b/web-admin/src/features/admin/shared/notify.ts
new file mode 100644
index 00000000000..515ed09b97b
--- /dev/null
+++ b/web-admin/src/features/admin/shared/notify.ts
@@ -0,0 +1,9 @@
+import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+
+export function notifySuccess(message: string) {
+  eventBus.emit("notification", { type: "success", message });
+}
+
+export function notifyError(message: string) {
+  eventBus.emit("notification", { type: "error", message });
+}
diff --git a/web-admin/src/features/admin/users/RepresentingBanner.svelte b/web-admin/src/features/admin/users/RepresentingBanner.svelte
new file mode 100644
index 00000000000..a834fdd734c
--- /dev/null
+++ b/web-admin/src/features/admin/users/RepresentingBanner.svelte
@@ -0,0 +1,50 @@
+<!-- Shows a persistent banner when browsing as another user (assumed state) -->
+<script lang="ts">
+  import { onMount } from "svelte";
+  import { browser } from "$app/environment";
+  import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+  import { STORAGE_KEY } from "@rilldata/web-admin/features/admin/users/assume-state";
+  import { ADMIN_URL } from "@rilldata/web-admin/client/http-client";
+
+  const BANNER_ID = "representing-user";
+
+  function appendPath(path: string, suffix: string) {
+    return `${path.replace(/\/$/, "")}/${suffix}`;
+  }
+
+  function unassume() {
+    if (browser) sessionStorage.removeItem(STORAGE_KEY);
+    eventBus.emit("remove-banner", BANNER_ID);
+    // Redirect to login; the auth provider session is the real superuser,
+    // so it auto-completes and issues a fresh superuser token.
+    const u = new URL(ADMIN_URL);
+    u.pathname = appendPath(u.pathname, "auth/login");
+    u.searchParams.set("redirect", window.location.origin);
+    window.location.href = u.toString();
+  }
+
+  function showBanner(email: string) {
+    eventBus.emit("add-banner", {
+      id: BANNER_ID,
+      priority: 0,
+      message: {
+        type: "warning",
+        message: `Browsing as <strong>${email}</strong>`,
+        includesHtml: true,
+        iconType: "alert",
+        cta: {
+          text: "Unassume",
+          type: "button",
+          onClick: unassume,
+        },
+      },
+    });
+  }
+
+  onMount(() => {
+    const stored = sessionStorage.getItem(STORAGE_KEY);
+    if (stored) {
+      showBanner(stored);
+    }
+  });
+</script>
diff --git a/web-admin/src/features/admin/users/assume-state.ts b/web-admin/src/features/admin/users/assume-state.ts
new file mode 100644
index 00000000000..a770d05bc1a
--- /dev/null
+++ b/web-admin/src/features/admin/users/assume-state.ts
@@ -0,0 +1,53 @@
+// Manages assume/unassume user state for the admin console.
+// Uses sessionStorage to track the assumed user across navigations,
+// and server-side auth endpoints for cookie management.
+import { writable } from "svelte/store";
+import { browser } from "$app/environment";
+import { ADMIN_URL } from "@rilldata/web-admin/client/http-client";
+
+export const STORAGE_KEY = "rill-representing-user";
+
+function appendPath(path: string, suffix: string) {
+  return `${path.replace(/\/$/, "")}/${suffix}`;
+}
+
+// Store tracks the currently assumed user email
+const initial = browser ? sessionStorage.getItem(STORAGE_KEY) ?? "" : "";
+const { subscribe, set } = writable(initial);
+
+export const assumedUser = {
+  subscribe,
+
+  /**
+   * Navigates to Rill Cloud as the given user in the current tab.
+   * Stores the email in sessionStorage so the banner knows who we're browsing as.
+   */
+  assume(email: string, ttlMinutes = 60) {
+    set(email);
+    if (browser) sessionStorage.setItem(STORAGE_KEY, email);
+
+    const u = new URL(ADMIN_URL);
+    u.pathname = appendPath(u.pathname, "auth/assume-open");
+    u.searchParams.set("representing_user", email);
+    u.searchParams.set("ttl_minutes", String(ttlMinutes));
+    window.location.href = u.toString();
+  },
+
+  /**
+   * Reverts to the original superuser session.
+   * Redirects to /auth/login which re-authenticates through the auth provider.
+   * Since the superuser's auth provider session is still active, this auto-completes
+   * and issues a fresh superuser cookie, effectively "unassuming".
+   */
+  unassume() {
+    set("");
+    if (browser) sessionStorage.removeItem(STORAGE_KEY);
+
+    // Redirect to login; the auth provider (Auth0) session is the real superuser,
+    // so it auto-completes and issues a fresh superuser token.
+    const u = new URL(ADMIN_URL);
+    u.pathname = appendPath(u.pathname, "auth/login");
+    u.searchParams.set("redirect", window.location.origin);
+    window.location.href = u.toString();
+  },
+};
diff --git a/web-admin/src/features/admin/whitelist/selectors.ts b/web-admin/src/features/admin/whitelist/selectors.ts
deleted file mode 100644
index 715c2c9248c..00000000000
--- a/web-admin/src/features/admin/whitelist/selectors.ts
+++ /dev/null
@@ -1,21 +0,0 @@
-import {
-  createAdminServiceCreateWhitelistedDomain,
-  createAdminServiceRemoveWhitelistedDomain,
-  createAdminServiceListWhitelistedDomains,
-} from "@rilldata/web-admin/client";
-
-export function getWhitelistedDomains(org: string) {
-  return createAdminServiceListWhitelistedDomains(
-    org,
-    { superuserForceAccess: true },
-    { query: { enabled: org.length > 0 } },
-  );
-}
-
-export function createAddWhitelistMutation() {
-  return createAdminServiceCreateWhitelistedDomain();
-}
-
-export function createRemoveWhitelistMutation() {
-  return createAdminServiceRemoveWhitelistedDomain();
-}
diff --git a/web-admin/src/routes/-/admin/annotations/+page.svelte b/web-admin/src/routes/-/admin/annotations/+page.svelte
deleted file mode 100644
index 21c177e023d..00000000000
--- a/web-admin/src/routes/-/admin/annotations/+page.svelte
+++ /dev/null
@@ -1,90 +0,0 @@
-<script lang="ts">
-  import {
-    createAdminServiceSudoUpdateAnnotations,
-  } from "@rilldata/web-admin/client";
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
-
-  let bannerRef: ActionResultBanner;
-  let org = "";
-  let project = "";
-  let annotationsJson = "{}";
-  let loaded = false;
-
-  const updateAnnotations = createAdminServiceSudoUpdateAnnotations();
-
-  async function handleLoad() {
-    if (!org || !project) return;
-    try {
-      // Load existing project annotations via GetProject
-      // The project's annotations field contains the current values
-      const resp = await fetch(`/v1/organizations/${org}/projects/${project}`);
-      if (resp.ok) {
-        const data = await resp.json();
-        const existing = data.project?.annotations ?? {};
-        annotationsJson = JSON.stringify(existing, null, 2);
-        loaded = true;
-        bannerRef.show("success", `Loaded annotations for ${org}/${project}`);
-      } else {
-        bannerRef.show("error", `Project not found or access denied`);
-      }
-    } catch (err) {
-      bannerRef.show("error", `Failed to load annotations: ${err}`);
-    }
-  }
-
-  async function handleSave() {
-    if (!org || !project) return;
-    try {
-      const annotations = JSON.parse(annotationsJson);
-      await $updateAnnotations.mutateAsync({
-        data: { organization: org, project, annotations },
-      });
-      bannerRef.show("success", `Annotations updated for ${org}/${project}`);
-    } catch (err) {
-      if (err instanceof SyntaxError) {
-        bannerRef.show("error", "Invalid JSON format");
-      } else {
-        bannerRef.show("error", `Failed: ${err}`);
-      }
-    }
-  }
-</script>
-
-<AdminPageHeader
-  title="Annotations"
-  description="View and update project annotations (key-value metadata used for billing, categorization, etc.)."
-/>
-
-<ActionResultBanner bind:this={bannerRef} />
-
-<div class="card">
-  <div class="form-row mb-4">
-    <input type="text" class="input" placeholder="Organization name" bind:value={org} />
-    <input type="text" class="input" placeholder="Project name" bind:value={project} />
-    <button class="btn-primary" on:click={handleLoad}>Load Current</button>
-  </div>
-  <div class="mb-4">
-    <label class="text-xs font-medium text-slate-500 mb-1 block">
-      Annotations (JSON) {#if !loaded}<span class="text-yellow-600">— click "Load Current" first to avoid overwriting</span>{/if}
-    </label>
-    <textarea
-      class="input w-full h-32 font-mono text-xs"
-      placeholder={'{"key": "value"}'}
-      bind:value={annotationsJson}
-    ></textarea>
-  </div>
-  <button class="btn-primary" on:click={handleSave}>Save Annotations</button>
-</div>
-
-<style lang="postcss">
-  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
-  .form-row { @apply flex gap-3 items-center flex-wrap; }
-  .input {
-    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
-      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
-  }
-  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700; }
-  textarea { @apply resize-y; }
-</style>
diff --git a/web-admin/src/routes/-/admin/runtime/+page.svelte b/web-admin/src/routes/-/admin/runtime/+page.svelte
deleted file mode 100644
index 85b2f582369..00000000000
--- a/web-admin/src/routes/-/admin/runtime/+page.svelte
+++ /dev/null
@@ -1,30 +0,0 @@
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
-
-  let bannerRef: ActionResultBanner;
-
-  // Runtime management will be implemented in a follow-up.
-  // The API calls needed are:
-  // - SudoIssueRuntimeManagerToken
-  // - ListInstances (via runtime client)
-  // - DeleteInstance (via runtime client)
-</script>
-
-<AdminPageHeader
-  title="Runtime"
-  description="Manage runtime instances, issue manager tokens, and view deployment infrastructure."
-/>
-
-<ActionResultBanner bind:this={bannerRef} />
-
-<div class="card">
-  <p class="text-sm text-slate-500">Runtime management will be available in a future update. Use the CLI for now:</p>
-  <pre class="mt-2 p-3 bg-slate-100 dark:bg-slate-800 rounded text-xs font-mono">rill sudo runtime list-instances &lt;host&gt;
-rill sudo runtime delete-instance &lt;host&gt; &lt;instance_id&gt;
-rill sudo runtime manager-token &lt;host&gt;</pre>
-</div>
-
-<style lang="postcss">
-  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
-</style>
diff --git a/web-admin/src/routes/-/admin/users/+page.svelte b/web-admin/src/routes/-/admin/users/+page.svelte
deleted file mode 100644
index 75e4d6b9613..00000000000
--- a/web-admin/src/routes/-/admin/users/+page.svelte
+++ /dev/null
@@ -1,184 +0,0 @@
-<!-- web-admin/src/routes/-/admin/users/+page.svelte -->
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
-  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
-  import {
-    searchUsers,
-    createAssumeUserMutation,
-    createDeleteUserMutation,
-  } from "@rilldata/web-admin/features/admin/users/selectors";
-  import { useQueryClient } from "@tanstack/svelte-query";
-
-  let searchQuery = "";
-  let bannerRef: ActionResultBanner;
-  let confirmOpen = false;
-  let confirmTitle = "";
-  let confirmDescription = "";
-  let confirmDestructive = false;
-  let confirmAction: () => Promise<void> = async () => {};
-
-  const queryClient = useQueryClient();
-  const assumeUser = createAssumeUserMutation();
-  const deleteUser = createDeleteUserMutation();
-
-  $: usersQuery = searchUsers(searchQuery);
-
-  function handleSearch(e: CustomEvent<string>) {
-    searchQuery = e.detail;
-  }
-
-  function handleAssume(email: string) {
-    confirmTitle = "Assume User Identity";
-    confirmDescription = `You will browse Rill Cloud as ${email}. Use "Unassume" to return to your own identity.`;
-    confirmDestructive = false;
-    confirmAction = async () => {
-      try {
-        await $assumeUser.mutateAsync({ data: { email } });
-        bannerRef.show("success", `Now browsing as ${email}`);
-      } catch (err) {
-        bannerRef.show("error", `Failed to assume user: ${err}`);
-      }
-    };
-    confirmOpen = true;
-  }
-
-  function handleDelete(email: string) {
-    confirmTitle = "Delete User";
-    confirmDescription = `This will permanently delete the user ${email}. This action cannot be undone.`;
-    confirmDestructive = true;
-    confirmAction = async () => {
-      try {
-        await $deleteUser.mutateAsync({
-          email,
-          superuserForceAccess: true,
-        });
-        bannerRef.show("success", `User ${email} deleted`);
-        await queryClient.invalidateQueries({
-          predicate: (q) => q.queryKey[0] === "/v1/users/search",
-        });
-      } catch (err) {
-        bannerRef.show("error", `Failed to delete user: ${err}`);
-      }
-    };
-    confirmOpen = true;
-  }
-
-  async function handleOpenAsUser(email: string) {
-    // Assume the user's identity first, then open the main page
-    try {
-      await $assumeUser.mutateAsync({ data: { email } });
-      window.open("/", "_blank");
-      bannerRef.show("success", `Opened as ${email} in a new tab. Remember to unassume when done.`);
-    } catch (err) {
-      bannerRef.show("error", `Failed to assume user: ${err}`);
-    }
-  }
-</script>
-
-<AdminPageHeader
-  title="Users"
-  description="Search for users by email, assume their identity for debugging, or manage their accounts."
-/>
-
-<ActionResultBanner bind:this={bannerRef} />
-
-<div class="mb-4 max-w-md">
-  <SearchInput
-    placeholder="Search by email (min 2 characters)..."
-    on:search={handleSearch}
-  />
-</div>
-
-{#if $usersQuery.isLoading && searchQuery.length >= 2}
-  <p class="text-sm text-slate-500">Searching...</p>
-{:else if $usersQuery.data?.users?.length}
-  <div class="results-table">
-    <table class="w-full">
-      <thead>
-        <tr>
-          <th>Email</th>
-          <th>Display Name</th>
-          <th>Created</th>
-          <th>Actions</th>
-        </tr>
-      </thead>
-      <tbody>
-        {#each $usersQuery.data.users as user}
-          <tr>
-            <td class="font-mono text-xs">{user.email}</td>
-            <td>{user.displayName ?? "-"}</td>
-            <td class="text-xs text-slate-500">
-              {user.createdOn
-                ? new Date(user.createdOn).toLocaleDateString()
-                : "-"}
-            </td>
-            <td>
-              <div class="flex gap-2">
-                <button
-                  class="action-btn"
-                  on:click={() => handleAssume(user.email ?? "")}
-                >
-                  Assume
-                </button>
-                <button
-                  class="action-btn"
-                  on:click={() => handleOpenAsUser(user.email ?? "")}
-                >
-                  Open as User
-                </button>
-                <button
-                  class="action-btn destructive"
-                  on:click={() => handleDelete(user.email ?? "")}
-                >
-                  Delete
-                </button>
-              </div>
-            </td>
-          </tr>
-        {/each}
-      </tbody>
-    </table>
-  </div>
-{:else if searchQuery.length >= 2 && $usersQuery.isSuccess}
-  <p class="text-sm text-slate-500">No users found for "{searchQuery}"</p>
-{/if}
-
-<ConfirmDialog
-  bind:open={confirmOpen}
-  title={confirmTitle}
-  description={confirmDescription}
-  destructive={confirmDestructive}
-  onConfirm={confirmAction}
-/>
-
-<style lang="postcss">
-  table {
-    @apply border-collapse;
-  }
-
-  th {
-    @apply text-left text-xs font-medium text-slate-500 dark:text-slate-400
-      uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700;
-  }
-
-  td {
-    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
-      border-b border-slate-100 dark:border-slate-800;
-  }
-
-  tr:hover td {
-    @apply bg-slate-50 dark:bg-slate-800/50;
-  }
-
-  .action-btn {
-    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
-      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
-  }
-
-  .action-btn.destructive {
-    @apply border-red-300 text-red-600 hover:bg-red-50
-      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
-  }
-</style>
diff --git a/web-admin/src/routes/-/admin/virtual-files/+page.svelte b/web-admin/src/routes/-/admin/virtual-files/+page.svelte
deleted file mode 100644
index e5ae4c824c9..00000000000
--- a/web-admin/src/routes/-/admin/virtual-files/+page.svelte
+++ /dev/null
@@ -1,41 +0,0 @@
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
-
-  let bannerRef: ActionResultBanner;
-  let org = "";
-  let project = "";
-
-  // Virtual files management will be implemented in a follow-up.
-  // The API calls needed are:
-  // - PullVirtualRepo (list)
-  // - GetVirtualFile (read)
-  // - DeleteVirtualFile (delete)
-</script>
-
-<AdminPageHeader
-  title="Virtual Files"
-  description="Browse, read, and delete virtual files in project deployments."
-/>
-
-<ActionResultBanner bind:this={bannerRef} />
-
-<div class="card">
-  <div class="form-row mb-4">
-    <input type="text" class="input" placeholder="Organization name" bind:value={org} />
-    <input type="text" class="input" placeholder="Project name" bind:value={project} />
-    <button class="btn-primary" disabled>List Files (Coming Soon)</button>
-  </div>
-  <p class="text-sm text-slate-500">Virtual file management will be available in a future update.</p>
-</div>
-
-<style lang="postcss">
-  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
-  .form-row { @apply flex gap-3 items-center flex-wrap; }
-  .input {
-    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
-      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
-  }
-  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 disabled:opacity-50; }
-</style>
diff --git a/web-admin/src/routes/-/admin/whitelist/+page.svelte b/web-admin/src/routes/-/admin/whitelist/+page.svelte
deleted file mode 100644
index 7c463d61bd3..00000000000
--- a/web-admin/src/routes/-/admin/whitelist/+page.svelte
+++ /dev/null
@@ -1,131 +0,0 @@
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ActionResultBanner from "@rilldata/web-admin/features/admin/shared/ActionResultBanner.svelte";
-  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
-  import {
-    getWhitelistedDomains,
-    createAddWhitelistMutation,
-    createRemoveWhitelistMutation,
-  } from "@rilldata/web-admin/features/admin/whitelist/selectors";
-  import { useQueryClient } from "@tanstack/svelte-query";
-
-  let bannerRef: ActionResultBanner;
-  let org = "";
-  let activeOrg = "";
-  let newDomain = "";
-  let newRole = "viewer";
-  let confirmOpen = false;
-  let confirmTitle = "";
-  let confirmDescription = "";
-  let confirmAction: () => Promise<void> = async () => {};
-
-  const queryClient = useQueryClient();
-  const addWhitelist = createAddWhitelistMutation();
-  const removeWhitelist = createRemoveWhitelistMutation();
-
-  $: domainsQuery = getWhitelistedDomains(activeOrg);
-
-  function handleLookup() {
-    activeOrg = org;
-  }
-
-  async function handleAdd() {
-    if (!activeOrg || !newDomain) return;
-    try {
-      await $addWhitelist.mutateAsync({
-        org: activeOrg,
-        data: { domain: newDomain, role: newRole },
-      });
-      bannerRef.show("success", `Domain ${newDomain} whitelisted for ${activeOrg}`);
-      newDomain = "";
-      await queryClient.invalidateQueries();
-    } catch (err) {
-      bannerRef.show("error", `Failed: ${err}`);
-    }
-  }
-
-  function handleRemove(domain: string) {
-    confirmTitle = "Remove Whitelisted Domain";
-    confirmDescription = `Remove "${domain}" from the whitelist for ${activeOrg}?`;
-    confirmAction = async () => {
-      try {
-        await $removeWhitelist.mutateAsync({ org: activeOrg, domain });
-        bannerRef.show("success", `Domain ${domain} removed from whitelist`);
-        await queryClient.invalidateQueries();
-      } catch (err) {
-        bannerRef.show("error", `Failed: ${err}`);
-      }
-    };
-    confirmOpen = true;
-  }
-</script>
-
-<AdminPageHeader
-  title="Domain Whitelist"
-  description="Manage whitelisted email domains for organizations."
-/>
-
-<ActionResultBanner bind:this={bannerRef} />
-
-<div class="sections">
-  <section class="card">
-    <div class="form-row mb-4">
-      <input type="text" class="input" placeholder="Organization name" bind:value={org}
-        on:keydown={(e) => e.key === "Enter" && handleLookup()} />
-      <button class="btn-primary" on:click={handleLookup}>Lookup</button>
-    </div>
-
-    {#if activeOrg}
-      <div class="form-row mb-4">
-        <input type="text" class="input" placeholder="Domain (e.g. acme.com)" bind:value={newDomain} />
-        <select class="input" bind:value={newRole}>
-          <option value="admin">Admin</option>
-          <option value="editor">Editor</option>
-          <option value="viewer">Viewer</option>
-        </select>
-        <button class="btn-primary" on:click={handleAdd}>Add Domain</button>
-      </div>
-
-      {#if $domainsQuery.data?.domains?.length}
-        <table class="w-full">
-          <thead>
-            <tr><th>Domain</th><th>Role</th><th>Actions</th></tr>
-          </thead>
-          <tbody>
-            {#each $domainsQuery.data.domains as d}
-              <tr>
-                <td class="font-mono text-xs">{d.domain}</td>
-                <td class="text-xs">{d.role}</td>
-                <td>
-                  <button class="action-btn destructive" on:click={() => handleRemove(d.domain ?? "")}>
-                    Remove
-                  </button>
-                </td>
-              </tr>
-            {/each}
-          </tbody>
-        </table>
-      {:else if $domainsQuery.isSuccess}
-        <p class="text-sm text-slate-500">No whitelisted domains.</p>
-      {/if}
-    {/if}
-  </section>
-</div>
-
-<ConfirmDialog bind:open={confirmOpen} title={confirmTitle} description={confirmDescription} onConfirm={confirmAction} />
-
-<style lang="postcss">
-  .sections { @apply flex flex-col gap-6; }
-  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
-  .form-row { @apply flex gap-3 items-center flex-wrap; }
-  .input {
-    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
-      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
-  }
-  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
-  th { @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700; }
-  td { @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800; }
-  .action-btn { @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300; }
-  .action-btn.destructive { @apply border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400; }
-</style>

From f2766845ef6b62532c552898dff64f160d09d955 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Fri, 20 Mar 2026 23:54:12 -0700
Subject: [PATCH 26/35] fix(admin-console): sync sidebar, selectors with
 intended state

- Remove Dashboard, Whitelist, and Advanced nav sections from sidebar
- Point Users link to root admin page (/-/admin)
- Fix users/selectors: use emailPattern with wildcards, threshold >= 3,
  remove unused assume/unassume mutations
- Fix projects/selectors: add wildcard wrapping, threshold >= 3

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../features/admin/layout/AdminSidebar.svelte    | 15 +--------------
 .../src/features/admin/projects/selectors.ts     |  4 ++--
 web-admin/src/features/admin/users/selectors.ts  | 16 +++-------------
 3 files changed, 6 insertions(+), 29 deletions(-)

diff --git a/web-admin/src/features/admin/layout/AdminSidebar.svelte b/web-admin/src/features/admin/layout/AdminSidebar.svelte
index 94e97ac81ab..12da6eb7d44 100644
--- a/web-admin/src/features/admin/layout/AdminSidebar.svelte
+++ b/web-admin/src/features/admin/layout/AdminSidebar.svelte
@@ -3,14 +3,10 @@
   import { page } from "$app/stores";
 
   const navGroups = [
-    {
-      heading: "Overview",
-      items: [{ label: "Dashboard", href: "/-/admin" }],
-    },
     {
       heading: "People",
       items: [
-        { label: "Users", href: "/-/admin/users" },
+        { label: "Users", href: "/-/admin" },
         { label: "Superusers", href: "/-/admin/superusers" },
       ],
     },
@@ -26,15 +22,6 @@
       items: [
         { label: "Organizations", href: "/-/admin/organizations" },
         { label: "Projects", href: "/-/admin/projects" },
-        { label: "Whitelist", href: "/-/admin/whitelist" },
-      ],
-    },
-    {
-      heading: "Advanced",
-      items: [
-        { label: "Annotations", href: "/-/admin/annotations" },
-        { label: "Virtual Files", href: "/-/admin/virtual-files" },
-        { label: "Runtime", href: "/-/admin/runtime" },
       ],
     },
   ];
diff --git a/web-admin/src/features/admin/projects/selectors.ts b/web-admin/src/features/admin/projects/selectors.ts
index 9f7b8121d07..b1c2595ab1c 100644
--- a/web-admin/src/features/admin/projects/selectors.ts
+++ b/web-admin/src/features/admin/projects/selectors.ts
@@ -9,8 +9,8 @@ import {
 
 export function searchProjects(namePattern: string) {
   return createAdminServiceSearchProjectNames(
-    { namePattern, pageSize: 50 },
-    { query: { enabled: namePattern.length >= 2 } },
+    { namePattern: `%${namePattern}%`, pageSize: 50 },
+    { query: { enabled: namePattern.length >= 3 } },
   );
 }
 
diff --git a/web-admin/src/features/admin/users/selectors.ts b/web-admin/src/features/admin/users/selectors.ts
index 859f37dbc4a..e72ea26636d 100644
--- a/web-admin/src/features/admin/users/selectors.ts
+++ b/web-admin/src/features/admin/users/selectors.ts
@@ -1,26 +1,16 @@
 // web-admin/src/features/admin/users/selectors.ts
 import {
   createAdminServiceSearchUsers,
-  createAdminServiceIssueRepresentativeAuthToken,
-  createAdminServiceRevokeRepresentativeAuthTokens,
   createAdminServiceDeleteUser,
 } from "@rilldata/web-admin/client";
 
-export function searchUsers(emailQuery: string) {
+export function searchUsers(emailPattern: string) {
   return createAdminServiceSearchUsers(
-    { emailQuery },
-    { query: { enabled: emailQuery.length >= 2 } },
+    { emailPattern: `%${emailPattern}%` },
+    { query: { enabled: emailPattern.length >= 3 } },
   );
 }
 
-export function createAssumeUserMutation() {
-  return createAdminServiceIssueRepresentativeAuthToken();
-}
-
-export function createUnassumeUserMutation() {
-  return createAdminServiceRevokeRepresentativeAuthTokens();
-}
-
 export function createDeleteUserMutation() {
   return createAdminServiceDeleteUser();
 }

From 1580e70849a501e469f9d8c61cbae0356b8f9709 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Sat, 21 Mar 2026 00:06:24 -0700
Subject: [PATCH 27/35] fix(admin-console): move admin link to profile menu,
 fix billing 500, mount assume banner

- Move Admin Console link from top nav (OrgHeader) to profile dropdown
  (AvatarButton), removing duplicate ListSuperusers query from OrgHeader
- Add missing getBillingSetupURL function to billing selectors (was
  imported but never defined, causing 500 on billing page)
- Mount RepresentingBanner in root layout so assume-user banner appears
  when browsing as another user

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../src/features/admin/billing/selectors.ts   |  9 ++++++++
 .../authentication/AvatarButton.svelte        | 17 +++++++++++++-
 .../features/organizations/OrgHeader.svelte   | 22 +------------------
 web-admin/src/routes/+layout.svelte           |  2 ++
 4 files changed, 28 insertions(+), 22 deletions(-)

diff --git a/web-admin/src/features/admin/billing/selectors.ts b/web-admin/src/features/admin/billing/selectors.ts
index 62f9aba8c44..34effd26dca 100644
--- a/web-admin/src/features/admin/billing/selectors.ts
+++ b/web-admin/src/features/admin/billing/selectors.ts
@@ -1,5 +1,6 @@
 // web-admin/src/features/admin/billing/selectors.ts
 import {
+  adminServiceGetPaymentsPortalURL,
   createAdminServiceSudoExtendTrial,
   createAdminServiceSudoTriggerBillingRepair,
   createAdminServiceSudoDeleteOrganizationBillingIssue,
@@ -7,6 +8,14 @@ import {
   createAdminServiceListOrganizationBillingIssues,
 } from "@rilldata/web-admin/client";
 
+export async function getBillingSetupURL(org: string): Promise<string> {
+  const resp = await adminServiceGetPaymentsPortalURL(org, {
+    setup: true,
+    superuserForceAccess: true,
+  });
+  return resp.url ?? "";
+}
+
 export function createExtendTrialMutation() {
   return createAdminServiceSudoExtendTrial();
 }
diff --git a/web-admin/src/features/authentication/AvatarButton.svelte b/web-admin/src/features/authentication/AvatarButton.svelte
index 95dc0bb5d04..5fe56042474 100644
--- a/web-admin/src/features/authentication/AvatarButton.svelte
+++ b/web-admin/src/features/authentication/AvatarButton.svelte
@@ -22,12 +22,22 @@
     type UserLike,
   } from "@rilldata/web-common/features/help/initPylonChat";
   import { posthogIdentify } from "@rilldata/web-common/lib/analytics/posthog";
-  import { createAdminServiceGetCurrentUser } from "../../client";
+  import {
+    createAdminServiceGetCurrentUser,
+    createAdminServiceListSuperusers,
+  } from "../../client";
   import ProjectAccessControls from "../projects/ProjectAccessControls.svelte";
   import ViewAsUserPopover from "../view-as-user/ViewAsUserPopover.svelte";
   import ThemeToggle from "@rilldata/web-common/features/themes/ThemeToggle.svelte";
 
   const user = createAdminServiceGetCurrentUser();
+  const superusers = createAdminServiceListSuperusers();
+  $: isSuperuser =
+    $superusers.isSuccess &&
+    !!$user.data?.user?.email &&
+    ($superusers.data?.users ?? []).some(
+      (su) => su.email === $user.data?.user?.email,
+    );
 
   let imgContainer: HTMLElement;
   let primaryMenuOpen = false;
@@ -126,6 +136,11 @@
       {/if}
     {/if}
 
+    {#if isSuperuser}
+      <DropdownMenu.Item href="/-/admin">Admin Console</DropdownMenu.Item>
+      <DropdownMenu.Separator />
+    {/if}
+
     <ThemeToggle />
     <DropdownMenu.Separator />
 
diff --git a/web-admin/src/features/organizations/OrgHeader.svelte b/web-admin/src/features/organizations/OrgHeader.svelte
index 5507aaa0228..31502a53960 100644
--- a/web-admin/src/features/organizations/OrgHeader.svelte
+++ b/web-admin/src/features/organizations/OrgHeader.svelte
@@ -3,10 +3,7 @@
   import Breadcrumbs from "@rilldata/web-common/components/navigation/breadcrumbs/Breadcrumbs.svelte";
   import Header from "@rilldata/web-common/layout/header/Header.svelte";
   import HeaderLogo from "@rilldata/web-common/layout/header/HeaderLogo.svelte";
-  import {
-    createAdminServiceGetCurrentUser,
-    createAdminServiceListSuperusers,
-  } from "../../client";
+  import { createAdminServiceGetCurrentUser } from "../../client";
   import {
     useBreadcrumbOrgPaths,
     useBreadcrumbProjectPaths,
@@ -30,15 +27,6 @@
   $: loggedIn = !!$user.data?.user;
   $: rillLogoHref = !loggedIn ? "https://www.rilldata.com" : "/";
 
-  // Check if the current user is a superuser; the ListSuperusers call returns 403 for non-superusers
-  const superusers = createAdminServiceListSuperusers();
-  $: isSuperuser =
-    $superusers.isSuccess &&
-    !!$user.data?.user?.email &&
-    ($superusers.data?.users ?? []).some(
-      (su) => su.email === $user.data?.user?.email,
-    );
-
   $: orgPathsQuery = useBreadcrumbOrgPaths(
     loggedIn,
     organization,
@@ -60,14 +48,6 @@
   {/if}
 
   <div class="flex gap-x-2 items-center ml-auto">
-    {#if isSuperuser}
-      <a
-        href="/-/admin"
-        class="text-xs font-medium text-gray-500 hover:text-gray-700"
-      >
-        Admin
-      </a>
-    {/if}
     {#if $user.isSuccess}
       {#if $user.data?.user}
         <AvatarButton />
diff --git a/web-admin/src/routes/+layout.svelte b/web-admin/src/routes/+layout.svelte
index 76ba904d827..63c863532ad 100644
--- a/web-admin/src/routes/+layout.svelte
+++ b/web-admin/src/routes/+layout.svelte
@@ -5,6 +5,7 @@
   import { createUserFacingError } from "@rilldata/web-admin/components/errors/user-facing-errors";
   import { dynamicHeight } from "@rilldata/web-common/layout/layout-settings.ts";
   import BillingBannerManager from "@rilldata/web-admin/features/billing/banner/BillingBannerManager.svelte";
+  import RepresentingBanner from "@rilldata/web-admin/features/admin/users/RepresentingBanner.svelte";
   import {
     isBillingUpgradePage,
     isProjectInvitePage,
@@ -144,6 +145,7 @@
     use:pageContentSizeHandler
   >
     <BannerCenter />
+    <RepresentingBanner />
     {#if !hideBillingManager}
       <BillingBannerManager {organization} {organizationPermissions} />
     {/if}

From 11f34d286e79d2a7db17155e7555b8aab5ed0570 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Sat, 21 Mar 2026 00:55:46 -0700
Subject: [PATCH 28/35] fix(admin-console): replace `@apply` PostCSS with
 inline Tailwind classes

svelte-check cannot parse `@apply` with `dark:` variants in `<style lang="postcss">` blocks,
causing 12 CI errors and broken dark mode. Move all utility classes inline across 13 admin
console files and remove `<style>` blocks entirely.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../admin/layout/AdminPageHeader.svelte       |  24 +-
 .../features/admin/layout/AdminSidebar.svelte |  68 ++--
 .../admin/shared/ConfirmDialog.svelte         |  73 ++---
 .../admin/shared/OrgSearchInput.svelte        |  44 +--
 .../features/admin/shared/SearchInput.svelte  |  18 +-
 .../admin/shared/UserSearchInput.svelte       |  44 +--
 web-admin/src/routes/-/admin/+layout.svelte   |  14 +-
 web-admin/src/routes/-/admin/+page.svelte     | 135 ++++----
 .../src/routes/-/admin/billing/+page.svelte   | 215 +++++-------
 .../routes/-/admin/organizations/+page.svelte | 305 ++++++++----------
 .../src/routes/-/admin/projects/+page.svelte  |  76 ++---
 .../src/routes/-/admin/quotas/+page.svelte    | 122 ++++---
 .../routes/-/admin/superusers/+page.svelte    | 120 +++----
 13 files changed, 497 insertions(+), 761 deletions(-)

diff --git a/web-admin/src/features/admin/layout/AdminPageHeader.svelte b/web-admin/src/features/admin/layout/AdminPageHeader.svelte
index 6aaeadbae76..73875ce56da 100644
--- a/web-admin/src/features/admin/layout/AdminPageHeader.svelte
+++ b/web-admin/src/features/admin/layout/AdminPageHeader.svelte
@@ -3,23 +3,13 @@
   export let description: string = "";
 </script>
 
-<div class="page-header">
-  <h1 class="page-title">{title}</h1>
+<div class="mb-6">
+  <h1 class="text-xl font-semibold text-slate-900 dark:text-slate-100">
+    {title}
+  </h1>
   {#if description}
-    <p class="page-description">{description}</p>
+    <p class="text-sm text-slate-500 dark:text-slate-400 mt-1">
+      {description}
+    </p>
   {/if}
 </div>
-
-<style lang="postcss">
-  .page-header {
-    @apply mb-6;
-  }
-
-  .page-title {
-    @apply text-xl font-semibold text-slate-900 dark:text-slate-100;
-  }
-
-  .page-description {
-    @apply text-sm text-slate-500 dark:text-slate-400 mt-1;
-  }
-</style>
diff --git a/web-admin/src/features/admin/layout/AdminSidebar.svelte b/web-admin/src/features/admin/layout/AdminSidebar.svelte
index 12da6eb7d44..8035dca503c 100644
--- a/web-admin/src/features/admin/layout/AdminSidebar.svelte
+++ b/web-admin/src/features/admin/layout/AdminSidebar.svelte
@@ -32,20 +32,32 @@
   }
 </script>
 
-<nav class="sidebar">
-  <div class="sidebar-header">
-    <span class="logo-text">Admin Console</span>
+<nav
+  class="w-56 flex-shrink-0 border-r border-slate-200 dark:border-slate-700 bg-white dark:bg-slate-900 flex flex-col h-full"
+>
+  <div class="px-4 py-4 border-b border-slate-200 dark:border-slate-700">
+    <span class="text-sm font-semibold text-slate-900 dark:text-slate-100">
+      Admin Console
+    </span>
   </div>
 
-  <div class="sidebar-content">
+  <div class="flex-1 overflow-y-auto py-3 px-3">
     {#each navGroups as group}
-      <div class="nav-group">
-        <span class="group-heading">{group.heading}</span>
+      <div class="mb-4">
+        <span
+          class="text-[11px] font-semibold uppercase tracking-wider text-slate-400 dark:text-slate-500 px-2 mb-1 block"
+        >
+          {group.heading}
+        </span>
         {#each group.items as item}
           <a
             href={item.href}
-            class="nav-item"
-            class:active={isActive(item.href, $page.url.pathname)}
+            class="block px-2 py-1.5 text-sm rounded-md transition-colors {isActive(
+              item.href,
+              $page.url.pathname,
+            )
+              ? 'bg-slate-100 dark:bg-slate-800 text-slate-900 dark:text-slate-100 font-medium'
+              : 'text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-800'}"
           >
             {item.label}
           </a>
@@ -54,43 +66,3 @@
     {/each}
   </div>
 </nav>
-
-<style lang="postcss">
-  .sidebar {
-    @apply w-56 flex-shrink-0 border-r border-slate-200 dark:border-slate-700
-      bg-white dark:bg-slate-900 flex flex-col h-full;
-  }
-
-  .sidebar-header {
-    @apply px-4 py-4 border-b border-slate-200 dark:border-slate-700;
-  }
-
-  .logo-text {
-    @apply text-sm font-semibold text-slate-900 dark:text-slate-100;
-  }
-
-  .sidebar-content {
-    @apply flex-1 overflow-y-auto py-3 px-3;
-  }
-
-  .nav-group {
-    @apply mb-4;
-  }
-
-  .group-heading {
-    @apply text-[11px] font-semibold uppercase tracking-wider
-      text-slate-400 dark:text-slate-500 px-2 mb-1 block;
-  }
-
-  .nav-item {
-    @apply block px-2 py-1.5 text-sm rounded-md
-      text-slate-600 dark:text-slate-300
-      hover:bg-slate-100 dark:hover:bg-slate-800
-      transition-colors;
-  }
-
-  .nav-item.active {
-    @apply bg-slate-100 dark:bg-slate-800
-      text-slate-900 dark:text-slate-100 font-medium;
-  }
-</style>
diff --git a/web-admin/src/features/admin/shared/ConfirmDialog.svelte b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
index a71e3e0b58e..43ab90cb7ea 100644
--- a/web-admin/src/features/admin/shared/ConfirmDialog.svelte
+++ b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
@@ -6,7 +6,6 @@
   export let confirmLabel: string = "Confirm";
   export let cancelLabel: string = "Cancel";
   export let destructive: boolean = false;
-  export let onConfirm: () => void | Promise<void>;
 
   let loading = false;
 
@@ -26,24 +25,41 @@
   function handleCancel() {
     open = false;
   }
+
+  export let onConfirm: () => void | Promise<void>;
 </script>
 
 {#if open}
   <!-- svelte-ignore a11y-click-events-have-key-events -->
   <!-- svelte-ignore a11y-no-static-element-interactions -->
-  <div class="overlay" on:click={handleCancel}>
-    <div class="dialog" on:click|stopPropagation>
-      <h2 class="dialog-title">{title}</h2>
+  <div
+    class="fixed inset-0 bg-black/50 flex items-center justify-center z-50"
+    on:click={handleCancel}
+  >
+    <div
+      class="bg-white dark:bg-slate-800 rounded-lg p-6 max-w-md w-full mx-4 shadow-xl"
+      on:click|stopPropagation
+    >
+      <h2 class="text-lg font-semibold text-slate-900 dark:text-slate-100">
+        {title}
+      </h2>
       {#if description}
-        <p class="dialog-description">{description}</p>
+        <p class="text-sm text-slate-500 dark:text-slate-400 mt-2">
+          {description}
+        </p>
       {/if}
-      <div class="dialog-actions">
-        <button class="btn-cancel" on:click={handleCancel} disabled={loading}>
+      <div class="flex justify-end gap-3 mt-6">
+        <button
+          class="px-4 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 text-slate-700 dark:text-slate-300 hover:bg-slate-50 dark:hover:bg-slate-700 disabled:opacity-50 disabled:cursor-not-allowed"
+          on:click={handleCancel}
+          disabled={loading}
+        >
           {cancelLabel}
         </button>
         <button
-          class="btn-confirm"
-          class:destructive
+          class="px-4 py-2 text-sm rounded-md text-white disabled:opacity-50 disabled:cursor-not-allowed {destructive
+            ? 'bg-red-600 hover:bg-red-700'
+            : 'bg-blue-600 hover:bg-blue-700'}"
           on:click={handleConfirm}
           disabled={loading}
         >
@@ -53,42 +69,3 @@
     </div>
   </div>
 {/if}
-
-<style lang="postcss">
-  .overlay {
-    @apply fixed inset-0 bg-black/50 flex items-center justify-center z-50;
-  }
-
-  .dialog {
-    @apply bg-white dark:bg-slate-800 rounded-lg p-6 max-w-md w-full mx-4 shadow-xl;
-  }
-
-  .dialog-title {
-    @apply text-lg font-semibold text-slate-900 dark:text-slate-100;
-  }
-
-  .dialog-description {
-    @apply text-sm text-slate-500 dark:text-slate-400 mt-2;
-  }
-
-  .dialog-actions {
-    @apply flex justify-end gap-3 mt-6;
-  }
-
-  .btn-cancel {
-    @apply px-4 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
-      text-slate-700 dark:text-slate-300 hover:bg-slate-50 dark:hover:bg-slate-700;
-  }
-
-  .btn-confirm {
-    @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700;
-  }
-
-  .btn-confirm.destructive {
-    @apply bg-red-600 hover:bg-red-700;
-  }
-
-  button:disabled {
-    @apply opacity-50 cursor-not-allowed;
-  }
-</style>
diff --git a/web-admin/src/features/admin/shared/OrgSearchInput.svelte b/web-admin/src/features/admin/shared/OrgSearchInput.svelte
index 5d981a5b940..30a4ebffb73 100644
--- a/web-admin/src/features/admin/shared/OrgSearchInput.svelte
+++ b/web-admin/src/features/admin/shared/OrgSearchInput.svelte
@@ -60,10 +60,10 @@
   }
 </script>
 
-<div class="search-container">
+<div class="relative">
   <input
     type="text"
-    class="input"
+    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
     {placeholder}
     bind:value
     on:keydown={handleKeydown}
@@ -71,13 +71,17 @@
     on:blur={handleBlur}
   />
   {#if $orgSearchQuery.isFetching && value.length >= 3}
-    <div class="search-spinner" />
+    <div
+      class="absolute right-3 top-1/2 -translate-y-1/2 w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+    />
   {/if}
   {#if showDropdown && orgNames.length > 0}
-    <div class="dropdown">
+    <div
+      class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+    >
       {#each orgNames as org}
         <button
-          class="dropdown-item"
+          class="w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer"
           on:mousedown|preventDefault={() => selectOrg(org)}
         >
           {org}
@@ -86,33 +90,3 @@
     </div>
   {/if}
 </div>
-
-<style lang="postcss">
-  .search-container {
-    @apply relative;
-  }
-
-  .input {
-    @apply w-full px-3 py-2 text-sm rounded-md border border-slate-300
-      dark:border-slate-600 bg-white dark:bg-slate-800
-      text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 dark:placeholder:text-slate-500
-      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
-  }
-
-  .search-spinner {
-    @apply absolute right-3 top-1/2 -translate-y-1/2
-      w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-
-  .dropdown {
-    @apply absolute z-10 w-full mt-1 bg-white dark:bg-slate-800
-      border border-slate-200 dark:border-slate-700
-      rounded-md shadow-lg max-h-48 overflow-y-auto;
-  }
-
-  .dropdown-item {
-    @apply w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300
-      hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer;
-  }
-</style>
diff --git a/web-admin/src/features/admin/shared/SearchInput.svelte b/web-admin/src/features/admin/shared/SearchInput.svelte
index 161055c618a..2e16b21d50a 100644
--- a/web-admin/src/features/admin/shared/SearchInput.svelte
+++ b/web-admin/src/features/admin/shared/SearchInput.svelte
@@ -25,27 +25,13 @@
   }
 </script>
 
-<div class="search-container">
+<div class="relative">
   <input
     type="text"
-    class="search-input"
+    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
     {placeholder}
     {value}
     on:input={handleInput}
     on:keydown={(e) => e.key === "Enter" && handleSubmit()}
   />
 </div>
-
-<style lang="postcss">
-  .search-container {
-    @apply relative;
-  }
-
-  .search-input {
-    @apply w-full px-3 py-2 text-sm rounded-md border border-slate-300
-      dark:border-slate-600 bg-white dark:bg-slate-800
-      text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 dark:placeholder:text-slate-500
-      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
-  }
-</style>
diff --git a/web-admin/src/features/admin/shared/UserSearchInput.svelte b/web-admin/src/features/admin/shared/UserSearchInput.svelte
index e0950221f4d..fe2c9fead37 100644
--- a/web-admin/src/features/admin/shared/UserSearchInput.svelte
+++ b/web-admin/src/features/admin/shared/UserSearchInput.svelte
@@ -49,10 +49,10 @@
   }
 </script>
 
-<div class="search-container">
+<div class="relative">
   <input
     type="text"
-    class="input"
+    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
     {placeholder}
     bind:value
     on:keydown={handleKeydown}
@@ -60,13 +60,17 @@
     on:blur={handleBlur}
   />
   {#if $usersQuery.isFetching && value.length >= 3}
-    <div class="search-spinner" />
+    <div
+      class="absolute right-3 top-1/2 -translate-y-1/2 w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+    />
   {/if}
   {#if showDropdown && emails.length > 0}
-    <div class="dropdown">
+    <div
+      class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+    >
       {#each emails as email}
         <button
-          class="dropdown-item"
+          class="w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer"
           on:mousedown|preventDefault={() => selectUser(email)}
         >
           {email}
@@ -75,33 +79,3 @@
     </div>
   {/if}
 </div>
-
-<style lang="postcss">
-  .search-container {
-    @apply relative;
-  }
-
-  .input {
-    @apply w-full px-3 py-2 text-sm rounded-md border border-slate-300
-      dark:border-slate-600 bg-white dark:bg-slate-800
-      text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 dark:placeholder:text-slate-500
-      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
-  }
-
-  .search-spinner {
-    @apply absolute right-3 top-1/2 -translate-y-1/2
-      w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-
-  .dropdown {
-    @apply absolute z-10 w-full mt-1 bg-white dark:bg-slate-800
-      border border-slate-200 dark:border-slate-700
-      rounded-md shadow-lg max-h-48 overflow-y-auto;
-  }
-
-  .dropdown-item {
-    @apply w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300
-      hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer;
-  }
-</style>
diff --git a/web-admin/src/routes/-/admin/+layout.svelte b/web-admin/src/routes/-/admin/+layout.svelte
index 4f02d21a778..078533192f2 100644
--- a/web-admin/src/routes/-/admin/+layout.svelte
+++ b/web-admin/src/routes/-/admin/+layout.svelte
@@ -6,19 +6,9 @@
   <title>Admin Console | Rill</title>
 </svelte:head>
 
-<div class="admin-layout">
+<div class="flex h-screen overflow-hidden">
   <AdminSidebar />
-  <div class="admin-content">
+  <div class="flex-1 overflow-y-auto p-8">
     <slot />
   </div>
 </div>
-
-<style lang="postcss">
-  .admin-layout {
-    @apply flex h-screen overflow-hidden;
-  }
-
-  .admin-content {
-    @apply flex-1 overflow-y-auto p-8;
-  }
-</style>
diff --git a/web-admin/src/routes/-/admin/+page.svelte b/web-admin/src/routes/-/admin/+page.svelte
index 37a72535a6d..97be51ea943 100644
--- a/web-admin/src/routes/-/admin/+page.svelte
+++ b/web-admin/src/routes/-/admin/+page.svelte
@@ -75,9 +75,14 @@
 />
 
 {#if $assumedUser}
-  <div class="assume-banner">
+  <div
+    class="flex items-center gap-3 mb-4 px-4 py-2 rounded-md bg-amber-50 border border-amber-200 text-amber-800 text-sm dark:bg-amber-900/20 dark:border-amber-700 dark:text-amber-300"
+  >
     <span>Currently assumed as <strong>{$assumedUser}</strong></span>
-    <button class="unassume-btn" on:click={handleUnassume}>
+    <button
+      class="text-xs px-3 py-1 rounded border border-amber-400 bg-white text-amber-700 hover:bg-amber-50 dark:bg-amber-900/30 dark:border-amber-600 dark:text-amber-300 dark:hover:bg-amber-900/50"
+      on:click={handleUnassume}
+    >
       Unassume
     </button>
   </div>
@@ -91,56 +96,86 @@
 </div>
 
 {#if $usersQuery.isFetching && searchQuery.length >= 3}
-  <div class="loading">
-    <div class="spinner" />
+  <div class="flex items-center gap-2 py-4">
+    <div
+      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+    />
     <span class="text-sm text-slate-500">Searching users...</span>
   </div>
 {:else if $usersQuery.data?.users?.length}
-  <p class="text-xs text-slate-500 mb-2">
+  <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
     {$usersQuery.data.users.length} result{$usersQuery.data.users.length === 1
       ? ""
       : "s"}
   </p>
-  <div class="results-table">
-    <table class="w-full">
+  <div class="rounded-lg border border-slate-200 dark:border-slate-700 overflow-hidden">
+    <table class="w-full border-collapse">
       <thead>
         <tr>
-          <th>Email</th>
-          <th>Display Name</th>
-          <th>Created</th>
-          <th>Actions</th>
+          <th
+            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          >
+            Email
+          </th>
+          <th
+            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          >
+            Display Name
+          </th>
+          <th
+            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          >
+            Created
+          </th>
+          <th
+            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          >
+            Actions
+          </th>
         </tr>
       </thead>
       <tbody>
         {#each $usersQuery.data.users as user}
           {@const isAssumed = $assumedUser === user.email}
-          <tr>
-            <td class="font-mono text-xs">{user.email}</td>
-            <td>{user.displayName ?? "-"}</td>
-            <td class="text-xs text-slate-500">
+          <tr class="group">
+            <td
+              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50 font-mono text-xs"
+            >
+              {user.email}
+            </td>
+            <td
+              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50"
+            >
+              {user.displayName ?? "-"}
+            </td>
+            <td
+              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50 text-xs text-slate-500"
+            >
               {user.createdOn
                 ? new Date(user.createdOn).toLocaleDateString()
                 : "-"}
             </td>
-            <td>
+            <td
+              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50"
+            >
               <div class="flex gap-2">
                 {#if isAssumed}
                   <button
-                    class="action-btn assume-active"
+                    class="text-xs px-2 py-1 rounded border border-amber-400 bg-amber-50 text-amber-700 hover:bg-amber-100 dark:border-amber-600 dark:bg-amber-900/20 dark:text-amber-300 dark:hover:bg-amber-900/40"
                     on:click={handleUnassume}
                   >
                     Unassume
                   </button>
                 {:else}
                   <button
-                    class="action-btn"
+                    class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700"
                     on:click={() => handleAssume(user.email ?? "")}
                   >
                     Open as User
                   </button>
                 {/if}
                 <button
-                  class="action-btn destructive"
+                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20 disabled:opacity-50 disabled:cursor-not-allowed"
                   disabled={actionInProgress === `delete:${user.email}`}
                   on:click={() => handleDelete(user.email ?? "")}
                 >
@@ -170,65 +205,3 @@
   destructive={confirmDestructive}
   onConfirm={confirmAction}
 />
-
-<style lang="postcss">
-  table {
-    @apply border-collapse;
-  }
-
-  th {
-    @apply text-left text-xs font-medium text-slate-500 dark:text-slate-400
-      uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700;
-  }
-
-  td {
-    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
-      border-b border-slate-100 dark:border-slate-800;
-  }
-
-  tr:hover td {
-    @apply bg-slate-50 dark:bg-slate-800/50;
-  }
-
-  .action-btn {
-    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
-      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
-  }
-
-  .action-btn:disabled {
-    @apply opacity-50 cursor-not-allowed;
-  }
-
-  .action-btn.assume-active {
-    @apply border-amber-400 bg-amber-50 text-amber-700
-      hover:bg-amber-100
-      dark:border-amber-600 dark:bg-amber-900/20 dark:text-amber-300
-      dark:hover:bg-amber-900/40;
-  }
-
-  .action-btn.destructive {
-    @apply border-red-300 text-red-600 hover:bg-red-50
-      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
-  }
-
-  .assume-banner {
-    @apply flex items-center gap-3 mb-4 px-4 py-2 rounded-md
-      bg-amber-50 border border-amber-200 text-amber-800 text-sm
-      dark:bg-amber-900/20 dark:border-amber-700 dark:text-amber-300;
-  }
-
-  .unassume-btn {
-    @apply text-xs px-3 py-1 rounded border border-amber-400 bg-white text-amber-700
-      hover:bg-amber-50
-      dark:bg-amber-900/30 dark:border-amber-600 dark:text-amber-300
-      dark:hover:bg-amber-900/50;
-  }
-
-  .loading {
-    @apply flex items-center gap-2 py-4;
-  }
-
-  .spinner {
-    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-</style>
diff --git a/web-admin/src/routes/-/admin/billing/+page.svelte b/web-admin/src/routes/-/admin/billing/+page.svelte
index 37df7f2205e..ff51436f485 100644
--- a/web-admin/src/routes/-/admin/billing/+page.svelte
+++ b/web-admin/src/routes/-/admin/billing/+page.svelte
@@ -137,15 +137,19 @@
   description="Generate billing setup links, extend trials, repair billing state, and manage billing issues."
 />
 
-<div class="sections">
+<div class="flex flex-col gap-6 pb-12">
   <!-- Billing Setup (Primary feature) -->
-  <section class="card highlight">
-    <h2 class="card-title">Billing Setup</h2>
-    <p class="card-desc">
+  <section
+    class="p-5 rounded-lg border border-blue-200 dark:border-blue-800 bg-blue-50/50 dark:bg-blue-900/10"
+  >
+    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+      Billing Setup
+    </h2>
+    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
       Generate a Stripe checkout page link for an organization to enter their
       billing information.
     </p>
-    <div class="form-row">
+    <div class="flex gap-3 items-center flex-wrap">
       <div class="w-64">
         <OrgSearchInput
           bind:value={setupOrg}
@@ -153,12 +157,14 @@
         />
       </div>
       <button
-        class="btn-primary"
+        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
         on:click={handleBillingSetup}
         disabled={setupLoading || !setupOrg}
       >
         {#if setupLoading}
-          <span class="btn-spinner" />
+          <span
+            class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
+          />
           Generating...
         {:else}
           Generate Setup Link
@@ -166,21 +172,23 @@
       </button>
     </div>
     {#if setupUrl}
-      <div class="url-result">
-        <span class="text-xs text-slate-500"
+      <div class="mt-4 flex flex-col gap-1">
+        <span class="text-xs text-slate-500 dark:text-slate-400"
           >Share this link with the customer:</span
         >
-        <div class="url-box">
+        <div
+          class="flex items-center gap-2 p-3 rounded-md bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700"
+        >
           <a
             href={setupUrl}
             target="_blank"
             rel="noreferrer"
-            class="url-link"
+            class="flex-1 text-sm text-blue-600 dark:text-blue-400 break-all hover:underline"
           >
             {setupUrl}
           </a>
           <button
-            class="copy-btn"
+            class="text-xs px-3 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 whitespace-nowrap"
             on:click={() => {
               navigator.clipboard.writeText(setupUrl);
               notifySuccess( "URL copied to clipboard");
@@ -194,10 +202,14 @@
   </section>
 
   <!-- Extend Trial -->
-  <section class="card">
-    <h2 class="card-title">Extend Trial</h2>
-    <p class="card-desc">Add days to an organization's trial period.</p>
-    <div class="form-row">
+  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+      Extend Trial
+    </h2>
+    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
+      Add days to an organization's trial period.
+    </p>
+    <div class="flex gap-3 items-center flex-wrap">
       <div class="w-64">
         <OrgSearchInput
           bind:value={trialOrg}
@@ -206,18 +218,20 @@
       </div>
       <input
         type="number"
-        class="input w-24"
+        class="w-24 px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
         min="1"
         max="365"
         bind:value={trialDays}
       />
       <button
-        class="btn-primary"
+        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
         on:click={handleExtendTrial}
         disabled={trialLoading || !trialOrg}
       >
         {#if trialLoading}
-          <span class="btn-spinner" />
+          <span
+            class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
+          />
           Extending...
         {:else}
           Extend Trial
@@ -227,12 +241,14 @@
   </section>
 
   <!-- Set Billing Customer ID -->
-  <section class="card">
-    <h2 class="card-title">Set Billing Customer ID</h2>
-    <p class="card-desc">
+  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+      Set Billing Customer ID
+    </h2>
+    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
       Associate a Stripe customer ID with an organization.
     </p>
-    <div class="form-row">
+    <div class="flex gap-3 items-center flex-wrap">
       <div class="w-64">
         <OrgSearchInput
           bind:value={customerIdOrg}
@@ -241,17 +257,19 @@
       </div>
       <input
         type="text"
-        class="input"
+        class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
         placeholder="Stripe customer ID (cus_...)"
         bind:value={customerId}
       />
       <button
-        class="btn-primary"
+        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
         on:click={handleSetCustomerId}
         disabled={customerIdLoading || !customerIdOrg || !customerId}
       >
         {#if customerIdLoading}
-          <span class="btn-spinner" />
+          <span
+            class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
+          />
           Setting...
         {:else}
           Set Customer ID
@@ -261,12 +279,14 @@
   </section>
 
   <!-- Billing Repair -->
-  <section class="card">
-    <h2 class="card-title">Billing Repair</h2>
-    <p class="card-desc">
+  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+      Billing Repair
+    </h2>
+    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
       Trigger a billing state recalculation for an organization.
     </p>
-    <div class="form-row">
+    <div class="flex gap-3 items-center flex-wrap">
       <div class="w-64">
         <OrgSearchInput
           bind:value={repairOrg}
@@ -274,7 +294,7 @@
         />
       </div>
       <button
-        class="btn-primary"
+        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
         on:click={handleBillingRepair}
         disabled={!repairOrg}
       >
@@ -284,12 +304,14 @@
   </section>
 
   <!-- Billing Issues -->
-  <section class="card">
-    <h2 class="card-title">Billing Issues</h2>
-    <p class="card-desc">
+  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+      Billing Issues
+    </h2>
+    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
       View and resolve billing issues for an organization.
     </p>
-    <div class="form-row mb-4">
+    <div class="flex gap-3 items-center flex-wrap mb-4">
       <div class="w-64">
         <OrgSearchInput
           bind:value={issuesOrg}
@@ -298,20 +320,28 @@
       </div>
     </div>
     {#if $billingIssuesQuery.isFetching}
-      <div class="loading">
-        <div class="spinner" />
+      <div class="flex items-center gap-2 py-2">
+        <div
+          class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+        />
         <span class="text-sm text-slate-500">Loading issues...</span>
       </div>
     {:else if $billingIssuesQuery.data?.issues?.length}
-      <div class="issues-list">
+      <div class="flex flex-col gap-2">
         {#each $billingIssuesQuery.data.issues as issue}
-          <div class="issue-row">
+          <div
+            class="flex items-center justify-between px-3 py-2 rounded bg-slate-50 dark:bg-slate-800"
+          >
             <div>
-              <span class="issue-type">{issue.type}</span>
-              <span class="issue-meta">{issue.metadata ?? ""}</span>
+              <span class="text-sm font-mono text-slate-700 dark:text-slate-300"
+                >{issue.type}</span
+              >
+              <span class="text-xs text-slate-500 ml-2"
+                >{issue.metadata ?? ""}</span
+              >
             </div>
             <button
-              class="action-btn destructive"
+              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20"
               on:click={() =>
                 handleDeleteIssue(issuesOrg, issue.type ?? "BILLING_ISSUE_TYPE_UNSPECIFIED")}
             >
@@ -332,104 +362,3 @@
   description={confirmDescription}
   onConfirm={confirmAction}
 />
-
-<style lang="postcss">
-  .sections {
-    @apply flex flex-col gap-6 pb-12;
-  }
-
-  .card {
-    @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700;
-  }
-
-  .card.highlight {
-    @apply border-blue-200 dark:border-blue-800 bg-blue-50/50 dark:bg-blue-900/10;
-  }
-
-  .card-title {
-    @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1;
-  }
-
-  .card-desc {
-    @apply text-xs text-slate-500 dark:text-slate-400 mb-4;
-  }
-
-  .form-row {
-    @apply flex gap-3 items-center flex-wrap;
-  }
-
-  .input {
-    @apply px-3 py-2 text-sm rounded-md border border-slate-300
-      dark:border-slate-600 bg-white dark:bg-slate-800
-      text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 dark:placeholder:text-slate-500
-      focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent;
-  }
-
-  .btn-primary {
-    @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white
-      hover:bg-blue-700 whitespace-nowrap flex items-center gap-2;
-  }
-
-  .btn-primary:disabled {
-    @apply opacity-50 cursor-not-allowed;
-  }
-
-  .btn-spinner {
-    @apply inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin;
-  }
-
-  .url-result {
-    @apply mt-4 flex flex-col gap-1;
-  }
-
-  .url-box {
-    @apply flex items-center gap-2 p-3 rounded-md bg-white dark:bg-slate-800
-      border border-slate-200 dark:border-slate-700;
-  }
-
-  .url-link {
-    @apply flex-1 text-sm text-blue-600 dark:text-blue-400 break-all hover:underline;
-  }
-
-  .copy-btn {
-    @apply text-xs px-3 py-1 rounded border border-slate-300 dark:border-slate-600
-      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700
-      whitespace-nowrap;
-  }
-
-  .issues-list {
-    @apply flex flex-col gap-2;
-  }
-
-  .issue-row {
-    @apply flex items-center justify-between px-3 py-2 rounded
-      bg-slate-50 dark:bg-slate-800;
-  }
-
-  .issue-type {
-    @apply text-sm font-mono text-slate-700 dark:text-slate-300;
-  }
-
-  .issue-meta {
-    @apply text-xs text-slate-500 ml-2;
-  }
-
-  .action-btn {
-    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
-      text-slate-600 dark:text-slate-300;
-  }
-
-  .action-btn.destructive {
-    @apply border-red-300 text-red-600 hover:bg-red-50
-      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
-  }
-
-  .loading {
-    @apply flex items-center gap-2 py-2;
-  }
-
-  .spinner {
-    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-</style>
diff --git a/web-admin/src/routes/-/admin/organizations/+page.svelte b/web-admin/src/routes/-/admin/organizations/+page.svelte
index 52a065bd457..b6acb4436c2 100644
--- a/web-admin/src/routes/-/admin/organizations/+page.svelte
+++ b/web-admin/src/routes/-/admin/organizations/+page.svelte
@@ -123,10 +123,10 @@
 />
 
 <div class="mb-6 max-w-lg">
-  <div class="search-container">
+  <div class="relative">
     <input
       type="text"
-      class="input w-full"
+      class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
       placeholder="Search organizations (min 3 characters)..."
       bind:value={searchInput}
       on:keydown={handleInputKeydown}
@@ -134,13 +134,17 @@
       on:blur={handleBlur}
     />
     {#if $orgSearchQuery.isFetching && searchInput.length >= 3}
-      <div class="search-spinner" />
+      <div
+        class="absolute right-3 top-1/2 -translate-y-1/2 w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+      />
     {/if}
     {#if showDropdown && orgNames.length > 0}
-      <div class="dropdown">
+      <div
+        class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+      >
         {#each orgNames as org}
           <button
-            class="dropdown-item"
+            class="w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer"
             on:mousedown|preventDefault={() => selectOrg(org)}
           >
             {org}
@@ -148,8 +152,10 @@
         {/each}
       </div>
     {:else if showDropdown && searchInput.length >= 3 && $orgSearchQuery.isSuccess && orgNames.length === 0}
-      <div class="dropdown">
-        <div class="dropdown-empty">No organizations found</div>
+      <div
+        class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+      >
+        <div class="px-3 py-2 text-sm text-slate-400">No organizations found</div>
       </div>
     {/if}
   </div>
@@ -159,8 +165,10 @@
 </div>
 
 {#if $orgQuery.isFetching}
-  <div class="loading">
-    <div class="spinner" />
+  <div class="flex items-center gap-2 py-4">
+    <div
+      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+    />
     <span class="text-sm text-slate-500">Looking up organization...</span>
   </div>
 {:else if $orgQuery.isError && lookupOrg}
@@ -169,47 +177,87 @@
   </p>
 {:else if $orgQuery.data?.organization}
   {@const org = $orgQuery.data.organization}
-  <div class="org-details">
-    <section class="card">
-      <h2 class="card-title">Organization Details</h2>
-      <div class="detail-grid">
-        <div class="detail-item">
-          <span class="detail-label">ID</span>
-          <span class="detail-value font-mono text-xs">{org.id}</span>
+  <div class="flex flex-col gap-4">
+    <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+      <h2
+        class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3"
+      >
+        Organization Details
+      </h2>
+      <div class="grid grid-cols-2 lg:grid-cols-4 gap-3">
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >ID</span
+          >
+          <span
+            class="text-sm text-slate-900 dark:text-slate-100 font-mono text-xs"
+            >{org.id}</span
+          >
         </div>
-        <div class="detail-item">
-          <span class="detail-label">Name</span>
-          <span class="detail-value">{org.name}</span>
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >Name</span
+          >
+          <span class="text-sm text-slate-900 dark:text-slate-100"
+            >{org.name}</span
+          >
         </div>
-        <div class="detail-item">
-          <span class="detail-label">Description</span>
-          <span class="detail-value">{org.description ?? "-"}</span>
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >Description</span
+          >
+          <span class="text-sm text-slate-900 dark:text-slate-100"
+            >{org.description ?? "-"}</span
+          >
         </div>
-        <div class="detail-item">
-          <span class="detail-label">Billing Plan</span>
-          <span class="detail-value">{org.billingPlanDisplayName ?? "-"}</span>
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >Billing Plan</span
+          >
+          <span class="text-sm text-slate-900 dark:text-slate-100"
+            >{org.billingPlanDisplayName ?? "-"}</span
+          >
         </div>
-        <div class="detail-item">
-          <span class="detail-label">Billing Customer ID</span>
-          <span class="detail-value font-mono text-xs"
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >Billing Customer ID</span
+          >
+          <span
+            class="text-sm text-slate-900 dark:text-slate-100 font-mono text-xs"
             >{org.billingCustomerId ?? "-"}</span
           >
         </div>
-        <div class="detail-item">
-          <span class="detail-label">Custom Domain</span>
-          <span class="detail-value">{org.customDomain ?? "None"}</span>
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >Custom Domain</span
+          >
+          <span class="text-sm text-slate-900 dark:text-slate-100"
+            >{org.customDomain ?? "None"}</span
+          >
         </div>
-        <div class="detail-item">
-          <span class="detail-label">Created</span>
-          <span class="detail-value">
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >Created</span
+          >
+          <span class="text-sm text-slate-900 dark:text-slate-100">
             {org.createdOn
               ? new Date(org.createdOn).toLocaleDateString()
               : "-"}
           </span>
         </div>
-        <div class="detail-item">
-          <span class="detail-label">Projects</span>
-          <span class="detail-value">
+        <div class="flex flex-col">
+          <span
+            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            >Projects</span
+          >
+          <span class="text-sm text-slate-900 dark:text-slate-100">
             {#if $projectsQuery.isFetching}
               <span class="text-slate-400">Loading...</span>
             {:else if $projectsQuery.data?.projects}
@@ -224,34 +272,48 @@
 
     <!-- Projects list -->
     {#if $projectsQuery.data?.projects?.length}
-      <section class="card">
-        <h2 class="card-title">
+      <section
+        class="p-5 rounded-lg border border-slate-200 dark:border-slate-700"
+      >
+        <h2
+          class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3"
+        >
           Projects ({$projectsQuery.data.projects.length})
         </h2>
-        <div class="project-list">
+        <div class="flex flex-col gap-1">
           {#each $projectsQuery.data.projects as project}
-            <div class="project-row">
+            <div
+              class="flex items-center justify-between px-3 py-2 rounded bg-slate-50 dark:bg-slate-800"
+            >
               <a
                 href={`/${org.name}/${project.name}`}
                 target="_blank"
-                class="project-name"
+                class="text-sm text-blue-600 dark:text-blue-400 hover:underline"
               >
                 {project.name}
               </a>
               <div class="flex gap-2">
                 <button
-                  class="action-btn"
-                  disabled={actionInProgress === `hibernate:${project.name}`}
-                  on:click={() => handleHibernate(org.name ?? "", project.name ?? "")}
+                  class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 disabled:opacity-50 disabled:cursor-not-allowed"
+                  disabled={actionInProgress ===
+                    `hibernate:${project.name}`}
+                  on:click={() =>
+                    handleHibernate(org.name ?? "", project.name ?? "")}
                 >
-                  {actionInProgress === `hibernate:${project.name}` ? "Hibernating..." : "Hibernate"}
+                  {actionInProgress === `hibernate:${project.name}`
+                    ? "Hibernating..."
+                    : "Hibernate"}
                 </button>
                 <button
-                  class="action-btn destructive"
-                  disabled={actionInProgress === `redeploy:${project.name}`}
-                  on:click={() => handleRedeploy(org.name ?? "", project.name ?? "")}
+                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20 disabled:opacity-50 disabled:cursor-not-allowed"
+                  disabled={actionInProgress ===
+                    `redeploy:${project.name}`}
+                  on:click={() =>
+                    handleRedeploy(org.name ?? "", project.name ?? "")}
                 >
-                  {actionInProgress === `redeploy:${project.name}` ? "Redeploying..." : "Redeploy"}
+                  {actionInProgress === `redeploy:${project.name}`
+                    ? "Redeploying..."
+                    : "Redeploy"}
                 </button>
               </div>
             </div>
@@ -262,27 +324,49 @@
 
     <!-- Members list -->
     {#if $membersQuery.isFetching}
-      <div class="loading">
-        <div class="spinner" />
+      <div class="flex items-center gap-2 py-4">
+        <div
+          class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+        />
         <span class="text-sm text-slate-500">Loading members...</span>
       </div>
     {:else if $membersQuery.data?.members?.length}
-      <section class="card">
-        <h2 class="card-title">
+      <section
+        class="p-5 rounded-lg border border-slate-200 dark:border-slate-700"
+      >
+        <h2
+          class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3"
+        >
           Members ({$membersQuery.data.members.length})
         </h2>
         <table class="w-full">
           <thead>
             <tr>
-              <th>Email</th>
-              <th>Role</th>
+              <th
+                class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+              >
+                Email
+              </th>
+              <th
+                class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+              >
+                Role
+              </th>
             </tr>
           </thead>
           <tbody>
             {#each $membersQuery.data.members as member}
               <tr>
-                <td class="font-mono text-xs">{member.userEmail}</td>
-                <td>{member.roleName}</td>
+                <td
+                  class="px-4 py-2 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 font-mono text-xs"
+                >
+                  {member.userEmail}
+                </td>
+                <td
+                  class="px-4 py-2 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800"
+                >
+                  {member.roleName}
+                </td>
               </tr>
             {/each}
           </tbody>
@@ -299,108 +383,3 @@
   destructive={confirmDestructive}
   onConfirm={confirmAction}
 />
-
-<style lang="postcss">
-  .search-container {
-    @apply relative;
-  }
-
-  .search-spinner {
-    @apply absolute right-3 top-1/2 -translate-y-1/2
-      w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-
-  .dropdown {
-    @apply absolute z-10 w-full mt-1 bg-white dark:bg-slate-800
-      border border-slate-200 dark:border-slate-700
-      rounded-md shadow-lg max-h-48 overflow-y-auto;
-  }
-
-  .dropdown-item {
-    @apply w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300
-      hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer;
-  }
-
-  .dropdown-empty {
-    @apply px-3 py-2 text-sm text-slate-400;
-  }
-
-  .input {
-    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
-      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
-  }
-
-  .org-details {
-    @apply flex flex-col gap-4;
-  }
-
-  .card {
-    @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700;
-  }
-
-  .card-title {
-    @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3;
-  }
-
-  .detail-grid {
-    @apply grid grid-cols-2 lg:grid-cols-4 gap-3;
-  }
-
-  .detail-item {
-    @apply flex flex-col;
-  }
-
-  .detail-label {
-    @apply text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider;
-  }
-
-  .detail-value {
-    @apply text-sm text-slate-900 dark:text-slate-100;
-  }
-
-  .project-list {
-    @apply flex flex-col gap-1;
-  }
-
-  .project-row {
-    @apply flex items-center justify-between px-3 py-2 rounded
-      bg-slate-50 dark:bg-slate-800;
-  }
-
-  .project-name {
-    @apply text-sm text-blue-600 dark:text-blue-400 hover:underline;
-  }
-
-  th {
-    @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider
-      px-4 py-2 border-b border-slate-200 dark:border-slate-700;
-  }
-
-  td {
-    @apply px-4 py-2 text-sm text-slate-700 dark:text-slate-300
-      border-b border-slate-100 dark:border-slate-800;
-  }
-
-  .action-btn {
-    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
-      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
-  }
-
-  .action-btn:disabled {
-    @apply opacity-50 cursor-not-allowed;
-  }
-
-  .action-btn.destructive {
-    @apply border-red-300 text-red-600 hover:bg-red-50
-      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
-  }
-
-  .loading {
-    @apply flex items-center gap-2 py-4;
-  }
-
-  .spinner {
-    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-</style>
diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
index b0eb6ff8253..657cb5e248a 100644
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -82,43 +82,59 @@
 </div>
 
 {#if $projectsQuery.isFetching && searchQuery.length >= 3}
-  <div class="loading">
-    <div class="spinner" />
+  <div class="flex items-center gap-2 py-4">
+    <div
+      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+    />
     <span class="text-sm text-slate-500">Searching projects...</span>
   </div>
 {:else if $projectsQuery.data?.names?.length}
-  <p class="text-xs text-slate-500 mb-2">
+  <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
     {$projectsQuery.data.names.length} result{$projectsQuery.data.names.length === 1 ? "" : "s"}
   </p>
   <table class="w-full">
     <thead>
       <tr>
-        <th>Project</th>
-        <th>Actions</th>
+        <th
+          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+        >
+          Project
+        </th>
+        <th
+          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+        >
+          Actions
+        </th>
       </tr>
     </thead>
     <tbody>
       {#each $projectsQuery.data.names as name}
-        <tr>
-          <td class="font-mono text-xs">{name}</td>
-          <td>
+        <tr class="group">
+          <td
+            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50 font-mono text-xs"
+          >
+            {name}
+          </td>
+          <td
+            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50"
+          >
             <div class="flex gap-2">
               <a
                 href={`/${name}`}
                 target="_blank"
-                class="action-btn"
+                class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700"
               >
                 View
               </a>
               <button
-                class="action-btn"
+                class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 disabled:opacity-50 disabled:cursor-not-allowed"
                 disabled={actionInProgress === `hibernate:${name}`}
                 on:click={() => handleHibernate(name)}
               >
                 {actionInProgress === `hibernate:${name}` ? "Hibernating..." : "Hibernate"}
               </button>
               <button
-                class="action-btn destructive"
+                class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20 disabled:opacity-50 disabled:cursor-not-allowed"
                 disabled={actionInProgress === `redeploy:${name}`}
                 on:click={() => handleRedeploy(name)}
               >
@@ -145,41 +161,3 @@
   destructive={confirmDestructive}
   onConfirm={confirmAction}
 />
-
-<style lang="postcss">
-  th {
-    @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider
-      px-4 py-2 border-b border-slate-200 dark:border-slate-700;
-  }
-
-  td {
-    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
-      border-b border-slate-100 dark:border-slate-800;
-  }
-
-  tr:hover td {
-    @apply bg-slate-50 dark:bg-slate-800/50;
-  }
-
-  .action-btn {
-    @apply text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600
-      text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700;
-  }
-
-  .action-btn:disabled {
-    @apply opacity-50 cursor-not-allowed;
-  }
-
-  .action-btn.destructive {
-    @apply border-red-300 text-red-600 hover:bg-red-50
-      dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20;
-  }
-
-  .loading {
-    @apply flex items-center gap-2 py-4;
-  }
-
-  .spinner {
-    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-</style>
diff --git a/web-admin/src/routes/-/admin/quotas/+page.svelte b/web-admin/src/routes/-/admin/quotas/+page.svelte
index 5750b434791..ce9d1a9867d 100644
--- a/web-admin/src/routes/-/admin/quotas/+page.svelte
+++ b/web-admin/src/routes/-/admin/quotas/+page.svelte
@@ -73,9 +73,9 @@
   description="View and adjust resource quotas for organizations."
 />
 
-<div class="sections">
-  <section class="card">
-    <div class="form-row mb-4">
+<div class="flex flex-col gap-6">
+  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+    <div class="flex gap-3 items-center flex-wrap mb-4">
       <div class="w-64">
         <OrgSearchInput
           bind:value={orgValue}
@@ -86,58 +86,96 @@
     </div>
 
     {#if activeOrg && $orgQuery.isFetching}
-      <div class="loading">
-        <div class="spinner" />
+      <div class="flex items-center gap-2 py-4">
+        <div
+          class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+        />
         <span class="text-sm text-slate-500">Loading quotas...</span>
       </div>
     {:else if activeOrg && $orgQuery.data?.organization}
-      <div class="quota-grid">
-        <div class="quota-field">
-          <label class="quota-label" for="projects">Projects</label>
-          <input id="projects" type="number" class="input" bind:value={projects} />
+      <div class="grid grid-cols-2 lg:grid-cols-3 gap-4">
+        <div class="flex flex-col gap-1">
+          <label
+            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            for="projects">Projects</label
+          >
+          <input
+            id="projects"
+            type="number"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            bind:value={projects}
+          />
         </div>
-        <div class="quota-field">
-          <label class="quota-label" for="deployments">Deployments</label>
-          <input id="deployments" type="number" class="input" bind:value={deployments} />
+        <div class="flex flex-col gap-1">
+          <label
+            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            for="deployments">Deployments</label
+          >
+          <input
+            id="deployments"
+            type="number"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            bind:value={deployments}
+          />
         </div>
-        <div class="quota-field">
-          <label class="quota-label" for="slotsTotal">Total Slots</label>
-          <input id="slotsTotal" type="number" class="input" bind:value={slotsTotal} />
+        <div class="flex flex-col gap-1">
+          <label
+            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            for="slotsTotal">Total Slots</label
+          >
+          <input
+            id="slotsTotal"
+            type="number"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            bind:value={slotsTotal}
+          />
         </div>
-        <div class="quota-field">
-          <label class="quota-label" for="slotsPerDeployment">Slots per Deployment</label>
-          <input id="slotsPerDeployment" type="number" class="input" bind:value={slotsPerDeployment} />
+        <div class="flex flex-col gap-1">
+          <label
+            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            for="slotsPerDeployment">Slots per Deployment</label
+          >
+          <input
+            id="slotsPerDeployment"
+            type="number"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            bind:value={slotsPerDeployment}
+          />
         </div>
-        <div class="quota-field">
-          <label class="quota-label" for="outstandingInvites">Outstanding Invites</label>
-          <input id="outstandingInvites" type="number" class="input" bind:value={outstandingInvites} />
+        <div class="flex flex-col gap-1">
+          <label
+            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            for="outstandingInvites">Outstanding Invites</label
+          >
+          <input
+            id="outstandingInvites"
+            type="number"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            bind:value={outstandingInvites}
+          />
         </div>
-        <div class="quota-field">
-          <label class="quota-label" for="storageLimitBytes">Storage Limit (bytes)</label>
-          <input id="storageLimitBytes" type="text" class="input" bind:value={storageLimitBytes} />
+        <div class="flex flex-col gap-1">
+          <label
+            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            for="storageLimitBytes">Storage Limit (bytes)</label
+          >
+          <input
+            id="storageLimitBytes"
+            type="text"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            bind:value={storageLimitBytes}
+          />
         </div>
       </div>
 
       <div class="mt-4">
-        <button class="btn-primary" on:click={handleSaveQuotas}>Save Quotas</button>
+        <button
+          class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap"
+          on:click={handleSaveQuotas}
+        >
+          Save Quotas
+        </button>
       </div>
     {/if}
   </section>
 </div>
-
-<style lang="postcss">
-  .sections { @apply flex flex-col gap-6; }
-  .card { @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700; }
-  .form-row { @apply flex gap-3 items-center flex-wrap; }
-  .input {
-    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
-      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
-  }
-  .btn-primary { @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap; }
-  .quota-grid { @apply grid grid-cols-2 lg:grid-cols-3 gap-4; }
-  .quota-field { @apply flex flex-col gap-1; }
-  .quota-label { @apply text-xs font-medium text-slate-500 dark:text-slate-400; }
-  .loading { @apply flex items-center gap-2 py-4; }
-  .spinner { @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin; }
-</style>
diff --git a/web-admin/src/routes/-/admin/superusers/+page.svelte b/web-admin/src/routes/-/admin/superusers/+page.svelte
index be6a6bce02d..975cddb73aa 100644
--- a/web-admin/src/routes/-/admin/superusers/+page.svelte
+++ b/web-admin/src/routes/-/admin/superusers/+page.svelte
@@ -67,19 +67,27 @@
   description="Manage who has superuser (super admin) access across all of Rill Cloud."
 />
 
-<div class="card mb-6">
-  <h2 class="card-title">Add Superuser</h2>
-  <div class="form-row">
+<div class="p-5 rounded-lg border border-slate-200 dark:border-slate-700 mb-6">
+  <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3">
+    Add Superuser
+  </h2>
+  <div class="flex gap-3 items-center flex-wrap">
     <input
       type="email"
-      class="input"
+      class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
       placeholder="Email address"
       bind:value={newEmail}
       on:keydown={(e) => e.key === "Enter" && handleAdd()}
     />
-    <button class="btn-primary" on:click={handleAdd} disabled={addLoading || !newEmail}>
+    <button
+      class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
+      on:click={handleAdd}
+      disabled={addLoading || !newEmail}
+    >
       {#if addLoading}
-        <span class="btn-spinner" />
+        <span
+          class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
+        />
         Adding...
       {:else}
         Add Superuser
@@ -89,30 +97,54 @@
 </div>
 
 {#if $superusersQuery.isFetching}
-  <div class="loading">
-    <div class="spinner" />
+  <div class="flex items-center gap-2 py-4">
+    <div
+      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
+    />
     <span class="text-sm text-slate-500">Loading superusers...</span>
   </div>
 {:else if $superusersQuery.data?.users?.length}
-  <p class="text-xs text-slate-500 mb-2">
+  <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
     {$superusersQuery.data.users.length} superuser{$superusersQuery.data.users.length === 1 ? "" : "s"}
   </p>
   <table class="w-full">
     <thead>
       <tr>
-        <th>Email</th>
-        <th>Display Name</th>
-        <th>Actions</th>
+        <th
+          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+        >
+          Email
+        </th>
+        <th
+          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+        >
+          Display Name
+        </th>
+        <th
+          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+        >
+          Actions
+        </th>
       </tr>
     </thead>
     <tbody>
       {#each $superusersQuery.data.users as user}
         <tr>
-          <td class="font-mono text-xs">{user.email}</td>
-          <td>{user.displayName ?? "-"}</td>
-          <td>
+          <td
+            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 font-mono text-xs"
+          >
+            {user.email}
+          </td>
+          <td
+            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800"
+          >
+            {user.displayName ?? "-"}
+          </td>
+          <td
+            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800"
+          >
             <button
-              class="action-btn destructive"
+              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400"
               on:click={() => handleRemove(user.email ?? "")}
             >
               Remove
@@ -131,59 +163,3 @@
   destructive={confirmDestructive}
   onConfirm={confirmAction}
 />
-
-<style lang="postcss">
-  .card {
-    @apply p-5 rounded-lg border border-slate-200 dark:border-slate-700;
-  }
-
-  .card-title {
-    @apply text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3;
-  }
-
-  .form-row {
-    @apply flex gap-3 items-center flex-wrap;
-  }
-
-  .input {
-    @apply px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600
-      bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100
-      placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500;
-  }
-
-  .btn-primary {
-    @apply px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700
-      whitespace-nowrap flex items-center gap-2;
-  }
-
-  .btn-primary:disabled {
-    @apply opacity-50 cursor-not-allowed;
-  }
-
-  .btn-spinner {
-    @apply inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin;
-  }
-
-  th {
-    @apply text-left text-xs font-medium text-slate-500 uppercase tracking-wider
-      px-4 py-2 border-b border-slate-200 dark:border-slate-700;
-  }
-
-  td {
-    @apply px-4 py-3 text-sm text-slate-700 dark:text-slate-300
-      border-b border-slate-100 dark:border-slate-800;
-  }
-
-  .action-btn.destructive {
-    @apply text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50
-      dark:border-red-700 dark:text-red-400;
-  }
-
-  .loading {
-    @apply flex items-center gap-2 py-4;
-  }
-
-  .spinner {
-    @apply w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin;
-  }
-</style>

From 8a48cab796848be5bfb345dbc06d31d5db767a87 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Sat, 21 Mar 2026 01:04:06 -0700
Subject: [PATCH 29/35] fix(admin-console): add dark mode backgrounds and
 missing dark text variants

Add explicit bg-white/dark:bg-slate-900 to admin layout wrapper and
bg-slate-50/dark:bg-slate-950 to content area. Add dark:text-slate-400
to all loading/empty state text that was missing dark variants.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 web-admin/src/routes/-/admin/+layout.svelte             | 4 ++--
 web-admin/src/routes/-/admin/+page.svelte               | 6 +++---
 web-admin/src/routes/-/admin/billing/+page.svelte       | 6 +++---
 web-admin/src/routes/-/admin/organizations/+page.svelte | 4 ++--
 web-admin/src/routes/-/admin/projects/+page.svelte      | 6 +++---
 web-admin/src/routes/-/admin/quotas/+page.svelte        | 2 +-
 web-admin/src/routes/-/admin/superusers/+page.svelte    | 2 +-
 7 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/web-admin/src/routes/-/admin/+layout.svelte b/web-admin/src/routes/-/admin/+layout.svelte
index 078533192f2..251ede3ea04 100644
--- a/web-admin/src/routes/-/admin/+layout.svelte
+++ b/web-admin/src/routes/-/admin/+layout.svelte
@@ -6,9 +6,9 @@
   <title>Admin Console | Rill</title>
 </svelte:head>
 
-<div class="flex h-screen overflow-hidden">
+<div class="flex h-screen overflow-hidden bg-white dark:bg-slate-900">
   <AdminSidebar />
-  <div class="flex-1 overflow-y-auto p-8">
+  <div class="flex-1 overflow-y-auto p-8 bg-slate-50 dark:bg-slate-950">
     <slot />
   </div>
 </div>
diff --git a/web-admin/src/routes/-/admin/+page.svelte b/web-admin/src/routes/-/admin/+page.svelte
index 97be51ea943..bc21b108070 100644
--- a/web-admin/src/routes/-/admin/+page.svelte
+++ b/web-admin/src/routes/-/admin/+page.svelte
@@ -100,7 +100,7 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500">Searching users...</span>
+    <span class="text-sm text-slate-500 dark:text-slate-400">Searching users...</span>
   </div>
 {:else if $usersQuery.data?.users?.length}
   <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
@@ -191,9 +191,9 @@
     </table>
   </div>
 {:else if searchQuery.length >= 3 && $usersQuery.isSuccess}
-  <p class="text-sm text-slate-500">No users found for "{searchQuery}"</p>
+  <p class="text-sm text-slate-500 dark:text-slate-400">No users found for "{searchQuery}"</p>
 {:else if searchQuery.length < 3}
-  <p class="text-sm text-slate-400">
+  <p class="text-sm text-slate-400 dark:text-slate-500">
     Type at least 3 characters to search across all organizations.
   </p>
 {/if}
diff --git a/web-admin/src/routes/-/admin/billing/+page.svelte b/web-admin/src/routes/-/admin/billing/+page.svelte
index ff51436f485..fd04358c356 100644
--- a/web-admin/src/routes/-/admin/billing/+page.svelte
+++ b/web-admin/src/routes/-/admin/billing/+page.svelte
@@ -324,7 +324,7 @@
         <div
           class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
         />
-        <span class="text-sm text-slate-500">Loading issues...</span>
+        <span class="text-sm text-slate-500 dark:text-slate-400">Loading issues...</span>
       </div>
     {:else if $billingIssuesQuery.data?.issues?.length}
       <div class="flex flex-col gap-2">
@@ -336,7 +336,7 @@
               <span class="text-sm font-mono text-slate-700 dark:text-slate-300"
                 >{issue.type}</span
               >
-              <span class="text-xs text-slate-500 ml-2"
+              <span class="text-xs text-slate-500 dark:text-slate-400 ml-2"
                 >{issue.metadata ?? ""}</span
               >
             </div>
@@ -351,7 +351,7 @@
         {/each}
       </div>
     {:else if issuesOrg && $billingIssuesQuery.isSuccess}
-      <p class="text-sm text-slate-500">No billing issues found.</p>
+      <p class="text-sm text-slate-500 dark:text-slate-400">No billing issues found.</p>
     {/if}
   </section>
 </div>
diff --git a/web-admin/src/routes/-/admin/organizations/+page.svelte b/web-admin/src/routes/-/admin/organizations/+page.svelte
index b6acb4436c2..8119ae0d7f0 100644
--- a/web-admin/src/routes/-/admin/organizations/+page.svelte
+++ b/web-admin/src/routes/-/admin/organizations/+page.svelte
@@ -169,7 +169,7 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500">Looking up organization...</span>
+    <span class="text-sm text-slate-500 dark:text-slate-400">Looking up organization...</span>
   </div>
 {:else if $orgQuery.isError && lookupOrg}
   <p class="text-sm text-red-600">
@@ -328,7 +328,7 @@
         <div
           class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
         />
-        <span class="text-sm text-slate-500">Loading members...</span>
+        <span class="text-sm text-slate-500 dark:text-slate-400">Loading members...</span>
       </div>
     {:else if $membersQuery.data?.members?.length}
       <section
diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
index 657cb5e248a..ae4a3874847 100644
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -86,7 +86,7 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500">Searching projects...</span>
+    <span class="text-sm text-slate-500 dark:text-slate-400">Searching projects...</span>
   </div>
 {:else if $projectsQuery.data?.names?.length}
   <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
@@ -147,9 +147,9 @@
     </tbody>
   </table>
 {:else if searchQuery.length >= 3 && $projectsQuery.isSuccess}
-  <p class="text-sm text-slate-500">No projects found for "{searchQuery}"</p>
+  <p class="text-sm text-slate-500 dark:text-slate-400">No projects found for "{searchQuery}"</p>
 {:else if searchQuery.length < 3}
-  <p class="text-sm text-slate-400">
+  <p class="text-sm text-slate-400 dark:text-slate-500">
     Type at least 3 characters to search across all organizations.
   </p>
 {/if}
diff --git a/web-admin/src/routes/-/admin/quotas/+page.svelte b/web-admin/src/routes/-/admin/quotas/+page.svelte
index ce9d1a9867d..4d372ce7db9 100644
--- a/web-admin/src/routes/-/admin/quotas/+page.svelte
+++ b/web-admin/src/routes/-/admin/quotas/+page.svelte
@@ -90,7 +90,7 @@
         <div
           class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
         />
-        <span class="text-sm text-slate-500">Loading quotas...</span>
+        <span class="text-sm text-slate-500 dark:text-slate-400">Loading quotas...</span>
       </div>
     {:else if activeOrg && $orgQuery.data?.organization}
       <div class="grid grid-cols-2 lg:grid-cols-3 gap-4">
diff --git a/web-admin/src/routes/-/admin/superusers/+page.svelte b/web-admin/src/routes/-/admin/superusers/+page.svelte
index 975cddb73aa..ae422d1553a 100644
--- a/web-admin/src/routes/-/admin/superusers/+page.svelte
+++ b/web-admin/src/routes/-/admin/superusers/+page.svelte
@@ -101,7 +101,7 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500">Loading superusers...</span>
+    <span class="text-sm text-slate-500 dark:text-slate-400">Loading superusers...</span>
   </div>
 {:else if $superusersQuery.data?.users?.length}
   <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">

From 64de7ce4ba3c7c03f20c0d17cbb9c736375f9eaa Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Sat, 21 Mar 2026 01:28:03 -0700
Subject: [PATCH 30/35] fix(admin-console): remove dark: prefixes, use
 auto-adapting CSS variables

Rill's Tailwind color palette (slate, blue, red, etc.) uses CSS custom
properties that already swap between light and dark values. Using dark:
prefixed classes caused double-inversion. Remove all dark: variants and
replace bg-white with bg-slate-50 which auto-adapts.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../admin/layout/AdminPageHeader.svelte       |  4 +-
 .../features/admin/layout/AdminSidebar.svelte | 12 ++--
 .../admin/shared/ConfirmDialog.svelte         |  8 +--
 .../admin/shared/OrgSearchInput.svelte        |  6 +-
 .../features/admin/shared/SearchInput.svelte  |  2 +-
 .../admin/shared/UserSearchInput.svelte       |  6 +-
 web-admin/src/routes/-/admin/+layout.svelte   |  4 +-
 web-admin/src/routes/-/admin/+page.svelte     | 36 +++++-----
 .../src/routes/-/admin/billing/+page.svelte   | 54 +++++++-------
 .../routes/-/admin/organizations/+page.svelte | 72 +++++++++----------
 .../src/routes/-/admin/projects/+page.svelte  | 22 +++---
 .../src/routes/-/admin/quotas/+page.svelte    | 28 ++++----
 .../routes/-/admin/superusers/+page.svelte    | 24 +++----
 13 files changed, 139 insertions(+), 139 deletions(-)

diff --git a/web-admin/src/features/admin/layout/AdminPageHeader.svelte b/web-admin/src/features/admin/layout/AdminPageHeader.svelte
index 73875ce56da..da7eb7bfdce 100644
--- a/web-admin/src/features/admin/layout/AdminPageHeader.svelte
+++ b/web-admin/src/features/admin/layout/AdminPageHeader.svelte
@@ -4,11 +4,11 @@
 </script>
 
 <div class="mb-6">
-  <h1 class="text-xl font-semibold text-slate-900 dark:text-slate-100">
+  <h1 class="text-xl font-semibold text-slate-900">
     {title}
   </h1>
   {#if description}
-    <p class="text-sm text-slate-500 dark:text-slate-400 mt-1">
+    <p class="text-sm text-slate-500 mt-1">
       {description}
     </p>
   {/if}
diff --git a/web-admin/src/features/admin/layout/AdminSidebar.svelte b/web-admin/src/features/admin/layout/AdminSidebar.svelte
index 8035dca503c..2de43af91ee 100644
--- a/web-admin/src/features/admin/layout/AdminSidebar.svelte
+++ b/web-admin/src/features/admin/layout/AdminSidebar.svelte
@@ -33,10 +33,10 @@
 </script>
 
 <nav
-  class="w-56 flex-shrink-0 border-r border-slate-200 dark:border-slate-700 bg-white dark:bg-slate-900 flex flex-col h-full"
+  class="w-56 flex-shrink-0 border-r border-slate-200 bg-slate-50 flex flex-col h-full"
 >
-  <div class="px-4 py-4 border-b border-slate-200 dark:border-slate-700">
-    <span class="text-sm font-semibold text-slate-900 dark:text-slate-100">
+  <div class="px-4 py-4 border-b border-slate-200">
+    <span class="text-sm font-semibold text-slate-900">
       Admin Console
     </span>
   </div>
@@ -45,7 +45,7 @@
     {#each navGroups as group}
       <div class="mb-4">
         <span
-          class="text-[11px] font-semibold uppercase tracking-wider text-slate-400 dark:text-slate-500 px-2 mb-1 block"
+          class="text-[11px] font-semibold uppercase tracking-wider text-slate-400 px-2 mb-1 block"
         >
           {group.heading}
         </span>
@@ -56,8 +56,8 @@
               item.href,
               $page.url.pathname,
             )
-              ? 'bg-slate-100 dark:bg-slate-800 text-slate-900 dark:text-slate-100 font-medium'
-              : 'text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-800'}"
+              ? 'bg-slate-100 text-slate-900 font-medium'
+              : 'text-slate-600 hover:bg-slate-100'}"
           >
             {item.label}
           </a>
diff --git a/web-admin/src/features/admin/shared/ConfirmDialog.svelte b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
index 43ab90cb7ea..50a8b869dbd 100644
--- a/web-admin/src/features/admin/shared/ConfirmDialog.svelte
+++ b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
@@ -37,20 +37,20 @@
     on:click={handleCancel}
   >
     <div
-      class="bg-white dark:bg-slate-800 rounded-lg p-6 max-w-md w-full mx-4 shadow-xl"
+      class="bg-slate-50 rounded-lg p-6 max-w-md w-full mx-4 shadow-xl"
       on:click|stopPropagation
     >
-      <h2 class="text-lg font-semibold text-slate-900 dark:text-slate-100">
+      <h2 class="text-lg font-semibold text-slate-900">
         {title}
       </h2>
       {#if description}
-        <p class="text-sm text-slate-500 dark:text-slate-400 mt-2">
+        <p class="text-sm text-slate-500 mt-2">
           {description}
         </p>
       {/if}
       <div class="flex justify-end gap-3 mt-6">
         <button
-          class="px-4 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 text-slate-700 dark:text-slate-300 hover:bg-slate-50 dark:hover:bg-slate-700 disabled:opacity-50 disabled:cursor-not-allowed"
+          class="px-4 py-2 text-sm rounded-md border border-slate-300 text-slate-700 hover:bg-slate-50 disabled:opacity-50 disabled:cursor-not-allowed"
           on:click={handleCancel}
           disabled={loading}
         >
diff --git a/web-admin/src/features/admin/shared/OrgSearchInput.svelte b/web-admin/src/features/admin/shared/OrgSearchInput.svelte
index 30a4ebffb73..3c55936d734 100644
--- a/web-admin/src/features/admin/shared/OrgSearchInput.svelte
+++ b/web-admin/src/features/admin/shared/OrgSearchInput.svelte
@@ -63,7 +63,7 @@
 <div class="relative">
   <input
     type="text"
-    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
+    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
     {placeholder}
     bind:value
     on:keydown={handleKeydown}
@@ -77,11 +77,11 @@
   {/if}
   {#if showDropdown && orgNames.length > 0}
     <div
-      class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+      class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
     >
       {#each orgNames as org}
         <button
-          class="w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer"
+          class="w-full text-left px-3 py-2 text-sm text-slate-700 hover:bg-slate-100 cursor-pointer"
           on:mousedown|preventDefault={() => selectOrg(org)}
         >
           {org}
diff --git a/web-admin/src/features/admin/shared/SearchInput.svelte b/web-admin/src/features/admin/shared/SearchInput.svelte
index 2e16b21d50a..518f542158e 100644
--- a/web-admin/src/features/admin/shared/SearchInput.svelte
+++ b/web-admin/src/features/admin/shared/SearchInput.svelte
@@ -28,7 +28,7 @@
 <div class="relative">
   <input
     type="text"
-    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
+    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
     {placeholder}
     {value}
     on:input={handleInput}
diff --git a/web-admin/src/features/admin/shared/UserSearchInput.svelte b/web-admin/src/features/admin/shared/UserSearchInput.svelte
index fe2c9fead37..2ad5c147cd7 100644
--- a/web-admin/src/features/admin/shared/UserSearchInput.svelte
+++ b/web-admin/src/features/admin/shared/UserSearchInput.svelte
@@ -52,7 +52,7 @@
 <div class="relative">
   <input
     type="text"
-    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
+    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
     {placeholder}
     bind:value
     on:keydown={handleKeydown}
@@ -66,11 +66,11 @@
   {/if}
   {#if showDropdown && emails.length > 0}
     <div
-      class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+      class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
     >
       {#each emails as email}
         <button
-          class="w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer"
+          class="w-full text-left px-3 py-2 text-sm text-slate-700 hover:bg-slate-100 cursor-pointer"
           on:mousedown|preventDefault={() => selectUser(email)}
         >
           {email}
diff --git a/web-admin/src/routes/-/admin/+layout.svelte b/web-admin/src/routes/-/admin/+layout.svelte
index 251ede3ea04..5636b2c3a6c 100644
--- a/web-admin/src/routes/-/admin/+layout.svelte
+++ b/web-admin/src/routes/-/admin/+layout.svelte
@@ -6,9 +6,9 @@
   <title>Admin Console | Rill</title>
 </svelte:head>
 
-<div class="flex h-screen overflow-hidden bg-white dark:bg-slate-900">
+<div class="flex h-screen overflow-hidden bg-slate-50">
   <AdminSidebar />
-  <div class="flex-1 overflow-y-auto p-8 bg-slate-50 dark:bg-slate-950">
+  <div class="flex-1 overflow-y-auto p-8 bg-slate-50">
     <slot />
   </div>
 </div>
diff --git a/web-admin/src/routes/-/admin/+page.svelte b/web-admin/src/routes/-/admin/+page.svelte
index bc21b108070..056c969bad2 100644
--- a/web-admin/src/routes/-/admin/+page.svelte
+++ b/web-admin/src/routes/-/admin/+page.svelte
@@ -76,11 +76,11 @@
 
 {#if $assumedUser}
   <div
-    class="flex items-center gap-3 mb-4 px-4 py-2 rounded-md bg-amber-50 border border-amber-200 text-amber-800 text-sm dark:bg-amber-900/20 dark:border-amber-700 dark:text-amber-300"
+    class="flex items-center gap-3 mb-4 px-4 py-2 rounded-md bg-amber-50 border border-amber-200 text-amber-800 text-sm"
   >
     <span>Currently assumed as <strong>{$assumedUser}</strong></span>
     <button
-      class="text-xs px-3 py-1 rounded border border-amber-400 bg-white text-amber-700 hover:bg-amber-50 dark:bg-amber-900/30 dark:border-amber-600 dark:text-amber-300 dark:hover:bg-amber-900/50"
+      class="text-xs px-3 py-1 rounded border border-amber-400 bg-slate-50 text-amber-700 hover:bg-amber-50"
       on:click={handleUnassume}
     >
       Unassume
@@ -100,35 +100,35 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500 dark:text-slate-400">Searching users...</span>
+    <span class="text-sm text-slate-500">Searching users...</span>
   </div>
 {:else if $usersQuery.data?.users?.length}
-  <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
+  <p class="text-xs text-slate-500 mb-2">
     {$usersQuery.data.users.length} result{$usersQuery.data.users.length === 1
       ? ""
       : "s"}
   </p>
-  <div class="rounded-lg border border-slate-200 dark:border-slate-700 overflow-hidden">
+  <div class="rounded-lg border border-slate-200 overflow-hidden">
     <table class="w-full border-collapse">
       <thead>
         <tr>
           <th
-            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
           >
             Email
           </th>
           <th
-            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
           >
             Display Name
           </th>
           <th
-            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
           >
             Created
           </th>
           <th
-            class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
           >
             Actions
           </th>
@@ -139,43 +139,43 @@
           {@const isAssumed = $assumedUser === user.email}
           <tr class="group">
             <td
-              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50 font-mono text-xs"
+              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50 font-mono text-xs"
             >
               {user.email}
             </td>
             <td
-              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50"
+              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50"
             >
               {user.displayName ?? "-"}
             </td>
             <td
-              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50 text-xs text-slate-500"
+              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50 text-xs text-slate-500"
             >
               {user.createdOn
                 ? new Date(user.createdOn).toLocaleDateString()
                 : "-"}
             </td>
             <td
-              class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50"
+              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50"
             >
               <div class="flex gap-2">
                 {#if isAssumed}
                   <button
-                    class="text-xs px-2 py-1 rounded border border-amber-400 bg-amber-50 text-amber-700 hover:bg-amber-100 dark:border-amber-600 dark:bg-amber-900/20 dark:text-amber-300 dark:hover:bg-amber-900/40"
+                    class="text-xs px-2 py-1 rounded border border-amber-400 bg-amber-50 text-amber-700 hover:bg-amber-100"
                     on:click={handleUnassume}
                   >
                     Unassume
                   </button>
                 {:else}
                   <button
-                    class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700"
+                    class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100"
                     on:click={() => handleAssume(user.email ?? "")}
                   >
                     Open as User
                   </button>
                 {/if}
                 <button
-                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20 disabled:opacity-50 disabled:cursor-not-allowed"
+                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 disabled:opacity-50 disabled:cursor-not-allowed"
                   disabled={actionInProgress === `delete:${user.email}`}
                   on:click={() => handleDelete(user.email ?? "")}
                 >
@@ -191,9 +191,9 @@
     </table>
   </div>
 {:else if searchQuery.length >= 3 && $usersQuery.isSuccess}
-  <p class="text-sm text-slate-500 dark:text-slate-400">No users found for "{searchQuery}"</p>
+  <p class="text-sm text-slate-500">No users found for "{searchQuery}"</p>
 {:else if searchQuery.length < 3}
-  <p class="text-sm text-slate-400 dark:text-slate-500">
+  <p class="text-sm text-slate-400">
     Type at least 3 characters to search across all organizations.
   </p>
 {/if}
diff --git a/web-admin/src/routes/-/admin/billing/+page.svelte b/web-admin/src/routes/-/admin/billing/+page.svelte
index fd04358c356..3d5a3f4e619 100644
--- a/web-admin/src/routes/-/admin/billing/+page.svelte
+++ b/web-admin/src/routes/-/admin/billing/+page.svelte
@@ -140,12 +140,12 @@
 <div class="flex flex-col gap-6 pb-12">
   <!-- Billing Setup (Primary feature) -->
   <section
-    class="p-5 rounded-lg border border-blue-200 dark:border-blue-800 bg-blue-50/50 dark:bg-blue-900/10"
+    class="p-5 rounded-lg border border-blue-200 bg-blue-50/50"
   >
-    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+    <h2 class="text-sm font-semibold text-slate-900 mb-1">
       Billing Setup
     </h2>
-    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
+    <p class="text-xs text-slate-500 mb-4">
       Generate a Stripe checkout page link for an organization to enter their
       billing information.
     </p>
@@ -173,22 +173,22 @@
     </div>
     {#if setupUrl}
       <div class="mt-4 flex flex-col gap-1">
-        <span class="text-xs text-slate-500 dark:text-slate-400"
+        <span class="text-xs text-slate-500"
           >Share this link with the customer:</span
         >
         <div
-          class="flex items-center gap-2 p-3 rounded-md bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700"
+          class="flex items-center gap-2 p-3 rounded-md bg-slate-50 border border-slate-200"
         >
           <a
             href={setupUrl}
             target="_blank"
             rel="noreferrer"
-            class="flex-1 text-sm text-blue-600 dark:text-blue-400 break-all hover:underline"
+            class="flex-1 text-sm text-blue-600 break-all hover:underline"
           >
             {setupUrl}
           </a>
           <button
-            class="text-xs px-3 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 whitespace-nowrap"
+            class="text-xs px-3 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100 whitespace-nowrap"
             on:click={() => {
               navigator.clipboard.writeText(setupUrl);
               notifySuccess( "URL copied to clipboard");
@@ -202,11 +202,11 @@
   </section>
 
   <!-- Extend Trial -->
-  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
-    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+  <section class="p-5 rounded-lg border border-slate-200">
+    <h2 class="text-sm font-semibold text-slate-900 mb-1">
       Extend Trial
     </h2>
-    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
+    <p class="text-xs text-slate-500 mb-4">
       Add days to an organization's trial period.
     </p>
     <div class="flex gap-3 items-center flex-wrap">
@@ -218,7 +218,7 @@
       </div>
       <input
         type="number"
-        class="w-24 px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
+        class="w-24 px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
         min="1"
         max="365"
         bind:value={trialDays}
@@ -241,11 +241,11 @@
   </section>
 
   <!-- Set Billing Customer ID -->
-  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
-    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+  <section class="p-5 rounded-lg border border-slate-200">
+    <h2 class="text-sm font-semibold text-slate-900 mb-1">
       Set Billing Customer ID
     </h2>
-    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
+    <p class="text-xs text-slate-500 mb-4">
       Associate a Stripe customer ID with an organization.
     </p>
     <div class="flex gap-3 items-center flex-wrap">
@@ -257,7 +257,7 @@
       </div>
       <input
         type="text"
-        class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 dark:placeholder:text-slate-500 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
+        class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
         placeholder="Stripe customer ID (cus_...)"
         bind:value={customerId}
       />
@@ -279,11 +279,11 @@
   </section>
 
   <!-- Billing Repair -->
-  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
-    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+  <section class="p-5 rounded-lg border border-slate-200">
+    <h2 class="text-sm font-semibold text-slate-900 mb-1">
       Billing Repair
     </h2>
-    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
+    <p class="text-xs text-slate-500 mb-4">
       Trigger a billing state recalculation for an organization.
     </p>
     <div class="flex gap-3 items-center flex-wrap">
@@ -304,11 +304,11 @@
   </section>
 
   <!-- Billing Issues -->
-  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
-    <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-1">
+  <section class="p-5 rounded-lg border border-slate-200">
+    <h2 class="text-sm font-semibold text-slate-900 mb-1">
       Billing Issues
     </h2>
-    <p class="text-xs text-slate-500 dark:text-slate-400 mb-4">
+    <p class="text-xs text-slate-500 mb-4">
       View and resolve billing issues for an organization.
     </p>
     <div class="flex gap-3 items-center flex-wrap mb-4">
@@ -324,24 +324,24 @@
         <div
           class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
         />
-        <span class="text-sm text-slate-500 dark:text-slate-400">Loading issues...</span>
+        <span class="text-sm text-slate-500">Loading issues...</span>
       </div>
     {:else if $billingIssuesQuery.data?.issues?.length}
       <div class="flex flex-col gap-2">
         {#each $billingIssuesQuery.data.issues as issue}
           <div
-            class="flex items-center justify-between px-3 py-2 rounded bg-slate-50 dark:bg-slate-800"
+            class="flex items-center justify-between px-3 py-2 rounded bg-slate-50"
           >
             <div>
-              <span class="text-sm font-mono text-slate-700 dark:text-slate-300"
+              <span class="text-sm font-mono text-slate-700"
                 >{issue.type}</span
               >
-              <span class="text-xs text-slate-500 dark:text-slate-400 ml-2"
+              <span class="text-xs text-slate-500 ml-2"
                 >{issue.metadata ?? ""}</span
               >
             </div>
             <button
-              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20"
+              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50"
               on:click={() =>
                 handleDeleteIssue(issuesOrg, issue.type ?? "BILLING_ISSUE_TYPE_UNSPECIFIED")}
             >
@@ -351,7 +351,7 @@
         {/each}
       </div>
     {:else if issuesOrg && $billingIssuesQuery.isSuccess}
-      <p class="text-sm text-slate-500 dark:text-slate-400">No billing issues found.</p>
+      <p class="text-sm text-slate-500">No billing issues found.</p>
     {/if}
   </section>
 </div>
diff --git a/web-admin/src/routes/-/admin/organizations/+page.svelte b/web-admin/src/routes/-/admin/organizations/+page.svelte
index 8119ae0d7f0..b9bf7774153 100644
--- a/web-admin/src/routes/-/admin/organizations/+page.svelte
+++ b/web-admin/src/routes/-/admin/organizations/+page.svelte
@@ -126,7 +126,7 @@
   <div class="relative">
     <input
       type="text"
-      class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+      class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
       placeholder="Search organizations (min 3 characters)..."
       bind:value={searchInput}
       on:keydown={handleInputKeydown}
@@ -140,11 +140,11 @@
     {/if}
     {#if showDropdown && orgNames.length > 0}
       <div
-        class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+        class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
       >
         {#each orgNames as org}
           <button
-            class="w-full text-left px-3 py-2 text-sm text-slate-700 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 cursor-pointer"
+            class="w-full text-left px-3 py-2 text-sm text-slate-700 hover:bg-slate-100 cursor-pointer"
             on:mousedown|preventDefault={() => selectOrg(org)}
           >
             {org}
@@ -153,7 +153,7 @@
       </div>
     {:else if showDropdown && searchInput.length >= 3 && $orgSearchQuery.isSuccess && orgNames.length === 0}
       <div
-        class="absolute z-10 w-full mt-1 bg-white dark:bg-slate-800 border border-slate-200 dark:border-slate-700 rounded-md shadow-lg max-h-48 overflow-y-auto"
+        class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
       >
         <div class="px-3 py-2 text-sm text-slate-400">No organizations found</div>
       </div>
@@ -169,7 +169,7 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500 dark:text-slate-400">Looking up organization...</span>
+    <span class="text-sm text-slate-500">Looking up organization...</span>
   </div>
 {:else if $orgQuery.isError && lookupOrg}
   <p class="text-sm text-red-600">
@@ -178,75 +178,75 @@
 {:else if $orgQuery.data?.organization}
   {@const org = $orgQuery.data.organization}
   <div class="flex flex-col gap-4">
-    <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+    <section class="p-5 rounded-lg border border-slate-200">
       <h2
-        class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3"
+        class="text-sm font-semibold text-slate-900 mb-3"
       >
         Organization Details
       </h2>
       <div class="grid grid-cols-2 lg:grid-cols-4 gap-3">
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >ID</span
           >
           <span
-            class="text-sm text-slate-900 dark:text-slate-100 font-mono text-xs"
+            class="text-sm text-slate-900 font-mono text-xs"
             >{org.id}</span
           >
         </div>
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >Name</span
           >
-          <span class="text-sm text-slate-900 dark:text-slate-100"
+          <span class="text-sm text-slate-900"
             >{org.name}</span
           >
         </div>
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >Description</span
           >
-          <span class="text-sm text-slate-900 dark:text-slate-100"
+          <span class="text-sm text-slate-900"
             >{org.description ?? "-"}</span
           >
         </div>
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >Billing Plan</span
           >
-          <span class="text-sm text-slate-900 dark:text-slate-100"
+          <span class="text-sm text-slate-900"
             >{org.billingPlanDisplayName ?? "-"}</span
           >
         </div>
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >Billing Customer ID</span
           >
           <span
-            class="text-sm text-slate-900 dark:text-slate-100 font-mono text-xs"
+            class="text-sm text-slate-900 font-mono text-xs"
             >{org.billingCustomerId ?? "-"}</span
           >
         </div>
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >Custom Domain</span
           >
-          <span class="text-sm text-slate-900 dark:text-slate-100"
+          <span class="text-sm text-slate-900"
             >{org.customDomain ?? "None"}</span
           >
         </div>
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >Created</span
           >
-          <span class="text-sm text-slate-900 dark:text-slate-100">
+          <span class="text-sm text-slate-900">
             {org.createdOn
               ? new Date(org.createdOn).toLocaleDateString()
               : "-"}
@@ -254,10 +254,10 @@
         </div>
         <div class="flex flex-col">
           <span
-            class="text-[11px] text-slate-500 dark:text-slate-400 uppercase tracking-wider"
+            class="text-[11px] text-slate-500 uppercase tracking-wider"
             >Projects</span
           >
-          <span class="text-sm text-slate-900 dark:text-slate-100">
+          <span class="text-sm text-slate-900">
             {#if $projectsQuery.isFetching}
               <span class="text-slate-400">Loading...</span>
             {:else if $projectsQuery.data?.projects}
@@ -273,28 +273,28 @@
     <!-- Projects list -->
     {#if $projectsQuery.data?.projects?.length}
       <section
-        class="p-5 rounded-lg border border-slate-200 dark:border-slate-700"
+        class="p-5 rounded-lg border border-slate-200"
       >
         <h2
-          class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3"
+          class="text-sm font-semibold text-slate-900 mb-3"
         >
           Projects ({$projectsQuery.data.projects.length})
         </h2>
         <div class="flex flex-col gap-1">
           {#each $projectsQuery.data.projects as project}
             <div
-              class="flex items-center justify-between px-3 py-2 rounded bg-slate-50 dark:bg-slate-800"
+              class="flex items-center justify-between px-3 py-2 rounded bg-slate-50"
             >
               <a
                 href={`/${org.name}/${project.name}`}
                 target="_blank"
-                class="text-sm text-blue-600 dark:text-blue-400 hover:underline"
+                class="text-sm text-blue-600 hover:underline"
               >
                 {project.name}
               </a>
               <div class="flex gap-2">
                 <button
-                  class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 disabled:opacity-50 disabled:cursor-not-allowed"
+                  class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100 disabled:opacity-50 disabled:cursor-not-allowed"
                   disabled={actionInProgress ===
                     `hibernate:${project.name}`}
                   on:click={() =>
@@ -305,7 +305,7 @@
                     : "Hibernate"}
                 </button>
                 <button
-                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20 disabled:opacity-50 disabled:cursor-not-allowed"
+                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 disabled:opacity-50 disabled:cursor-not-allowed"
                   disabled={actionInProgress ===
                     `redeploy:${project.name}`}
                   on:click={() =>
@@ -328,14 +328,14 @@
         <div
           class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
         />
-        <span class="text-sm text-slate-500 dark:text-slate-400">Loading members...</span>
+        <span class="text-sm text-slate-500">Loading members...</span>
       </div>
     {:else if $membersQuery.data?.members?.length}
       <section
-        class="p-5 rounded-lg border border-slate-200 dark:border-slate-700"
+        class="p-5 rounded-lg border border-slate-200"
       >
         <h2
-          class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3"
+          class="text-sm font-semibold text-slate-900 mb-3"
         >
           Members ({$membersQuery.data.members.length})
         </h2>
@@ -343,12 +343,12 @@
           <thead>
             <tr>
               <th
-                class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+                class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
               >
                 Email
               </th>
               <th
-                class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+                class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
               >
                 Role
               </th>
@@ -358,12 +358,12 @@
             {#each $membersQuery.data.members as member}
               <tr>
                 <td
-                  class="px-4 py-2 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 font-mono text-xs"
+                  class="px-4 py-2 text-sm text-slate-700 border-b border-slate-100 font-mono text-xs"
                 >
                   {member.userEmail}
                 </td>
                 <td
-                  class="px-4 py-2 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800"
+                  class="px-4 py-2 text-sm text-slate-700 border-b border-slate-100"
                 >
                   {member.roleName}
                 </td>
diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
index ae4a3874847..8a5858933f7 100644
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -86,22 +86,22 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500 dark:text-slate-400">Searching projects...</span>
+    <span class="text-sm text-slate-500">Searching projects...</span>
   </div>
 {:else if $projectsQuery.data?.names?.length}
-  <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
+  <p class="text-xs text-slate-500 mb-2">
     {$projectsQuery.data.names.length} result{$projectsQuery.data.names.length === 1 ? "" : "s"}
   </p>
   <table class="w-full">
     <thead>
       <tr>
         <th
-          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
         >
           Project
         </th>
         <th
-          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
         >
           Actions
         </th>
@@ -111,30 +111,30 @@
       {#each $projectsQuery.data.names as name}
         <tr class="group">
           <td
-            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50 font-mono text-xs"
+            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50 font-mono text-xs"
           >
             {name}
           </td>
           <td
-            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 group-hover:bg-slate-50 dark:group-hover:bg-slate-800/50"
+            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50"
           >
             <div class="flex gap-2">
               <a
                 href={`/${name}`}
                 target="_blank"
-                class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700"
+                class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100"
               >
                 View
               </a>
               <button
-                class="text-xs px-2 py-1 rounded border border-slate-300 dark:border-slate-600 text-slate-600 dark:text-slate-300 hover:bg-slate-100 dark:hover:bg-slate-700 disabled:opacity-50 disabled:cursor-not-allowed"
+                class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100 disabled:opacity-50 disabled:cursor-not-allowed"
                 disabled={actionInProgress === `hibernate:${name}`}
                 on:click={() => handleHibernate(name)}
               >
                 {actionInProgress === `hibernate:${name}` ? "Hibernating..." : "Hibernate"}
               </button>
               <button
-                class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400 dark:hover:bg-red-900/20 disabled:opacity-50 disabled:cursor-not-allowed"
+                class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 disabled:opacity-50 disabled:cursor-not-allowed"
                 disabled={actionInProgress === `redeploy:${name}`}
                 on:click={() => handleRedeploy(name)}
               >
@@ -147,9 +147,9 @@
     </tbody>
   </table>
 {:else if searchQuery.length >= 3 && $projectsQuery.isSuccess}
-  <p class="text-sm text-slate-500 dark:text-slate-400">No projects found for "{searchQuery}"</p>
+  <p class="text-sm text-slate-500">No projects found for "{searchQuery}"</p>
 {:else if searchQuery.length < 3}
-  <p class="text-sm text-slate-400 dark:text-slate-500">
+  <p class="text-sm text-slate-400">
     Type at least 3 characters to search across all organizations.
   </p>
 {/if}
diff --git a/web-admin/src/routes/-/admin/quotas/+page.svelte b/web-admin/src/routes/-/admin/quotas/+page.svelte
index 4d372ce7db9..e72589ea66c 100644
--- a/web-admin/src/routes/-/admin/quotas/+page.svelte
+++ b/web-admin/src/routes/-/admin/quotas/+page.svelte
@@ -74,7 +74,7 @@
 />
 
 <div class="flex flex-col gap-6">
-  <section class="p-5 rounded-lg border border-slate-200 dark:border-slate-700">
+  <section class="p-5 rounded-lg border border-slate-200">
     <div class="flex gap-3 items-center flex-wrap mb-4">
       <div class="w-64">
         <OrgSearchInput
@@ -90,79 +90,79 @@
         <div
           class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
         />
-        <span class="text-sm text-slate-500 dark:text-slate-400">Loading quotas...</span>
+        <span class="text-sm text-slate-500">Loading quotas...</span>
       </div>
     {:else if activeOrg && $orgQuery.data?.organization}
       <div class="grid grid-cols-2 lg:grid-cols-3 gap-4">
         <div class="flex flex-col gap-1">
           <label
-            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            class="text-xs font-medium text-slate-500"
             for="projects">Projects</label
           >
           <input
             id="projects"
             type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
             bind:value={projects}
           />
         </div>
         <div class="flex flex-col gap-1">
           <label
-            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            class="text-xs font-medium text-slate-500"
             for="deployments">Deployments</label
           >
           <input
             id="deployments"
             type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
             bind:value={deployments}
           />
         </div>
         <div class="flex flex-col gap-1">
           <label
-            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            class="text-xs font-medium text-slate-500"
             for="slotsTotal">Total Slots</label
           >
           <input
             id="slotsTotal"
             type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
             bind:value={slotsTotal}
           />
         </div>
         <div class="flex flex-col gap-1">
           <label
-            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            class="text-xs font-medium text-slate-500"
             for="slotsPerDeployment">Slots per Deployment</label
           >
           <input
             id="slotsPerDeployment"
             type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
             bind:value={slotsPerDeployment}
           />
         </div>
         <div class="flex flex-col gap-1">
           <label
-            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            class="text-xs font-medium text-slate-500"
             for="outstandingInvites">Outstanding Invites</label
           >
           <input
             id="outstandingInvites"
             type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
             bind:value={outstandingInvites}
           />
         </div>
         <div class="flex flex-col gap-1">
           <label
-            class="text-xs font-medium text-slate-500 dark:text-slate-400"
+            class="text-xs font-medium text-slate-500"
             for="storageLimitBytes">Storage Limit (bytes)</label
           >
           <input
             id="storageLimitBytes"
             type="text"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
             bind:value={storageLimitBytes}
           />
         </div>
diff --git a/web-admin/src/routes/-/admin/superusers/+page.svelte b/web-admin/src/routes/-/admin/superusers/+page.svelte
index ae422d1553a..8847396ae8a 100644
--- a/web-admin/src/routes/-/admin/superusers/+page.svelte
+++ b/web-admin/src/routes/-/admin/superusers/+page.svelte
@@ -67,14 +67,14 @@
   description="Manage who has superuser (super admin) access across all of Rill Cloud."
 />
 
-<div class="p-5 rounded-lg border border-slate-200 dark:border-slate-700 mb-6">
-  <h2 class="text-sm font-semibold text-slate-900 dark:text-slate-100 mb-3">
+<div class="p-5 rounded-lg border border-slate-200 mb-6">
+  <h2 class="text-sm font-semibold text-slate-900 mb-3">
     Add Superuser
   </h2>
   <div class="flex gap-3 items-center flex-wrap">
     <input
       type="email"
-      class="px-3 py-2 text-sm rounded-md border border-slate-300 dark:border-slate-600 bg-white dark:bg-slate-800 text-slate-900 dark:text-slate-100 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
+      class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
       placeholder="Email address"
       bind:value={newEmail}
       on:keydown={(e) => e.key === "Enter" && handleAdd()}
@@ -101,27 +101,27 @@
     <div
       class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
     />
-    <span class="text-sm text-slate-500 dark:text-slate-400">Loading superusers...</span>
+    <span class="text-sm text-slate-500">Loading superusers...</span>
   </div>
 {:else if $superusersQuery.data?.users?.length}
-  <p class="text-xs text-slate-500 dark:text-slate-400 mb-2">
+  <p class="text-xs text-slate-500 mb-2">
     {$superusersQuery.data.users.length} superuser{$superusersQuery.data.users.length === 1 ? "" : "s"}
   </p>
   <table class="w-full">
     <thead>
       <tr>
         <th
-          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
         >
           Email
         </th>
         <th
-          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
         >
           Display Name
         </th>
         <th
-          class="text-left text-xs font-medium text-slate-500 dark:text-slate-400 uppercase tracking-wider px-4 py-2 border-b border-slate-200 dark:border-slate-700"
+          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
         >
           Actions
         </th>
@@ -131,20 +131,20 @@
       {#each $superusersQuery.data.users as user}
         <tr>
           <td
-            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800 font-mono text-xs"
+            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 font-mono text-xs"
           >
             {user.email}
           </td>
           <td
-            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800"
+            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100"
           >
             {user.displayName ?? "-"}
           </td>
           <td
-            class="px-4 py-3 text-sm text-slate-700 dark:text-slate-300 border-b border-slate-100 dark:border-slate-800"
+            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100"
           >
             <button
-              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 dark:border-red-700 dark:text-red-400"
+              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50"
               on:click={() => handleRemove(user.email ?? "")}
             >
               Remove

From 11d3911fc4ed51f618a50de08be843cb9fc157d5 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Mon, 23 Mar 2026 09:27:51 -0700
Subject: [PATCH 31/35] fix(admin-console): remove billing customer ID and
 repair sections, add Change Slots to projects

- Billing page: remove "Set Billing Customer ID" and "Billing Repair" sections per team feedback (too niche for GUI)
- Projects page: add inline "Change Slots" action to set prod deployment slots via `UpdateProject` API

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../src/features/admin/billing/selectors.ts   |  10 --
 .../src/routes/-/admin/billing/+page.svelte   | 125 +-----------------
 .../src/routes/-/admin/projects/+page.svelte  | 102 ++++++++++++--
 3 files changed, 97 insertions(+), 140 deletions(-)

diff --git a/web-admin/src/features/admin/billing/selectors.ts b/web-admin/src/features/admin/billing/selectors.ts
index 34effd26dca..1d20137d26d 100644
--- a/web-admin/src/features/admin/billing/selectors.ts
+++ b/web-admin/src/features/admin/billing/selectors.ts
@@ -2,9 +2,7 @@
 import {
   adminServiceGetPaymentsPortalURL,
   createAdminServiceSudoExtendTrial,
-  createAdminServiceSudoTriggerBillingRepair,
   createAdminServiceSudoDeleteOrganizationBillingIssue,
-  createAdminServiceSudoUpdateOrganizationBillingCustomer,
   createAdminServiceListOrganizationBillingIssues,
 } from "@rilldata/web-admin/client";
 
@@ -20,18 +18,10 @@ export function createExtendTrialMutation() {
   return createAdminServiceSudoExtendTrial();
 }
 
-export function createBillingRepairMutation() {
-  return createAdminServiceSudoTriggerBillingRepair();
-}
-
 export function createDeleteBillingIssueMutation() {
   return createAdminServiceSudoDeleteOrganizationBillingIssue();
 }
 
-export function createSetBillingCustomerMutation() {
-  return createAdminServiceSudoUpdateOrganizationBillingCustomer();
-}
-
 export function getBillingIssues(org: string) {
   return createAdminServiceListOrganizationBillingIssues(
     org,
diff --git a/web-admin/src/routes/-/admin/billing/+page.svelte b/web-admin/src/routes/-/admin/billing/+page.svelte
index 3d5a3f4e619..caf099d99e9 100644
--- a/web-admin/src/routes/-/admin/billing/+page.svelte
+++ b/web-admin/src/routes/-/admin/billing/+page.svelte
@@ -1,6 +1,5 @@
 <script lang="ts">
   import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
   import {
     notifySuccess,
     notifyError,
@@ -10,38 +9,27 @@
   import {
     getBillingSetupURL,
     createExtendTrialMutation,
-    createBillingRepairMutation,
     createDeleteBillingIssueMutation,
-    createSetBillingCustomerMutation,
     getBillingIssues,
   } from "@rilldata/web-admin/features/admin/billing/selectors";
   import { useQueryClient } from "@tanstack/svelte-query";
 
-  let confirmOpen = false;
-  let confirmTitle = "";
-  let confirmDescription = "";
-  let confirmAction: () => Promise<void> = async () => {};
-
   // Billing Setup state
   let setupOrg = "";
   let setupLoading = false;
   let setupUrl = "";
 
-  // Form state
+  // Extend Trial state
   let trialOrg = "";
   let trialDays = 14;
   let trialLoading = false;
-  let repairOrg = "";
-  let customerIdOrg = "";
-  let customerId = "";
-  let customerIdLoading = false;
+
+  // Billing Issues state
   let issuesOrg = "";
 
   const queryClient = useQueryClient();
   const extendTrial = createExtendTrialMutation();
-  const billingRepair = createBillingRepairMutation();
   const deleteBillingIssue = createDeleteBillingIssueMutation();
-  const setCustomer = createSetBillingCustomerMutation();
 
   $: billingIssuesQuery = getBillingIssues(issuesOrg);
 
@@ -82,41 +70,6 @@
     }
   }
 
-  async function handleBillingRepair() {
-    if (!repairOrg) return;
-    confirmTitle = "Trigger Billing Repair";
-    confirmDescription = `This will trigger a billing repair for organization "${repairOrg}". This recalculates billing state.`;
-    confirmAction = async () => {
-      try {
-        await $billingRepair.mutateAsync({ data: { org: repairOrg } });
-        notifySuccess( `Billing repair triggered for ${repairOrg}`);
-        repairOrg = "";
-      } catch (err) {
-        notifyError( `Failed to trigger billing repair: ${err}`);
-      }
-    };
-    confirmOpen = true;
-  }
-
-  async function handleSetCustomerId() {
-    if (!customerIdOrg || !customerId) return;
-    customerIdLoading = true;
-    try {
-      await $setCustomer.mutateAsync({
-        data: { org: customerIdOrg, billingCustomerId: customerId },
-      });
-      notifySuccess(
-        `Billing customer ID set for ${customerIdOrg}`,
-      );
-      customerIdOrg = "";
-      customerId = "";
-    } catch (err) {
-      notifyError( `Failed to set billing customer ID: ${err}`);
-    } finally {
-      customerIdLoading = false;
-    }
-  }
-
   async function handleDeleteIssue(org: string, type: V1BillingIssueType) {
     try {
       await $deleteBillingIssue.mutateAsync({ org, type });
@@ -134,7 +87,7 @@
 
 <AdminPageHeader
   title="Billing"
-  description="Generate billing setup links, extend trials, repair billing state, and manage billing issues."
+  description="Generate billing setup links, extend trials, and manage billing issues."
 />
 
 <div class="flex flex-col gap-6 pb-12">
@@ -240,69 +193,6 @@
     </div>
   </section>
 
-  <!-- Set Billing Customer ID -->
-  <section class="p-5 rounded-lg border border-slate-200">
-    <h2 class="text-sm font-semibold text-slate-900 mb-1">
-      Set Billing Customer ID
-    </h2>
-    <p class="text-xs text-slate-500 mb-4">
-      Associate a Stripe customer ID with an organization.
-    </p>
-    <div class="flex gap-3 items-center flex-wrap">
-      <div class="w-64">
-        <OrgSearchInput
-          bind:value={customerIdOrg}
-          placeholder="Search organization..."
-        />
-      </div>
-      <input
-        type="text"
-        class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
-        placeholder="Stripe customer ID (cus_...)"
-        bind:value={customerId}
-      />
-      <button
-        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
-        on:click={handleSetCustomerId}
-        disabled={customerIdLoading || !customerIdOrg || !customerId}
-      >
-        {#if customerIdLoading}
-          <span
-            class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
-          />
-          Setting...
-        {:else}
-          Set Customer ID
-        {/if}
-      </button>
-    </div>
-  </section>
-
-  <!-- Billing Repair -->
-  <section class="p-5 rounded-lg border border-slate-200">
-    <h2 class="text-sm font-semibold text-slate-900 mb-1">
-      Billing Repair
-    </h2>
-    <p class="text-xs text-slate-500 mb-4">
-      Trigger a billing state recalculation for an organization.
-    </p>
-    <div class="flex gap-3 items-center flex-wrap">
-      <div class="w-64">
-        <OrgSearchInput
-          bind:value={repairOrg}
-          placeholder="Search organization..."
-        />
-      </div>
-      <button
-        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
-        on:click={handleBillingRepair}
-        disabled={!repairOrg}
-      >
-        Trigger Repair
-      </button>
-    </div>
-  </section>
-
   <!-- Billing Issues -->
   <section class="p-5 rounded-lg border border-slate-200">
     <h2 class="text-sm font-semibold text-slate-900 mb-1">
@@ -355,10 +245,3 @@
     {/if}
   </section>
 </div>
-
-<ConfirmDialog
-  bind:open={confirmOpen}
-  title={confirmTitle}
-  description={confirmDescription}
-  onConfirm={confirmAction}
-/>
diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
index 8a5858933f7..914dad9150d 100644
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -9,6 +9,7 @@
   import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
   import {
     searchProjects,
+    createUpdateProjectMutation,
     createRedeployProjectMutation,
     createHibernateProjectMutation,
   } from "@rilldata/web-admin/features/admin/projects/selectors";
@@ -21,6 +22,11 @@
   let confirmAction: () => Promise<void> = async () => {};
   let actionInProgress = "";
 
+  // Change Slots inline edit state
+  let slotsEditProject = "";
+  let slotsValue = "";
+
+  const updateProject = createUpdateProjectMutation();
   const redeployProject = createRedeployProjectMutation();
   const hibernateProject = createHibernateProjectMutation();
 
@@ -30,6 +36,35 @@
     searchQuery = e.detail;
   }
 
+  function handleChangeSlots(name: string) {
+    slotsEditProject = name;
+    slotsValue = "";
+  }
+
+  async function handleSaveSlots(name: string) {
+    const slots = parseInt(slotsValue, 10);
+    if (!slots || slots < 1) {
+      notifyError("Prod slots must be a positive integer");
+      return;
+    }
+    const [org, project] = name.split("/");
+    actionInProgress = `slots:${name}`;
+    try {
+      await $updateProject.mutateAsync({
+        org,
+        project,
+        data: { prodSlots: String(slots), superuserForceAccess: true },
+      });
+      notifySuccess(`Prod slots for ${name} set to ${slots}`);
+      slotsEditProject = "";
+      slotsValue = "";
+    } catch (err) {
+      notifyError(`Failed to update slots: ${err}`);
+    } finally {
+      actionInProgress = "";
+    }
+  }
+
   function handleHibernate(name: string) {
     const [org, project] = name.split("/");
     confirmTitle = "Hibernate Project";
@@ -39,9 +74,9 @@
       actionInProgress = `hibernate:${name}`;
       try {
         await $hibernateProject.mutateAsync({ org, project });
-        notifySuccess( `Project ${name} hibernated`);
+        notifySuccess(`Project ${name} hibernated`);
       } catch (err) {
-        notifyError( `Failed: ${err}`);
+        notifyError(`Failed: ${err}`);
       } finally {
         actionInProgress = "";
       }
@@ -58,9 +93,9 @@
       actionInProgress = `redeploy:${name}`;
       try {
         await $redeployProject.mutateAsync({ org, project });
-        notifySuccess( `Project ${name} redeployed`);
+        notifySuccess(`Project ${name} redeployed`);
       } catch (err) {
-        notifyError( `Failed: ${err}`);
+        notifyError(`Failed: ${err}`);
       } finally {
         actionInProgress = "";
       }
@@ -71,7 +106,7 @@
 
 <AdminPageHeader
   title="Projects"
-  description="Search projects across all organizations by name pattern."
+  description="Search projects across all organizations. Change prod slots, hibernate, or redeploy."
 />
 
 <div class="mb-4 max-w-md">
@@ -90,7 +125,10 @@
   </div>
 {:else if $projectsQuery.data?.names?.length}
   <p class="text-xs text-slate-500 mb-2">
-    {$projectsQuery.data.names.length} result{$projectsQuery.data.names.length === 1 ? "" : "s"}
+    {$projectsQuery.data.names.length} result{$projectsQuery.data.names
+      .length === 1
+      ? ""
+      : "s"}
   </p>
   <table class="w-full">
     <thead>
@@ -118,7 +156,7 @@
           <td
             class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50"
           >
-            <div class="flex gap-2">
+            <div class="flex gap-2 items-center">
               <a
                 href={`/${name}`}
                 target="_blank"
@@ -126,19 +164,65 @@
               >
                 View
               </a>
+              {#if slotsEditProject === name}
+                <input
+                  type="number"
+                  class="w-16 px-2 py-1 text-xs rounded border border-blue-400 bg-white text-slate-900 focus:outline-none focus:ring-1 focus:ring-blue-500"
+                  placeholder="slots"
+                  min="1"
+                  bind:value={slotsValue}
+                  on:keydown={(e) => {
+                    if (e.key === "Enter") handleSaveSlots(name);
+                    if (e.key === "Escape") {
+                      slotsEditProject = "";
+                      slotsValue = "";
+                    }
+                  }}
+                />
+                <button
+                  class="text-xs px-2 py-1 rounded border border-blue-400 text-blue-600 hover:bg-blue-50 disabled:opacity-50 disabled:cursor-not-allowed"
+                  disabled={actionInProgress === `slots:${name}` ||
+                    !slotsValue}
+                  on:click={() => handleSaveSlots(name)}
+                >
+                  {actionInProgress === `slots:${name}`
+                    ? "Saving..."
+                    : "Save"}
+                </button>
+                <button
+                  class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-500 hover:bg-slate-100"
+                  on:click={() => {
+                    slotsEditProject = "";
+                    slotsValue = "";
+                  }}
+                >
+                  Cancel
+                </button>
+              {:else}
+                <button
+                  class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100"
+                  on:click={() => handleChangeSlots(name)}
+                >
+                  Change Slots
+                </button>
+              {/if}
               <button
                 class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100 disabled:opacity-50 disabled:cursor-not-allowed"
                 disabled={actionInProgress === `hibernate:${name}`}
                 on:click={() => handleHibernate(name)}
               >
-                {actionInProgress === `hibernate:${name}` ? "Hibernating..." : "Hibernate"}
+                {actionInProgress === `hibernate:${name}`
+                  ? "Hibernating..."
+                  : "Hibernate"}
               </button>
               <button
                 class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 disabled:opacity-50 disabled:cursor-not-allowed"
                 disabled={actionInProgress === `redeploy:${name}`}
                 on:click={() => handleRedeploy(name)}
               >
-                {actionInProgress === `redeploy:${name}` ? "Redeploying..." : "Redeploy"}
+                {actionInProgress === `redeploy:${name}`
+                  ? "Redeploying..."
+                  : "Redeploy"}
               </button>
             </div>
           </td>

From 111099f49e642103a350446b71c113114cfb7b8c Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Mon, 23 Mar 2026 09:31:21 -0700
Subject: [PATCH 32/35] fix(admin-console): show current prod slots when
 editing

Fetch project details on "Change Slots" click to display current slot
count and pre-fill the input with the existing value.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../src/routes/-/admin/projects/+page.svelte  | 88 ++++++++++++-------
 1 file changed, 56 insertions(+), 32 deletions(-)

diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
index 914dad9150d..1960275bb92 100644
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -7,6 +7,7 @@
     notifyError,
   } from "@rilldata/web-admin/features/admin/shared/notify";
   import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
+  import { adminServiceGetProject } from "@rilldata/web-admin/client";
   import {
     searchProjects,
     createUpdateProjectMutation,
@@ -25,6 +26,8 @@
   // Change Slots inline edit state
   let slotsEditProject = "";
   let slotsValue = "";
+  let slotsCurrentValue = "";
+  let slotsLoading = false;
 
   const updateProject = createUpdateProjectMutation();
   const redeployProject = createRedeployProjectMutation();
@@ -36,9 +39,23 @@
     searchQuery = e.detail;
   }
 
-  function handleChangeSlots(name: string) {
+  async function handleChangeSlots(name: string) {
+    const [org, project] = name.split("/");
     slotsEditProject = name;
     slotsValue = "";
+    slotsCurrentValue = "";
+    slotsLoading = true;
+    try {
+      const resp = await adminServiceGetProject(org, project, {
+        superuserForceAccess: true,
+      });
+      slotsCurrentValue = resp.project?.prodSlots ?? "";
+      slotsValue = slotsCurrentValue;
+    } catch {
+      slotsCurrentValue = "?";
+    } finally {
+      slotsLoading = false;
+    }
   }
 
   async function handleSaveSlots(name: string) {
@@ -165,39 +182,46 @@
                 View
               </a>
               {#if slotsEditProject === name}
-                <input
-                  type="number"
-                  class="w-16 px-2 py-1 text-xs rounded border border-blue-400 bg-white text-slate-900 focus:outline-none focus:ring-1 focus:ring-blue-500"
-                  placeholder="slots"
-                  min="1"
-                  bind:value={slotsValue}
-                  on:keydown={(e) => {
-                    if (e.key === "Enter") handleSaveSlots(name);
-                    if (e.key === "Escape") {
+                {#if slotsLoading}
+                  <span class="text-xs text-slate-400">Loading...</span>
+                {:else}
+                  <span class="text-xs text-slate-500"
+                    >Current: {slotsCurrentValue}</span
+                  >
+                  <input
+                    type="number"
+                    class="w-16 px-2 py-1 text-xs rounded border border-blue-400 bg-white text-slate-900 focus:outline-none focus:ring-1 focus:ring-blue-500"
+                    placeholder="slots"
+                    min="1"
+                    bind:value={slotsValue}
+                    on:keydown={(e) => {
+                      if (e.key === "Enter") handleSaveSlots(name);
+                      if (e.key === "Escape") {
+                        slotsEditProject = "";
+                        slotsValue = "";
+                      }
+                    }}
+                  />
+                  <button
+                    class="text-xs px-2 py-1 rounded border border-blue-400 text-blue-600 hover:bg-blue-50 disabled:opacity-50 disabled:cursor-not-allowed"
+                    disabled={actionInProgress === `slots:${name}` ||
+                      !slotsValue}
+                    on:click={() => handleSaveSlots(name)}
+                  >
+                    {actionInProgress === `slots:${name}`
+                      ? "Saving..."
+                      : "Save"}
+                  </button>
+                  <button
+                    class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-500 hover:bg-slate-100"
+                    on:click={() => {
                       slotsEditProject = "";
                       slotsValue = "";
-                    }
-                  }}
-                />
-                <button
-                  class="text-xs px-2 py-1 rounded border border-blue-400 text-blue-600 hover:bg-blue-50 disabled:opacity-50 disabled:cursor-not-allowed"
-                  disabled={actionInProgress === `slots:${name}` ||
-                    !slotsValue}
-                  on:click={() => handleSaveSlots(name)}
-                >
-                  {actionInProgress === `slots:${name}`
-                    ? "Saving..."
-                    : "Save"}
-                </button>
-                <button
-                  class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-500 hover:bg-slate-100"
-                  on:click={() => {
-                    slotsEditProject = "";
-                    slotsValue = "";
-                  }}
-                >
-                  Cancel
-                </button>
+                    }}
+                  >
+                    Cancel
+                  </button>
+                {/if}
               {:else}
                 <button
                   class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100"

From ce3b7f469c7a3166244329fed2fd1cb9bd99e06b Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Mon, 23 Mar 2026 09:49:53 -0700
Subject: [PATCH 33/35] fix(admin-console): add "New:" label before slots input

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 web-admin/src/routes/-/admin/projects/+page.svelte | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
index 1960275bb92..ce239fc3108 100644
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ b/web-admin/src/routes/-/admin/projects/+page.svelte
@@ -188,6 +188,7 @@
                   <span class="text-xs text-slate-500"
                     >Current: {slotsCurrentValue}</span
                   >
+                  <span class="text-xs text-slate-500">New:</span>
                   <input
                     type="number"
                     class="w-16 px-2 py-1 text-xs rounded border border-blue-400 bg-white text-slate-900 focus:outline-none focus:ring-1 focus:ring-blue-500"

From e78e6b679d65f64341bb95a79e071cf25aa039b2 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Tue, 24 Mar 2026 12:31:30 -0700
Subject: [PATCH 34/35] refactor(superuser-console): address code review
 feedback

- Replace custom `ConfirmDialog` with existing `AlertDialog` component set
- Replace raw `<button>` elements with `Button` component throughout
- Replace custom `AdminSidebar` with `LeftNav`/`LeftNavItem` components
- Rename "admin" to "superuser" consistently: routes, directories, sidebar title
- Replace `OrgSearchInput`/`UserSearchInput` with shared `OrgPicker` component
- Remove duplicate `notify.ts` wrappers; use `eventBus.emit` directly
- Inline duplicated `appendPath` utility
- Gate `ListSuperusers` call in `AvatarButton` with `staleTime: Infinity` and `retry: false`
- Enforce minimum 14px font size (`text-sm`) across all pages
- Add delete organization action with confirmation dialog
- Use semantic design tokens instead of hardcoded slate/blue/red colors

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../features/admin/layout/AdminSidebar.svelte |  68 ----
 .../admin/shared/ConfirmDialog.svelte         |  71 ----
 .../admin/shared/OrgSearchInput.svelte        |  92 -----
 .../admin/shared/UserSearchInput.svelte       |  81 ----
 web-admin/src/features/admin/shared/notify.ts |   9 -
 .../authentication/AvatarButton.svelte        |  14 +-
 .../{admin => superuser}/billing/selectors.ts |   2 +-
 .../layout/SuperuserPageHeader.svelte}        |   4 +-
 .../superuser/layout/SuperuserSidebar.svelte  |  51 +++
 .../organizations/selectors.ts                |   7 +-
 .../projects/selectors.ts                     |   2 +-
 .../{admin => superuser}/quotas/selectors.ts  |   2 +-
 .../superuser/shared/OrgPicker.svelte         |  67 +++
 .../shared/SearchInput.svelte                 |   9 +-
 .../users/RepresentingBanner.svelte           |   9 +-
 .../users/assume-state.ts                     |  12 +-
 .../{admin => superuser}/users/selectors.ts   |   1 -
 web-admin/src/routes/+layout.svelte           |   2 +-
 web-admin/src/routes/-/admin/+layout.svelte   |  14 -
 web-admin/src/routes/-/admin/+page.svelte     | 207 ----------
 .../src/routes/-/admin/billing/+page.svelte   | 247 -----------
 .../routes/-/admin/organizations/+page.svelte | 385 ------------------
 .../src/routes/-/admin/projects/+page.svelte  | 272 -------------
 .../src/routes/-/admin/quotas/+page.svelte    | 181 --------
 .../routes/-/admin/superusers/+page.svelte    | 165 --------
 .../src/routes/-/superuser/+layout.svelte     |  14 +
 .../routes/-/{admin => superuser}/+layout.ts  |   2 +-
 web-admin/src/routes/-/superuser/+page.svelte | 182 +++++++++
 .../routes/-/superuser/billing/+page.svelte   | 252 ++++++++++++
 .../-/superuser/organizations/+page.svelte    | 244 +++++++++++
 .../routes/-/superuser/projects/+page.svelte  | 269 ++++++++++++
 .../routes/-/superuser/quotas/+page.svelte    | 150 +++++++
 .../-/superuser/superusers/+page.svelte       | 148 +++++++
 33 files changed, 1410 insertions(+), 1825 deletions(-)
 delete mode 100644 web-admin/src/features/admin/layout/AdminSidebar.svelte
 delete mode 100644 web-admin/src/features/admin/shared/ConfirmDialog.svelte
 delete mode 100644 web-admin/src/features/admin/shared/OrgSearchInput.svelte
 delete mode 100644 web-admin/src/features/admin/shared/UserSearchInput.svelte
 delete mode 100644 web-admin/src/features/admin/shared/notify.ts
 rename web-admin/src/features/{admin => superuser}/billing/selectors.ts (92%)
 rename web-admin/src/features/{admin/layout/AdminPageHeader.svelte => superuser/layout/SuperuserPageHeader.svelte} (66%)
 create mode 100644 web-admin/src/features/superuser/layout/SuperuserSidebar.svelte
 rename web-admin/src/features/{admin => superuser}/organizations/selectors.ts (84%)
 rename web-admin/src/features/{admin => superuser}/projects/selectors.ts (92%)
 rename web-admin/src/features/{admin => superuser}/quotas/selectors.ts (86%)
 create mode 100644 web-admin/src/features/superuser/shared/OrgPicker.svelte
 rename web-admin/src/features/{admin => superuser}/shared/SearchInput.svelte (63%)
 rename web-admin/src/features/{admin => superuser}/users/RepresentingBanner.svelte (81%)
 rename web-admin/src/features/{admin => superuser}/users/assume-state.ts (82%)
 rename web-admin/src/features/{admin => superuser}/users/selectors.ts (88%)
 delete mode 100644 web-admin/src/routes/-/admin/+layout.svelte
 delete mode 100644 web-admin/src/routes/-/admin/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/billing/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/organizations/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/projects/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/quotas/+page.svelte
 delete mode 100644 web-admin/src/routes/-/admin/superusers/+page.svelte
 create mode 100644 web-admin/src/routes/-/superuser/+layout.svelte
 rename web-admin/src/routes/-/{admin => superuser}/+layout.ts (96%)
 create mode 100644 web-admin/src/routes/-/superuser/+page.svelte
 create mode 100644 web-admin/src/routes/-/superuser/billing/+page.svelte
 create mode 100644 web-admin/src/routes/-/superuser/organizations/+page.svelte
 create mode 100644 web-admin/src/routes/-/superuser/projects/+page.svelte
 create mode 100644 web-admin/src/routes/-/superuser/quotas/+page.svelte
 create mode 100644 web-admin/src/routes/-/superuser/superusers/+page.svelte

diff --git a/web-admin/src/features/admin/layout/AdminSidebar.svelte b/web-admin/src/features/admin/layout/AdminSidebar.svelte
deleted file mode 100644
index 2de43af91ee..00000000000
--- a/web-admin/src/features/admin/layout/AdminSidebar.svelte
+++ /dev/null
@@ -1,68 +0,0 @@
-<!-- web-admin/src/features/admin/layout/AdminSidebar.svelte -->
-<script lang="ts">
-  import { page } from "$app/stores";
-
-  const navGroups = [
-    {
-      heading: "People",
-      items: [
-        { label: "Users", href: "/-/admin" },
-        { label: "Superusers", href: "/-/admin/superusers" },
-      ],
-    },
-    {
-      heading: "Billing & Plans",
-      items: [
-        { label: "Billing", href: "/-/admin/billing" },
-        { label: "Quotas", href: "/-/admin/quotas" },
-      ],
-    },
-    {
-      heading: "Resources",
-      items: [
-        { label: "Organizations", href: "/-/admin/organizations" },
-        { label: "Projects", href: "/-/admin/projects" },
-      ],
-    },
-  ];
-
-  function isActive(href: string, pathname: string): boolean {
-    if (href === "/-/admin") return pathname === "/-/admin";
-    return pathname.startsWith(href);
-  }
-</script>
-
-<nav
-  class="w-56 flex-shrink-0 border-r border-slate-200 bg-slate-50 flex flex-col h-full"
->
-  <div class="px-4 py-4 border-b border-slate-200">
-    <span class="text-sm font-semibold text-slate-900">
-      Admin Console
-    </span>
-  </div>
-
-  <div class="flex-1 overflow-y-auto py-3 px-3">
-    {#each navGroups as group}
-      <div class="mb-4">
-        <span
-          class="text-[11px] font-semibold uppercase tracking-wider text-slate-400 px-2 mb-1 block"
-        >
-          {group.heading}
-        </span>
-        {#each group.items as item}
-          <a
-            href={item.href}
-            class="block px-2 py-1.5 text-sm rounded-md transition-colors {isActive(
-              item.href,
-              $page.url.pathname,
-            )
-              ? 'bg-slate-100 text-slate-900 font-medium'
-              : 'text-slate-600 hover:bg-slate-100'}"
-          >
-            {item.label}
-          </a>
-        {/each}
-      </div>
-    {/each}
-  </div>
-</nav>
diff --git a/web-admin/src/features/admin/shared/ConfirmDialog.svelte b/web-admin/src/features/admin/shared/ConfirmDialog.svelte
deleted file mode 100644
index 50a8b869dbd..00000000000
--- a/web-admin/src/features/admin/shared/ConfirmDialog.svelte
+++ /dev/null
@@ -1,71 +0,0 @@
-<!-- web-admin/src/features/admin/shared/ConfirmDialog.svelte -->
-<script lang="ts">
-  export let open = false;
-  export let title: string;
-  export let description: string = "";
-  export let confirmLabel: string = "Confirm";
-  export let cancelLabel: string = "Cancel";
-  export let destructive: boolean = false;
-
-  let loading = false;
-
-  async function handleConfirm() {
-    loading = true;
-    try {
-      await onConfirm();
-      open = false;
-    } catch {
-      // Error handling is the caller's responsibility (via notifyError in onConfirm).
-      // Keep dialog open so the user can retry or cancel.
-    } finally {
-      loading = false;
-    }
-  }
-
-  function handleCancel() {
-    open = false;
-  }
-
-  export let onConfirm: () => void | Promise<void>;
-</script>
-
-{#if open}
-  <!-- svelte-ignore a11y-click-events-have-key-events -->
-  <!-- svelte-ignore a11y-no-static-element-interactions -->
-  <div
-    class="fixed inset-0 bg-black/50 flex items-center justify-center z-50"
-    on:click={handleCancel}
-  >
-    <div
-      class="bg-slate-50 rounded-lg p-6 max-w-md w-full mx-4 shadow-xl"
-      on:click|stopPropagation
-    >
-      <h2 class="text-lg font-semibold text-slate-900">
-        {title}
-      </h2>
-      {#if description}
-        <p class="text-sm text-slate-500 mt-2">
-          {description}
-        </p>
-      {/if}
-      <div class="flex justify-end gap-3 mt-6">
-        <button
-          class="px-4 py-2 text-sm rounded-md border border-slate-300 text-slate-700 hover:bg-slate-50 disabled:opacity-50 disabled:cursor-not-allowed"
-          on:click={handleCancel}
-          disabled={loading}
-        >
-          {cancelLabel}
-        </button>
-        <button
-          class="px-4 py-2 text-sm rounded-md text-white disabled:opacity-50 disabled:cursor-not-allowed {destructive
-            ? 'bg-red-600 hover:bg-red-700'
-            : 'bg-blue-600 hover:bg-blue-700'}"
-          on:click={handleConfirm}
-          disabled={loading}
-        >
-          {#if loading}Working...{:else}{confirmLabel}{/if}
-        </button>
-      </div>
-    </div>
-  </div>
-{/if}
diff --git a/web-admin/src/features/admin/shared/OrgSearchInput.svelte b/web-admin/src/features/admin/shared/OrgSearchInput.svelte
deleted file mode 100644
index 3c55936d734..00000000000
--- a/web-admin/src/features/admin/shared/OrgSearchInput.svelte
+++ /dev/null
@@ -1,92 +0,0 @@
-<!-- Org name input with search dropdown powered by project name search -->
-<script lang="ts">
-  import { createEventDispatcher } from "svelte";
-  import { searchOrgNames } from "@rilldata/web-admin/features/admin/organizations/selectors";
-
-  export let value = "";
-  export let placeholder = "Organization name";
-
-  const dispatch = createEventDispatcher<{ select: string }>();
-
-  let showDropdown = false;
-  let justSelected = false;
-
-  $: orgSearchQuery = searchOrgNames(value);
-  $: orgNames = extractUniqueOrgs($orgSearchQuery.data?.names ?? []);
-
-  function extractUniqueOrgs(projectPaths: string[]): string[] {
-    const orgs = new Set<string>();
-    for (const path of projectPaths) {
-      const org = path.split("/")[0];
-      if (org) orgs.add(org);
-    }
-    return [...orgs].sort();
-  }
-
-  function selectOrg(org: string) {
-    value = org;
-    showDropdown = false;
-    justSelected = true;
-    dispatch("select", org);
-  }
-
-  function handleKeydown(e: KeyboardEvent) {
-    if (e.key === "Enter") {
-      showDropdown = false;
-      justSelected = true;
-      dispatch("select", value);
-    }
-  }
-
-  function handleInput() {
-    justSelected = false;
-    if (value.length >= 3) {
-      showDropdown = true;
-    } else {
-      showDropdown = false;
-    }
-  }
-
-  function handleBlur() {
-    // Delay to allow mousedown on dropdown items to fire first
-    setTimeout(() => {
-      showDropdown = false;
-    }, 150);
-  }
-
-  // When new results arrive, show dropdown only if user is actively typing
-  $: if (orgNames.length > 0 && value.length >= 3 && !justSelected) {
-    showDropdown = true;
-  }
-</script>
-
-<div class="relative">
-  <input
-    type="text"
-    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
-    {placeholder}
-    bind:value
-    on:keydown={handleKeydown}
-    on:input={handleInput}
-    on:blur={handleBlur}
-  />
-  {#if $orgSearchQuery.isFetching && value.length >= 3}
-    <div
-      class="absolute right-3 top-1/2 -translate-y-1/2 w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-    />
-  {/if}
-  {#if showDropdown && orgNames.length > 0}
-    <div
-      class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
-    >
-      {#each orgNames as org}
-        <button
-          class="w-full text-left px-3 py-2 text-sm text-slate-700 hover:bg-slate-100 cursor-pointer"
-          on:mousedown|preventDefault={() => selectOrg(org)}
-        >
-          {org}
-        </button>
-      {/each}
-    </div>
-  {/if}
-</div>
diff --git a/web-admin/src/features/admin/shared/UserSearchInput.svelte b/web-admin/src/features/admin/shared/UserSearchInput.svelte
deleted file mode 100644
index 2ad5c147cd7..00000000000
--- a/web-admin/src/features/admin/shared/UserSearchInput.svelte
+++ /dev/null
@@ -1,81 +0,0 @@
-<!-- User email input with search dropdown powered by user search -->
-<script lang="ts">
-  import { createEventDispatcher } from "svelte";
-  import { searchUsers } from "@rilldata/web-admin/features/admin/users/selectors";
-
-  export let value = "";
-  export let placeholder = "Search by email...";
-
-  const dispatch = createEventDispatcher<{ select: string }>();
-
-  let showDropdown = false;
-  let justSelected = false;
-
-  $: usersQuery = searchUsers(value);
-  $: emails = ($usersQuery.data?.users ?? []).map((u) => u.email ?? "").filter(Boolean);
-
-  function selectUser(email: string) {
-    value = email;
-    showDropdown = false;
-    justSelected = true;
-    dispatch("select", email);
-  }
-
-  function handleKeydown(e: KeyboardEvent) {
-    if (e.key === "Enter") {
-      showDropdown = false;
-      justSelected = true;
-      dispatch("select", value);
-    }
-  }
-
-  function handleInput() {
-    justSelected = false;
-    if (value.length >= 3) {
-      showDropdown = true;
-    } else {
-      showDropdown = false;
-    }
-  }
-
-  function handleBlur() {
-    setTimeout(() => {
-      showDropdown = false;
-    }, 150);
-  }
-
-  $: if (emails.length > 0 && value.length >= 3 && !justSelected) {
-    showDropdown = true;
-  }
-</script>
-
-<div class="relative">
-  <input
-    type="text"
-    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
-    {placeholder}
-    bind:value
-    on:keydown={handleKeydown}
-    on:input={handleInput}
-    on:blur={handleBlur}
-  />
-  {#if $usersQuery.isFetching && value.length >= 3}
-    <div
-      class="absolute right-3 top-1/2 -translate-y-1/2 w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-    />
-  {/if}
-  {#if showDropdown && emails.length > 0}
-    <div
-      class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
-    >
-      {#each emails as email}
-        <button
-          class="w-full text-left px-3 py-2 text-sm text-slate-700 hover:bg-slate-100 cursor-pointer"
-          on:mousedown|preventDefault={() => selectUser(email)}
-        >
-          {email}
-        </button>
-      {/each}
-    </div>
-  {/if}
-</div>
diff --git a/web-admin/src/features/admin/shared/notify.ts b/web-admin/src/features/admin/shared/notify.ts
deleted file mode 100644
index 515ed09b97b..00000000000
--- a/web-admin/src/features/admin/shared/notify.ts
+++ /dev/null
@@ -1,9 +0,0 @@
-import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
-
-export function notifySuccess(message: string) {
-  eventBus.emit("notification", { type: "success", message });
-}
-
-export function notifyError(message: string) {
-  eventBus.emit("notification", { type: "error", message });
-}
diff --git a/web-admin/src/features/authentication/AvatarButton.svelte b/web-admin/src/features/authentication/AvatarButton.svelte
index 5fe56042474..f7ca391bff8 100644
--- a/web-admin/src/features/authentication/AvatarButton.svelte
+++ b/web-admin/src/features/authentication/AvatarButton.svelte
@@ -31,7 +31,17 @@
   import ThemeToggle from "@rilldata/web-common/features/themes/ThemeToggle.svelte";
 
   const user = createAdminServiceGetCurrentUser();
-  const superusers = createAdminServiceListSuperusers();
+  // Fire ListSuperusers once per session to check if the avatar menu should
+  // show the "Superuser Console" link. Non-superusers get a single 403 that
+  // TanStack Query silently caches as an error (retry: false, staleTime: Infinity
+  // ensures no repeated requests across component remounts).
+  const superusers = createAdminServiceListSuperusers({
+    query: {
+      enabled: !!$user.data?.user?.email,
+      retry: false,
+      staleTime: Infinity,
+    },
+  });
   $: isSuperuser =
     $superusers.isSuccess &&
     !!$user.data?.user?.email &&
@@ -137,7 +147,7 @@
     {/if}
 
     {#if isSuperuser}
-      <DropdownMenu.Item href="/-/admin">Admin Console</DropdownMenu.Item>
+      <DropdownMenu.Item href="/-/superuser">Superuser Console</DropdownMenu.Item>
       <DropdownMenu.Separator />
     {/if}
 
diff --git a/web-admin/src/features/admin/billing/selectors.ts b/web-admin/src/features/superuser/billing/selectors.ts
similarity index 92%
rename from web-admin/src/features/admin/billing/selectors.ts
rename to web-admin/src/features/superuser/billing/selectors.ts
index 1d20137d26d..2e435a83938 100644
--- a/web-admin/src/features/admin/billing/selectors.ts
+++ b/web-admin/src/features/superuser/billing/selectors.ts
@@ -1,4 +1,4 @@
-// web-admin/src/features/admin/billing/selectors.ts
+// Billing-related queries and mutations for the superuser console
 import {
   adminServiceGetPaymentsPortalURL,
   createAdminServiceSudoExtendTrial,
diff --git a/web-admin/src/features/admin/layout/AdminPageHeader.svelte b/web-admin/src/features/superuser/layout/SuperuserPageHeader.svelte
similarity index 66%
rename from web-admin/src/features/admin/layout/AdminPageHeader.svelte
rename to web-admin/src/features/superuser/layout/SuperuserPageHeader.svelte
index da7eb7bfdce..8ce3af9e491 100644
--- a/web-admin/src/features/admin/layout/AdminPageHeader.svelte
+++ b/web-admin/src/features/superuser/layout/SuperuserPageHeader.svelte
@@ -4,11 +4,11 @@
 </script>
 
 <div class="mb-6">
-  <h1 class="text-xl font-semibold text-slate-900">
+  <h1 class="text-xl font-semibold text-fg-primary">
     {title}
   </h1>
   {#if description}
-    <p class="text-sm text-slate-500 mt-1">
+    <p class="text-sm text-fg-secondary mt-1">
       {description}
     </p>
   {/if}
diff --git a/web-admin/src/features/superuser/layout/SuperuserSidebar.svelte b/web-admin/src/features/superuser/layout/SuperuserSidebar.svelte
new file mode 100644
index 00000000000..b2b24d53fba
--- /dev/null
+++ b/web-admin/src/features/superuser/layout/SuperuserSidebar.svelte
@@ -0,0 +1,51 @@
+<script lang="ts">
+  import LeftNav from "@rilldata/web-admin/components/nav/LeftNav.svelte";
+
+  const basePage = "/-/superuser";
+  const baseRoute = "/-/superuser";
+
+  const navGroups = [
+    {
+      heading: "People",
+      items: [
+        { label: "Users", route: "" },
+        { label: "Superusers", route: "/superusers" },
+      ],
+    },
+    {
+      heading: "Billing & Plans",
+      items: [
+        { label: "Billing", route: "/billing" },
+        { label: "Quotas", route: "/quotas" },
+      ],
+    },
+    {
+      heading: "Resources",
+      items: [
+        { label: "Organizations", route: "/organizations" },
+        { label: "Projects", route: "/projects" },
+      ],
+    },
+  ];
+</script>
+
+<nav class="w-56 flex-shrink-0 border-r flex flex-col h-full">
+  <div class="px-4 py-4 border-b">
+    <span class="text-sm font-semibold text-fg-primary">
+      Superuser Console
+    </span>
+  </div>
+
+  <div class="flex-1 overflow-y-auto py-3 px-3">
+    {#each navGroups as group}
+      <div class="mb-4">
+        <span
+          class="text-sm font-semibold uppercase tracking-wider text-fg-muted px-2 mb-1 block"
+        >
+          {group.heading}
+        </span>
+        <LeftNav {basePage} {baseRoute} navItems={group.items} minWidth="auto" />
+      </div>
+    {/each}
+  </div>
+</nav>
diff --git a/web-admin/src/features/admin/organizations/selectors.ts b/web-admin/src/features/superuser/organizations/selectors.ts
similarity index 84%
rename from web-admin/src/features/admin/organizations/selectors.ts
rename to web-admin/src/features/superuser/organizations/selectors.ts
index 0e0d25046f9..38522412f71 100644
--- a/web-admin/src/features/admin/organizations/selectors.ts
+++ b/web-admin/src/features/superuser/organizations/selectors.ts
@@ -1,9 +1,10 @@
-// web-admin/src/features/admin/organizations/selectors.ts
+// Organization-related queries for the superuser console
 import {
   createAdminServiceGetOrganization,
   createAdminServiceListOrganizationMemberUsers,
   createAdminServiceListProjectsForOrganization,
   createAdminServiceSearchProjectNames,
+  createAdminServiceDeleteOrganization,
 } from "@rilldata/web-admin/client";
 
 export function getOrganization(org: string) {
@@ -30,6 +31,10 @@ export function getOrgProjects(org: string) {
   );
 }
 
+export function createDeleteOrgMutation() {
+  return createAdminServiceDeleteOrganization();
+}
+
 // Search for org names by searching project paths (org/project) and extracting unique org names
 export function searchOrgNames(query: string) {
   return createAdminServiceSearchProjectNames(
diff --git a/web-admin/src/features/admin/projects/selectors.ts b/web-admin/src/features/superuser/projects/selectors.ts
similarity index 92%
rename from web-admin/src/features/admin/projects/selectors.ts
rename to web-admin/src/features/superuser/projects/selectors.ts
index b1c2595ab1c..a74a7ab09dc 100644
--- a/web-admin/src/features/admin/projects/selectors.ts
+++ b/web-admin/src/features/superuser/projects/selectors.ts
@@ -1,4 +1,4 @@
-// web-admin/src/features/admin/projects/selectors.ts
+// Project-related queries and mutations for the superuser console
 import {
   createAdminServiceSearchProjectNames,
   createAdminServiceGetProject,
diff --git a/web-admin/src/features/admin/quotas/selectors.ts b/web-admin/src/features/superuser/quotas/selectors.ts
similarity index 86%
rename from web-admin/src/features/admin/quotas/selectors.ts
rename to web-admin/src/features/superuser/quotas/selectors.ts
index 86220b40870..f2f5faa1c32 100644
--- a/web-admin/src/features/admin/quotas/selectors.ts
+++ b/web-admin/src/features/superuser/quotas/selectors.ts
@@ -1,4 +1,4 @@
-// web-admin/src/features/admin/quotas/selectors.ts
+// Quota-related queries and mutations for the superuser console
 import {
   createAdminServiceGetOrganization,
   createAdminServiceSudoUpdateOrganizationQuotas,
diff --git a/web-admin/src/features/superuser/shared/OrgPicker.svelte b/web-admin/src/features/superuser/shared/OrgPicker.svelte
new file mode 100644
index 00000000000..4428d2b92a3
--- /dev/null
+++ b/web-admin/src/features/superuser/shared/OrgPicker.svelte
@@ -0,0 +1,67 @@
+<script lang="ts">
+  import SearchInput from "./SearchInput.svelte";
+  import { searchOrgNames } from "@rilldata/web-admin/features/superuser/organizations/selectors";
+
+  export let value: string = "";
+  export let placeholder: string = "Organization name...";
+
+  let searchQuery = "";
+  let showResults = false;
+
+  $: orgNamesQuery = searchOrgNames(searchQuery);
+  $: matchedOrgs = extractUniqueOrgs($orgNamesQuery.data?.names ?? []);
+
+  function extractUniqueOrgs(names: string[]): string[] {
+    const orgs = new Set<string>();
+    for (const name of names) {
+      const slash = name.indexOf("/");
+      if (slash > 0) orgs.add(name.substring(0, slash));
+    }
+    return [...orgs].sort();
+  }
+
+  function handleSearch(e: CustomEvent<string>) {
+    searchQuery = e.detail;
+    showResults = true;
+    // Clear selection when user changes the search text
+    if (value && searchQuery !== value) {
+      value = "";
+    }
+  }
+
+  function selectOrg(org: string) {
+    value = org;
+    searchQuery = org;
+    showResults = false;
+  }
+</script>
+
+<div class="relative">
+  <SearchInput
+    bind:value={searchQuery}
+    {placeholder}
+    on:search={handleSearch}
+  />
+  {#if showResults && searchQuery.length >= 3 && !value}
+    {#if $orgNamesQuery.isFetching}
+      <div class="absolute z-10 left-0 right-0 mt-1 rounded-md border bg-surface-base shadow-md p-2">
+        <p class="text-sm text-fg-secondary">Searching...</p>
+      </div>
+    {:else if matchedOrgs.length > 0}
+      <div class="absolute z-10 left-0 right-0 mt-1 flex flex-col gap-0.5 max-h-48 overflow-y-auto rounded-md border bg-surface-base shadow-md">
+        {#each matchedOrgs as org}
+          <button
+            class="px-3 py-2 text-sm text-fg-primary text-left hover:bg-surface-hover cursor-pointer"
+            on:click={() => selectOrg(org)}
+          >
+            {org}
+          </button>
+        {/each}
+      </div>
+    {:else if $orgNamesQuery.isSuccess}
+      <div class="absolute z-10 left-0 right-0 mt-1 rounded-md border bg-surface-base shadow-md p-2">
+        <p class="text-sm text-fg-secondary">No organizations found</p>
+      </div>
+    {/if}
+  {/if}
+</div>
diff --git a/web-admin/src/features/admin/shared/SearchInput.svelte b/web-admin/src/features/superuser/shared/SearchInput.svelte
similarity index 63%
rename from web-admin/src/features/admin/shared/SearchInput.svelte
rename to web-admin/src/features/superuser/shared/SearchInput.svelte
index 518f542158e..3fbb159a635 100644
--- a/web-admin/src/features/admin/shared/SearchInput.svelte
+++ b/web-admin/src/features/superuser/shared/SearchInput.svelte
@@ -1,4 +1,3 @@
-<!-- web-admin/src/features/admin/shared/SearchInput.svelte -->
 <script lang="ts">
   import { createEventDispatcher } from "svelte";
 
@@ -10,9 +9,7 @@
 
   let timeout: ReturnType<typeof setTimeout>;
 
-  function handleInput(e: Event) {
-    const target = e.target as HTMLInputElement;
-    value = target.value;
+  function handleInput() {
     clearTimeout(timeout);
     timeout = setTimeout(() => {
       dispatch("search", value);
@@ -28,9 +25,9 @@
 <div class="relative">
   <input
     type="text"
-    class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
+    class="w-full px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500 focus:border-transparent"
     {placeholder}
-    {value}
+    bind:value
     on:input={handleInput}
     on:keydown={(e) => e.key === "Enter" && handleSubmit()}
   />
diff --git a/web-admin/src/features/admin/users/RepresentingBanner.svelte b/web-admin/src/features/superuser/users/RepresentingBanner.svelte
similarity index 81%
rename from web-admin/src/features/admin/users/RepresentingBanner.svelte
rename to web-admin/src/features/superuser/users/RepresentingBanner.svelte
index a834fdd734c..6fe430612ff 100644
--- a/web-admin/src/features/admin/users/RepresentingBanner.svelte
+++ b/web-admin/src/features/superuser/users/RepresentingBanner.svelte
@@ -3,22 +3,17 @@
   import { onMount } from "svelte";
   import { browser } from "$app/environment";
   import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
-  import { STORAGE_KEY } from "@rilldata/web-admin/features/admin/users/assume-state";
+  import { STORAGE_KEY } from "@rilldata/web-admin/features/superuser/users/assume-state";
   import { ADMIN_URL } from "@rilldata/web-admin/client/http-client";
 
   const BANNER_ID = "representing-user";
 
-  function appendPath(path: string, suffix: string) {
-    return `${path.replace(/\/$/, "")}/${suffix}`;
-  }
-
   function unassume() {
     if (browser) sessionStorage.removeItem(STORAGE_KEY);
     eventBus.emit("remove-banner", BANNER_ID);
     // Redirect to login; the auth provider session is the real superuser,
     // so it auto-completes and issues a fresh superuser token.
-    const u = new URL(ADMIN_URL);
-    u.pathname = appendPath(u.pathname, "auth/login");
+    const u = new URL("auth/login", ADMIN_URL);
     u.searchParams.set("redirect", window.location.origin);
     window.location.href = u.toString();
   }
diff --git a/web-admin/src/features/admin/users/assume-state.ts b/web-admin/src/features/superuser/users/assume-state.ts
similarity index 82%
rename from web-admin/src/features/admin/users/assume-state.ts
rename to web-admin/src/features/superuser/users/assume-state.ts
index a770d05bc1a..4a3db468ebb 100644
--- a/web-admin/src/features/admin/users/assume-state.ts
+++ b/web-admin/src/features/superuser/users/assume-state.ts
@@ -1,4 +1,4 @@
-// Manages assume/unassume user state for the admin console.
+// Manages assume/unassume user state for the superuser console.
 // Uses sessionStorage to track the assumed user across navigations,
 // and server-side auth endpoints for cookie management.
 import { writable } from "svelte/store";
@@ -7,10 +7,6 @@ import { ADMIN_URL } from "@rilldata/web-admin/client/http-client";
 
 export const STORAGE_KEY = "rill-representing-user";
 
-function appendPath(path: string, suffix: string) {
-  return `${path.replace(/\/$/, "")}/${suffix}`;
-}
-
 // Store tracks the currently assumed user email
 const initial = browser ? sessionStorage.getItem(STORAGE_KEY) ?? "" : "";
 const { subscribe, set } = writable(initial);
@@ -26,8 +22,7 @@ export const assumedUser = {
     set(email);
     if (browser) sessionStorage.setItem(STORAGE_KEY, email);
 
-    const u = new URL(ADMIN_URL);
-    u.pathname = appendPath(u.pathname, "auth/assume-open");
+    const u = new URL("auth/assume-open", ADMIN_URL);
     u.searchParams.set("representing_user", email);
     u.searchParams.set("ttl_minutes", String(ttlMinutes));
     window.location.href = u.toString();
@@ -45,8 +40,7 @@ export const assumedUser = {
 
     // Redirect to login; the auth provider (Auth0) session is the real superuser,
     // so it auto-completes and issues a fresh superuser token.
-    const u = new URL(ADMIN_URL);
-    u.pathname = appendPath(u.pathname, "auth/login");
+    const u = new URL("auth/login", ADMIN_URL);
     u.searchParams.set("redirect", window.location.origin);
     window.location.href = u.toString();
   },
diff --git a/web-admin/src/features/admin/users/selectors.ts b/web-admin/src/features/superuser/users/selectors.ts
similarity index 88%
rename from web-admin/src/features/admin/users/selectors.ts
rename to web-admin/src/features/superuser/users/selectors.ts
index e72ea26636d..a06c7116a9a 100644
--- a/web-admin/src/features/admin/users/selectors.ts
+++ b/web-admin/src/features/superuser/users/selectors.ts
@@ -1,4 +1,3 @@
-// web-admin/src/features/admin/users/selectors.ts
 import {
   createAdminServiceSearchUsers,
   createAdminServiceDeleteUser,
diff --git a/web-admin/src/routes/+layout.svelte b/web-admin/src/routes/+layout.svelte
index 63c863532ad..671a30f6329 100644
--- a/web-admin/src/routes/+layout.svelte
+++ b/web-admin/src/routes/+layout.svelte
@@ -5,7 +5,7 @@
   import { createUserFacingError } from "@rilldata/web-admin/components/errors/user-facing-errors";
   import { dynamicHeight } from "@rilldata/web-common/layout/layout-settings.ts";
   import BillingBannerManager from "@rilldata/web-admin/features/billing/banner/BillingBannerManager.svelte";
-  import RepresentingBanner from "@rilldata/web-admin/features/admin/users/RepresentingBanner.svelte";
+  import RepresentingBanner from "@rilldata/web-admin/features/superuser/users/RepresentingBanner.svelte";
   import {
     isBillingUpgradePage,
     isProjectInvitePage,
diff --git a/web-admin/src/routes/-/admin/+layout.svelte b/web-admin/src/routes/-/admin/+layout.svelte
deleted file mode 100644
index 5636b2c3a6c..00000000000
--- a/web-admin/src/routes/-/admin/+layout.svelte
+++ /dev/null
@@ -1,14 +0,0 @@
-<script lang="ts">
-  import AdminSidebar from "@rilldata/web-admin/features/admin/layout/AdminSidebar.svelte";
-</script>
-
-<svelte:head>
-  <title>Admin Console | Rill</title>
-</svelte:head>
-
-<div class="flex h-screen overflow-hidden bg-slate-50">
-  <AdminSidebar />
-  <div class="flex-1 overflow-y-auto p-8 bg-slate-50">
-    <slot />
-  </div>
-</div>
diff --git a/web-admin/src/routes/-/admin/+page.svelte b/web-admin/src/routes/-/admin/+page.svelte
deleted file mode 100644
index 056c969bad2..00000000000
--- a/web-admin/src/routes/-/admin/+page.svelte
+++ /dev/null
@@ -1,207 +0,0 @@
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
-  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
-  import {
-    notifySuccess,
-    notifyError,
-  } from "@rilldata/web-admin/features/admin/shared/notify";
-  import {
-    searchUsers,
-    createDeleteUserMutation,
-  } from "@rilldata/web-admin/features/admin/users/selectors";
-  import { assumedUser } from "@rilldata/web-admin/features/admin/users/assume-state";
-  import { useQueryClient } from "@tanstack/svelte-query";
-
-  let searchQuery = "";
-  let confirmOpen = false;
-  let confirmTitle = "";
-  let confirmDescription = "";
-  let confirmDestructive = false;
-  let confirmAction: () => Promise<void> = async () => {};
-  let actionInProgress = "";
-
-  const queryClient = useQueryClient();
-  const deleteUser = createDeleteUserMutation();
-
-  $: usersQuery = searchUsers(searchQuery);
-
-  function handleSearch(e: CustomEvent<string>) {
-    searchQuery = e.detail;
-  }
-
-  function handleAssume(email: string) {
-    confirmTitle = "Open as User";
-    confirmDescription = `You will start browsing Rill Cloud as ${email}. The session will expire after 60 minutes. Use the banner to unassume when done.`;
-    confirmDestructive = false;
-    confirmAction = async () => {
-      // assume() navigates away via window.location.href, so no code after it runs
-      assumedUser.assume(email);
-    };
-    confirmOpen = true;
-  }
-
-  function handleUnassume() {
-    assumedUser.unassume();
-  }
-
-  function handleDelete(email: string) {
-    confirmTitle = "Delete User";
-    confirmDescription = `This will permanently delete the user ${email}. This action cannot be undone.`;
-    confirmDestructive = true;
-    confirmAction = async () => {
-      actionInProgress = `delete:${email}`;
-      try {
-        await $deleteUser.mutateAsync({
-          email,
-        });
-        notifySuccess(`User ${email} deleted`);
-        await queryClient.invalidateQueries({
-          predicate: (q) => q.queryKey[0] === "/v1/users/search",
-        });
-      } catch (err) {
-        notifyError(`Failed to delete user: ${err}`);
-      } finally {
-        actionInProgress = "";
-      }
-    };
-    confirmOpen = true;
-  }
-</script>
-
-<AdminPageHeader
-  title="Users"
-  description="Search for users by email across all organizations."
-/>
-
-{#if $assumedUser}
-  <div
-    class="flex items-center gap-3 mb-4 px-4 py-2 rounded-md bg-amber-50 border border-amber-200 text-amber-800 text-sm"
-  >
-    <span>Currently assumed as <strong>{$assumedUser}</strong></span>
-    <button
-      class="text-xs px-3 py-1 rounded border border-amber-400 bg-slate-50 text-amber-700 hover:bg-amber-50"
-      on:click={handleUnassume}
-    >
-      Unassume
-    </button>
-  </div>
-{/if}
-
-<div class="mb-4 max-w-md">
-  <SearchInput
-    placeholder="Search by email (min 3 characters)..."
-    on:search={handleSearch}
-  />
-</div>
-
-{#if $usersQuery.isFetching && searchQuery.length >= 3}
-  <div class="flex items-center gap-2 py-4">
-    <div
-      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-    />
-    <span class="text-sm text-slate-500">Searching users...</span>
-  </div>
-{:else if $usersQuery.data?.users?.length}
-  <p class="text-xs text-slate-500 mb-2">
-    {$usersQuery.data.users.length} result{$usersQuery.data.users.length === 1
-      ? ""
-      : "s"}
-  </p>
-  <div class="rounded-lg border border-slate-200 overflow-hidden">
-    <table class="w-full border-collapse">
-      <thead>
-        <tr>
-          <th
-            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-          >
-            Email
-          </th>
-          <th
-            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-          >
-            Display Name
-          </th>
-          <th
-            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-          >
-            Created
-          </th>
-          <th
-            class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-          >
-            Actions
-          </th>
-        </tr>
-      </thead>
-      <tbody>
-        {#each $usersQuery.data.users as user}
-          {@const isAssumed = $assumedUser === user.email}
-          <tr class="group">
-            <td
-              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50 font-mono text-xs"
-            >
-              {user.email}
-            </td>
-            <td
-              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50"
-            >
-              {user.displayName ?? "-"}
-            </td>
-            <td
-              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50 text-xs text-slate-500"
-            >
-              {user.createdOn
-                ? new Date(user.createdOn).toLocaleDateString()
-                : "-"}
-            </td>
-            <td
-              class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50"
-            >
-              <div class="flex gap-2">
-                {#if isAssumed}
-                  <button
-                    class="text-xs px-2 py-1 rounded border border-amber-400 bg-amber-50 text-amber-700 hover:bg-amber-100"
-                    on:click={handleUnassume}
-                  >
-                    Unassume
-                  </button>
-                {:else}
-                  <button
-                    class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100"
-                    on:click={() => handleAssume(user.email ?? "")}
-                  >
-                    Open as User
-                  </button>
-                {/if}
-                <button
-                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 disabled:opacity-50 disabled:cursor-not-allowed"
-                  disabled={actionInProgress === `delete:${user.email}`}
-                  on:click={() => handleDelete(user.email ?? "")}
-                >
-                  {actionInProgress === `delete:${user.email}`
-                    ? "Deleting..."
-                    : "Delete"}
-                </button>
-              </div>
-            </td>
-          </tr>
-        {/each}
-      </tbody>
-    </table>
-  </div>
-{:else if searchQuery.length >= 3 && $usersQuery.isSuccess}
-  <p class="text-sm text-slate-500">No users found for "{searchQuery}"</p>
-{:else if searchQuery.length < 3}
-  <p class="text-sm text-slate-400">
-    Type at least 3 characters to search across all organizations.
-  </p>
-{/if}
-
-<ConfirmDialog
-  bind:open={confirmOpen}
-  title={confirmTitle}
-  description={confirmDescription}
-  destructive={confirmDestructive}
-  onConfirm={confirmAction}
-/>
diff --git a/web-admin/src/routes/-/admin/billing/+page.svelte b/web-admin/src/routes/-/admin/billing/+page.svelte
deleted file mode 100644
index caf099d99e9..00000000000
--- a/web-admin/src/routes/-/admin/billing/+page.svelte
+++ /dev/null
@@ -1,247 +0,0 @@
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import {
-    notifySuccess,
-    notifyError,
-  } from "@rilldata/web-admin/features/admin/shared/notify";
-  import OrgSearchInput from "@rilldata/web-admin/features/admin/shared/OrgSearchInput.svelte";
-  import type { V1BillingIssueType } from "@rilldata/web-admin/client";
-  import {
-    getBillingSetupURL,
-    createExtendTrialMutation,
-    createDeleteBillingIssueMutation,
-    getBillingIssues,
-  } from "@rilldata/web-admin/features/admin/billing/selectors";
-  import { useQueryClient } from "@tanstack/svelte-query";
-
-  // Billing Setup state
-  let setupOrg = "";
-  let setupLoading = false;
-  let setupUrl = "";
-
-  // Extend Trial state
-  let trialOrg = "";
-  let trialDays = 14;
-  let trialLoading = false;
-
-  // Billing Issues state
-  let issuesOrg = "";
-
-  const queryClient = useQueryClient();
-  const extendTrial = createExtendTrialMutation();
-  const deleteBillingIssue = createDeleteBillingIssueMutation();
-
-  $: billingIssuesQuery = getBillingIssues(issuesOrg);
-
-  async function handleBillingSetup() {
-    if (!setupOrg) return;
-    setupLoading = true;
-    setupUrl = "";
-    try {
-      const url = await getBillingSetupURL(setupOrg);
-      if (url) {
-        setupUrl = url;
-        notifySuccess( `Billing setup URL generated for ${setupOrg}`);
-      } else {
-        notifyError( "No URL returned; check the org name.");
-      }
-    } catch (err) {
-      notifyError( `Failed to generate billing setup URL: ${err}`);
-    } finally {
-      setupLoading = false;
-    }
-  }
-
-  async function handleExtendTrial() {
-    if (!trialOrg) return;
-    trialLoading = true;
-    try {
-      await $extendTrial.mutateAsync({
-        data: { org: trialOrg, days: trialDays },
-      });
-      notifySuccess(
-        `Trial extended by ${trialDays} days for ${trialOrg}`,
-      );
-      trialOrg = "";
-    } catch (err) {
-      notifyError( `Failed to extend trial: ${err}`);
-    } finally {
-      trialLoading = false;
-    }
-  }
-
-  async function handleDeleteIssue(org: string, type: V1BillingIssueType) {
-    try {
-      await $deleteBillingIssue.mutateAsync({ org, type });
-      notifySuccess( `Billing issue "${type}" deleted for ${org}`);
-      await queryClient.invalidateQueries({
-        predicate: (q) =>
-          (q.queryKey[0] as string)?.includes("/v1/organizations") ||
-          (q.queryKey[0] as string)?.includes("/v1/superuser/billing"),
-      });
-    } catch (err) {
-      notifyError( `Failed to delete billing issue: ${err}`);
-    }
-  }
-</script>
-
-<AdminPageHeader
-  title="Billing"
-  description="Generate billing setup links, extend trials, and manage billing issues."
-/>
-
-<div class="flex flex-col gap-6 pb-12">
-  <!-- Billing Setup (Primary feature) -->
-  <section
-    class="p-5 rounded-lg border border-blue-200 bg-blue-50/50"
-  >
-    <h2 class="text-sm font-semibold text-slate-900 mb-1">
-      Billing Setup
-    </h2>
-    <p class="text-xs text-slate-500 mb-4">
-      Generate a Stripe checkout page link for an organization to enter their
-      billing information.
-    </p>
-    <div class="flex gap-3 items-center flex-wrap">
-      <div class="w-64">
-        <OrgSearchInput
-          bind:value={setupOrg}
-          placeholder="Search organization..."
-        />
-      </div>
-      <button
-        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
-        on:click={handleBillingSetup}
-        disabled={setupLoading || !setupOrg}
-      >
-        {#if setupLoading}
-          <span
-            class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
-          />
-          Generating...
-        {:else}
-          Generate Setup Link
-        {/if}
-      </button>
-    </div>
-    {#if setupUrl}
-      <div class="mt-4 flex flex-col gap-1">
-        <span class="text-xs text-slate-500"
-          >Share this link with the customer:</span
-        >
-        <div
-          class="flex items-center gap-2 p-3 rounded-md bg-slate-50 border border-slate-200"
-        >
-          <a
-            href={setupUrl}
-            target="_blank"
-            rel="noreferrer"
-            class="flex-1 text-sm text-blue-600 break-all hover:underline"
-          >
-            {setupUrl}
-          </a>
-          <button
-            class="text-xs px-3 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100 whitespace-nowrap"
-            on:click={() => {
-              navigator.clipboard.writeText(setupUrl);
-              notifySuccess( "URL copied to clipboard");
-            }}
-          >
-            Copy
-          </button>
-        </div>
-      </div>
-    {/if}
-  </section>
-
-  <!-- Extend Trial -->
-  <section class="p-5 rounded-lg border border-slate-200">
-    <h2 class="text-sm font-semibold text-slate-900 mb-1">
-      Extend Trial
-    </h2>
-    <p class="text-xs text-slate-500 mb-4">
-      Add days to an organization's trial period.
-    </p>
-    <div class="flex gap-3 items-center flex-wrap">
-      <div class="w-64">
-        <OrgSearchInput
-          bind:value={trialOrg}
-          placeholder="Search organization..."
-        />
-      </div>
-      <input
-        type="number"
-        class="w-24 px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
-        min="1"
-        max="365"
-        bind:value={trialDays}
-      />
-      <button
-        class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
-        on:click={handleExtendTrial}
-        disabled={trialLoading || !trialOrg}
-      >
-        {#if trialLoading}
-          <span
-            class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
-          />
-          Extending...
-        {:else}
-          Extend Trial
-        {/if}
-      </button>
-    </div>
-  </section>
-
-  <!-- Billing Issues -->
-  <section class="p-5 rounded-lg border border-slate-200">
-    <h2 class="text-sm font-semibold text-slate-900 mb-1">
-      Billing Issues
-    </h2>
-    <p class="text-xs text-slate-500 mb-4">
-      View and resolve billing issues for an organization.
-    </p>
-    <div class="flex gap-3 items-center flex-wrap mb-4">
-      <div class="w-64">
-        <OrgSearchInput
-          bind:value={issuesOrg}
-          placeholder="Search organization..."
-        />
-      </div>
-    </div>
-    {#if $billingIssuesQuery.isFetching}
-      <div class="flex items-center gap-2 py-2">
-        <div
-          class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-        />
-        <span class="text-sm text-slate-500">Loading issues...</span>
-      </div>
-    {:else if $billingIssuesQuery.data?.issues?.length}
-      <div class="flex flex-col gap-2">
-        {#each $billingIssuesQuery.data.issues as issue}
-          <div
-            class="flex items-center justify-between px-3 py-2 rounded bg-slate-50"
-          >
-            <div>
-              <span class="text-sm font-mono text-slate-700"
-                >{issue.type}</span
-              >
-              <span class="text-xs text-slate-500 ml-2"
-                >{issue.metadata ?? ""}</span
-              >
-            </div>
-            <button
-              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50"
-              on:click={() =>
-                handleDeleteIssue(issuesOrg, issue.type ?? "BILLING_ISSUE_TYPE_UNSPECIFIED")}
-            >
-              Delete Issue
-            </button>
-          </div>
-        {/each}
-      </div>
-    {:else if issuesOrg && $billingIssuesQuery.isSuccess}
-      <p class="text-sm text-slate-500">No billing issues found.</p>
-    {/if}
-  </section>
-</div>
diff --git a/web-admin/src/routes/-/admin/organizations/+page.svelte b/web-admin/src/routes/-/admin/organizations/+page.svelte
deleted file mode 100644
index b9bf7774153..00000000000
--- a/web-admin/src/routes/-/admin/organizations/+page.svelte
+++ /dev/null
@@ -1,385 +0,0 @@
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
-  import {
-    notifySuccess,
-    notifyError,
-  } from "@rilldata/web-admin/features/admin/shared/notify";
-  import {
-    getOrganization,
-    getOrgMembers,
-    getOrgProjects,
-    searchOrgNames,
-  } from "@rilldata/web-admin/features/admin/organizations/selectors";
-  import {
-    createRedeployProjectMutation,
-    createHibernateProjectMutation,
-  } from "@rilldata/web-admin/features/admin/projects/selectors";
-
-  let searchInput = "";
-  let lookupOrg = "";
-  let showDropdown = false;
-  let justSelected = false;
-  let confirmOpen = false;
-  let confirmTitle = "";
-  let confirmDescription = "";
-  let confirmDestructive = false;
-  let confirmAction: () => Promise<void> = async () => {};
-  let actionInProgress = "";
-
-  const redeployProject = createRedeployProjectMutation();
-  const hibernateProject = createHibernateProjectMutation();
-
-  $: orgSearchQuery = searchOrgNames(searchInput);
-  $: orgNames = extractUniqueOrgs($orgSearchQuery.data?.names ?? []);
-
-  $: orgQuery = getOrganization(lookupOrg);
-  $: membersQuery = getOrgMembers(lookupOrg);
-  $: projectsQuery = getOrgProjects(lookupOrg);
-
-  function extractUniqueOrgs(projectPaths: string[]): string[] {
-    const orgs = new Set<string>();
-    for (const path of projectPaths) {
-      const org = path.split("/")[0];
-      if (org) orgs.add(org);
-    }
-    return [...orgs].sort();
-  }
-
-  function selectOrg(org: string) {
-    searchInput = org;
-    lookupOrg = org;
-    showDropdown = false;
-    justSelected = true;
-  }
-
-  function handleInputKeydown(e: KeyboardEvent) {
-    if (e.key === "Enter" && searchInput) {
-      lookupOrg = searchInput;
-      showDropdown = false;
-      justSelected = true;
-    }
-  }
-
-  function handleInput() {
-    justSelected = false;
-    if (searchInput.length >= 3) {
-      showDropdown = true;
-    } else {
-      showDropdown = false;
-    }
-  }
-
-  function handleBlur() {
-    setTimeout(() => {
-      showDropdown = false;
-    }, 150);
-  }
-
-  function handleHibernate(orgName: string, projectName: string) {
-    confirmTitle = "Hibernate Project";
-    confirmDescription = `This will hibernate the deployment for ${orgName}/${projectName}. The project data will be preserved but the deployment will be stopped.`;
-    confirmDestructive = false;
-    confirmAction = async () => {
-      actionInProgress = `hibernate:${projectName}`;
-      try {
-        await $hibernateProject.mutateAsync({ org: orgName, project: projectName });
-        notifySuccess(`Project ${orgName}/${projectName} hibernated`);
-      } catch (err) {
-        notifyError(`Failed: ${err}`);
-      } finally {
-        actionInProgress = "";
-      }
-    };
-    confirmOpen = true;
-  }
-
-  function handleRedeploy(orgName: string, projectName: string) {
-    confirmTitle = "Redeploy Project";
-    confirmDescription = `This will completely redeploy ${orgName}/${projectName}. This is a disruptive operation.`;
-    confirmDestructive = true;
-    confirmAction = async () => {
-      actionInProgress = `redeploy:${projectName}`;
-      try {
-        await $redeployProject.mutateAsync({ org: orgName, project: projectName });
-        notifySuccess(`Project ${orgName}/${projectName} redeployed`);
-      } catch (err) {
-        notifyError(`Failed: ${err}`);
-      } finally {
-        actionInProgress = "";
-      }
-    };
-    confirmOpen = true;
-  }
-
-  $: if (orgNames.length > 0 && searchInput.length >= 3 && !justSelected) {
-    showDropdown = true;
-  }
-</script>
-
-<AdminPageHeader
-  title="Organizations"
-  description="Search for any organization by name to view details, members, and projects."
-/>
-
-<div class="mb-6 max-w-lg">
-  <div class="relative">
-    <input
-      type="text"
-      class="w-full px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-      placeholder="Search organizations (min 3 characters)..."
-      bind:value={searchInput}
-      on:keydown={handleInputKeydown}
-      on:input={handleInput}
-      on:blur={handleBlur}
-    />
-    {#if $orgSearchQuery.isFetching && searchInput.length >= 3}
-      <div
-        class="absolute right-3 top-1/2 -translate-y-1/2 w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-      />
-    {/if}
-    {#if showDropdown && orgNames.length > 0}
-      <div
-        class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
-      >
-        {#each orgNames as org}
-          <button
-            class="w-full text-left px-3 py-2 text-sm text-slate-700 hover:bg-slate-100 cursor-pointer"
-            on:mousedown|preventDefault={() => selectOrg(org)}
-          >
-            {org}
-          </button>
-        {/each}
-      </div>
-    {:else if showDropdown && searchInput.length >= 3 && $orgSearchQuery.isSuccess && orgNames.length === 0}
-      <div
-        class="absolute z-10 w-full mt-1 bg-slate-50 border border-slate-200 rounded-md shadow-lg max-h-48 overflow-y-auto"
-      >
-        <div class="px-3 py-2 text-sm text-slate-400">No organizations found</div>
-      </div>
-    {/if}
-  </div>
-  <p class="text-xs text-slate-400 mt-1">
-    Type to search, then select or press Enter for exact match.
-  </p>
-</div>
-
-{#if $orgQuery.isFetching}
-  <div class="flex items-center gap-2 py-4">
-    <div
-      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-    />
-    <span class="text-sm text-slate-500">Looking up organization...</span>
-  </div>
-{:else if $orgQuery.isError && lookupOrg}
-  <p class="text-sm text-red-600">
-    Organization "{lookupOrg}" not found or access denied.
-  </p>
-{:else if $orgQuery.data?.organization}
-  {@const org = $orgQuery.data.organization}
-  <div class="flex flex-col gap-4">
-    <section class="p-5 rounded-lg border border-slate-200">
-      <h2
-        class="text-sm font-semibold text-slate-900 mb-3"
-      >
-        Organization Details
-      </h2>
-      <div class="grid grid-cols-2 lg:grid-cols-4 gap-3">
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >ID</span
-          >
-          <span
-            class="text-sm text-slate-900 font-mono text-xs"
-            >{org.id}</span
-          >
-        </div>
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >Name</span
-          >
-          <span class="text-sm text-slate-900"
-            >{org.name}</span
-          >
-        </div>
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >Description</span
-          >
-          <span class="text-sm text-slate-900"
-            >{org.description ?? "-"}</span
-          >
-        </div>
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >Billing Plan</span
-          >
-          <span class="text-sm text-slate-900"
-            >{org.billingPlanDisplayName ?? "-"}</span
-          >
-        </div>
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >Billing Customer ID</span
-          >
-          <span
-            class="text-sm text-slate-900 font-mono text-xs"
-            >{org.billingCustomerId ?? "-"}</span
-          >
-        </div>
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >Custom Domain</span
-          >
-          <span class="text-sm text-slate-900"
-            >{org.customDomain ?? "None"}</span
-          >
-        </div>
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >Created</span
-          >
-          <span class="text-sm text-slate-900">
-            {org.createdOn
-              ? new Date(org.createdOn).toLocaleDateString()
-              : "-"}
-          </span>
-        </div>
-        <div class="flex flex-col">
-          <span
-            class="text-[11px] text-slate-500 uppercase tracking-wider"
-            >Projects</span
-          >
-          <span class="text-sm text-slate-900">
-            {#if $projectsQuery.isFetching}
-              <span class="text-slate-400">Loading...</span>
-            {:else if $projectsQuery.data?.projects}
-              {$projectsQuery.data.projects.length}
-            {:else}
-              0
-            {/if}
-          </span>
-        </div>
-      </div>
-    </section>
-
-    <!-- Projects list -->
-    {#if $projectsQuery.data?.projects?.length}
-      <section
-        class="p-5 rounded-lg border border-slate-200"
-      >
-        <h2
-          class="text-sm font-semibold text-slate-900 mb-3"
-        >
-          Projects ({$projectsQuery.data.projects.length})
-        </h2>
-        <div class="flex flex-col gap-1">
-          {#each $projectsQuery.data.projects as project}
-            <div
-              class="flex items-center justify-between px-3 py-2 rounded bg-slate-50"
-            >
-              <a
-                href={`/${org.name}/${project.name}`}
-                target="_blank"
-                class="text-sm text-blue-600 hover:underline"
-              >
-                {project.name}
-              </a>
-              <div class="flex gap-2">
-                <button
-                  class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100 disabled:opacity-50 disabled:cursor-not-allowed"
-                  disabled={actionInProgress ===
-                    `hibernate:${project.name}`}
-                  on:click={() =>
-                    handleHibernate(org.name ?? "", project.name ?? "")}
-                >
-                  {actionInProgress === `hibernate:${project.name}`
-                    ? "Hibernating..."
-                    : "Hibernate"}
-                </button>
-                <button
-                  class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 disabled:opacity-50 disabled:cursor-not-allowed"
-                  disabled={actionInProgress ===
-                    `redeploy:${project.name}`}
-                  on:click={() =>
-                    handleRedeploy(org.name ?? "", project.name ?? "")}
-                >
-                  {actionInProgress === `redeploy:${project.name}`
-                    ? "Redeploying..."
-                    : "Redeploy"}
-                </button>
-              </div>
-            </div>
-          {/each}
-        </div>
-      </section>
-    {/if}
-
-    <!-- Members list -->
-    {#if $membersQuery.isFetching}
-      <div class="flex items-center gap-2 py-4">
-        <div
-          class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-        />
-        <span class="text-sm text-slate-500">Loading members...</span>
-      </div>
-    {:else if $membersQuery.data?.members?.length}
-      <section
-        class="p-5 rounded-lg border border-slate-200"
-      >
-        <h2
-          class="text-sm font-semibold text-slate-900 mb-3"
-        >
-          Members ({$membersQuery.data.members.length})
-        </h2>
-        <table class="w-full">
-          <thead>
-            <tr>
-              <th
-                class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-              >
-                Email
-              </th>
-              <th
-                class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-              >
-                Role
-              </th>
-            </tr>
-          </thead>
-          <tbody>
-            {#each $membersQuery.data.members as member}
-              <tr>
-                <td
-                  class="px-4 py-2 text-sm text-slate-700 border-b border-slate-100 font-mono text-xs"
-                >
-                  {member.userEmail}
-                </td>
-                <td
-                  class="px-4 py-2 text-sm text-slate-700 border-b border-slate-100"
-                >
-                  {member.roleName}
-                </td>
-              </tr>
-            {/each}
-          </tbody>
-        </table>
-      </section>
-    {/if}
-  </div>
-{/if}
-
-<ConfirmDialog
-  bind:open={confirmOpen}
-  title={confirmTitle}
-  description={confirmDescription}
-  destructive={confirmDestructive}
-  onConfirm={confirmAction}
-/>
diff --git a/web-admin/src/routes/-/admin/projects/+page.svelte b/web-admin/src/routes/-/admin/projects/+page.svelte
deleted file mode 100644
index ce239fc3108..00000000000
--- a/web-admin/src/routes/-/admin/projects/+page.svelte
+++ /dev/null
@@ -1,272 +0,0 @@
-<!-- web-admin/src/routes/-/admin/projects/+page.svelte -->
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
-  import {
-    notifySuccess,
-    notifyError,
-  } from "@rilldata/web-admin/features/admin/shared/notify";
-  import SearchInput from "@rilldata/web-admin/features/admin/shared/SearchInput.svelte";
-  import { adminServiceGetProject } from "@rilldata/web-admin/client";
-  import {
-    searchProjects,
-    createUpdateProjectMutation,
-    createRedeployProjectMutation,
-    createHibernateProjectMutation,
-  } from "@rilldata/web-admin/features/admin/projects/selectors";
-
-  let searchQuery = "";
-  let confirmOpen = false;
-  let confirmTitle = "";
-  let confirmDescription = "";
-  let confirmDestructive = false;
-  let confirmAction: () => Promise<void> = async () => {};
-  let actionInProgress = "";
-
-  // Change Slots inline edit state
-  let slotsEditProject = "";
-  let slotsValue = "";
-  let slotsCurrentValue = "";
-  let slotsLoading = false;
-
-  const updateProject = createUpdateProjectMutation();
-  const redeployProject = createRedeployProjectMutation();
-  const hibernateProject = createHibernateProjectMutation();
-
-  $: projectsQuery = searchProjects(searchQuery);
-
-  function handleSearch(e: CustomEvent<string>) {
-    searchQuery = e.detail;
-  }
-
-  async function handleChangeSlots(name: string) {
-    const [org, project] = name.split("/");
-    slotsEditProject = name;
-    slotsValue = "";
-    slotsCurrentValue = "";
-    slotsLoading = true;
-    try {
-      const resp = await adminServiceGetProject(org, project, {
-        superuserForceAccess: true,
-      });
-      slotsCurrentValue = resp.project?.prodSlots ?? "";
-      slotsValue = slotsCurrentValue;
-    } catch {
-      slotsCurrentValue = "?";
-    } finally {
-      slotsLoading = false;
-    }
-  }
-
-  async function handleSaveSlots(name: string) {
-    const slots = parseInt(slotsValue, 10);
-    if (!slots || slots < 1) {
-      notifyError("Prod slots must be a positive integer");
-      return;
-    }
-    const [org, project] = name.split("/");
-    actionInProgress = `slots:${name}`;
-    try {
-      await $updateProject.mutateAsync({
-        org,
-        project,
-        data: { prodSlots: String(slots), superuserForceAccess: true },
-      });
-      notifySuccess(`Prod slots for ${name} set to ${slots}`);
-      slotsEditProject = "";
-      slotsValue = "";
-    } catch (err) {
-      notifyError(`Failed to update slots: ${err}`);
-    } finally {
-      actionInProgress = "";
-    }
-  }
-
-  function handleHibernate(name: string) {
-    const [org, project] = name.split("/");
-    confirmTitle = "Hibernate Project";
-    confirmDescription = `This will hibernate the deployment for ${name}. The project data will be preserved but the deployment will be stopped.`;
-    confirmDestructive = false;
-    confirmAction = async () => {
-      actionInProgress = `hibernate:${name}`;
-      try {
-        await $hibernateProject.mutateAsync({ org, project });
-        notifySuccess(`Project ${name} hibernated`);
-      } catch (err) {
-        notifyError(`Failed: ${err}`);
-      } finally {
-        actionInProgress = "";
-      }
-    };
-    confirmOpen = true;
-  }
-
-  function handleRedeploy(name: string) {
-    const [org, project] = name.split("/");
-    confirmTitle = "Redeploy Project";
-    confirmDescription = `This will completely redeploy ${name}. This is a disruptive operation.`;
-    confirmDestructive = true;
-    confirmAction = async () => {
-      actionInProgress = `redeploy:${name}`;
-      try {
-        await $redeployProject.mutateAsync({ org, project });
-        notifySuccess(`Project ${name} redeployed`);
-      } catch (err) {
-        notifyError(`Failed: ${err}`);
-      } finally {
-        actionInProgress = "";
-      }
-    };
-    confirmOpen = true;
-  }
-</script>
-
-<AdminPageHeader
-  title="Projects"
-  description="Search projects across all organizations. Change prod slots, hibernate, or redeploy."
-/>
-
-<div class="mb-4 max-w-md">
-  <SearchInput
-    placeholder="Search projects (e.g. org/project, min 3 chars)..."
-    on:search={handleSearch}
-  />
-</div>
-
-{#if $projectsQuery.isFetching && searchQuery.length >= 3}
-  <div class="flex items-center gap-2 py-4">
-    <div
-      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-    />
-    <span class="text-sm text-slate-500">Searching projects...</span>
-  </div>
-{:else if $projectsQuery.data?.names?.length}
-  <p class="text-xs text-slate-500 mb-2">
-    {$projectsQuery.data.names.length} result{$projectsQuery.data.names
-      .length === 1
-      ? ""
-      : "s"}
-  </p>
-  <table class="w-full">
-    <thead>
-      <tr>
-        <th
-          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-        >
-          Project
-        </th>
-        <th
-          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-        >
-          Actions
-        </th>
-      </tr>
-    </thead>
-    <tbody>
-      {#each $projectsQuery.data.names as name}
-        <tr class="group">
-          <td
-            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50 font-mono text-xs"
-          >
-            {name}
-          </td>
-          <td
-            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 group-hover:bg-slate-50"
-          >
-            <div class="flex gap-2 items-center">
-              <a
-                href={`/${name}`}
-                target="_blank"
-                class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100"
-              >
-                View
-              </a>
-              {#if slotsEditProject === name}
-                {#if slotsLoading}
-                  <span class="text-xs text-slate-400">Loading...</span>
-                {:else}
-                  <span class="text-xs text-slate-500"
-                    >Current: {slotsCurrentValue}</span
-                  >
-                  <span class="text-xs text-slate-500">New:</span>
-                  <input
-                    type="number"
-                    class="w-16 px-2 py-1 text-xs rounded border border-blue-400 bg-white text-slate-900 focus:outline-none focus:ring-1 focus:ring-blue-500"
-                    placeholder="slots"
-                    min="1"
-                    bind:value={slotsValue}
-                    on:keydown={(e) => {
-                      if (e.key === "Enter") handleSaveSlots(name);
-                      if (e.key === "Escape") {
-                        slotsEditProject = "";
-                        slotsValue = "";
-                      }
-                    }}
-                  />
-                  <button
-                    class="text-xs px-2 py-1 rounded border border-blue-400 text-blue-600 hover:bg-blue-50 disabled:opacity-50 disabled:cursor-not-allowed"
-                    disabled={actionInProgress === `slots:${name}` ||
-                      !slotsValue}
-                    on:click={() => handleSaveSlots(name)}
-                  >
-                    {actionInProgress === `slots:${name}`
-                      ? "Saving..."
-                      : "Save"}
-                  </button>
-                  <button
-                    class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-500 hover:bg-slate-100"
-                    on:click={() => {
-                      slotsEditProject = "";
-                      slotsValue = "";
-                    }}
-                  >
-                    Cancel
-                  </button>
-                {/if}
-              {:else}
-                <button
-                  class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100"
-                  on:click={() => handleChangeSlots(name)}
-                >
-                  Change Slots
-                </button>
-              {/if}
-              <button
-                class="text-xs px-2 py-1 rounded border border-slate-300 text-slate-600 hover:bg-slate-100 disabled:opacity-50 disabled:cursor-not-allowed"
-                disabled={actionInProgress === `hibernate:${name}`}
-                on:click={() => handleHibernate(name)}
-              >
-                {actionInProgress === `hibernate:${name}`
-                  ? "Hibernating..."
-                  : "Hibernate"}
-              </button>
-              <button
-                class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50 disabled:opacity-50 disabled:cursor-not-allowed"
-                disabled={actionInProgress === `redeploy:${name}`}
-                on:click={() => handleRedeploy(name)}
-              >
-                {actionInProgress === `redeploy:${name}`
-                  ? "Redeploying..."
-                  : "Redeploy"}
-              </button>
-            </div>
-          </td>
-        </tr>
-      {/each}
-    </tbody>
-  </table>
-{:else if searchQuery.length >= 3 && $projectsQuery.isSuccess}
-  <p class="text-sm text-slate-500">No projects found for "{searchQuery}"</p>
-{:else if searchQuery.length < 3}
-  <p class="text-sm text-slate-400">
-    Type at least 3 characters to search across all organizations.
-  </p>
-{/if}
-
-<ConfirmDialog
-  bind:open={confirmOpen}
-  title={confirmTitle}
-  description={confirmDescription}
-  destructive={confirmDestructive}
-  onConfirm={confirmAction}
-/>
diff --git a/web-admin/src/routes/-/admin/quotas/+page.svelte b/web-admin/src/routes/-/admin/quotas/+page.svelte
deleted file mode 100644
index e72589ea66c..00000000000
--- a/web-admin/src/routes/-/admin/quotas/+page.svelte
+++ /dev/null
@@ -1,181 +0,0 @@
-<!-- web-admin/src/routes/-/admin/quotas/+page.svelte -->
-<script lang="ts">
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import OrgSearchInput from "@rilldata/web-admin/features/admin/shared/OrgSearchInput.svelte";
-  import {
-    notifySuccess,
-    notifyError,
-  } from "@rilldata/web-admin/features/admin/shared/notify";
-  import {
-    getOrgForQuotas,
-    createUpdateOrgQuotasMutation,
-  } from "@rilldata/web-admin/features/admin/quotas/selectors";
-  import { useQueryClient } from "@tanstack/svelte-query";
-
-  let orgValue = "";
-  let activeOrg = "";
-
-  const queryClient = useQueryClient();
-  const updateOrgQuotas = createUpdateOrgQuotasMutation();
-
-  // Quota fields for editing
-  let projects = "";
-  let deployments = "";
-  let slotsTotal = "";
-  let slotsPerDeployment = "";
-  let outstandingInvites = "";
-  let storageLimitBytes = "";
-
-  $: orgQuery = getOrgForQuotas(activeOrg);
-
-  function handleOrgSelect(e: CustomEvent<string>) {
-    activeOrg = e.detail;
-  }
-
-  // Populate fields when org data loads
-  $: if ($orgQuery.data?.organization?.quotas) {
-    const q = $orgQuery.data.organization.quotas;
-    projects = q.projects != null ? String(q.projects) : "";
-    deployments = q.deployments != null ? String(q.deployments) : "";
-    slotsTotal = q.slotsTotal != null ? String(q.slotsTotal) : "";
-    slotsPerDeployment = q.slotsPerDeployment != null ? String(q.slotsPerDeployment) : "";
-    outstandingInvites = q.outstandingInvites != null ? String(q.outstandingInvites) : "";
-    storageLimitBytes = q.storageLimitBytesPerDeployment ?? "";
-  }
-
-  async function handleSaveQuotas() {
-    try {
-      await $updateOrgQuotas.mutateAsync({
-        data: {
-          org: activeOrg,
-          projects: projects ? Number(projects) : undefined,
-          deployments: deployments ? Number(deployments) : undefined,
-          slotsTotal: slotsTotal ? Number(slotsTotal) : undefined,
-          slotsPerDeployment: slotsPerDeployment ? Number(slotsPerDeployment) : undefined,
-          outstandingInvites: outstandingInvites ? Number(outstandingInvites) : undefined,
-          storageLimitBytesPerDeployment: storageLimitBytes ? storageLimitBytes : undefined,
-        },
-      });
-      notifySuccess(`Quotas updated for org: ${activeOrg}`);
-      await queryClient.invalidateQueries({
-        predicate: (q) =>
-          (q.queryKey[0] as string)?.includes("/v1/superuser/quotas") ||
-          (q.queryKey[0] as string)?.includes("/v1/organizations"),
-      });
-    } catch (err) {
-      notifyError(`Failed to update quotas: ${err}`);
-    }
-  }
-</script>
-
-<AdminPageHeader
-  title="Quotas"
-  description="View and adjust resource quotas for organizations."
-/>
-
-<div class="flex flex-col gap-6">
-  <section class="p-5 rounded-lg border border-slate-200">
-    <div class="flex gap-3 items-center flex-wrap mb-4">
-      <div class="w-64">
-        <OrgSearchInput
-          bind:value={orgValue}
-          placeholder="Search organization..."
-          on:select={handleOrgSelect}
-        />
-      </div>
-    </div>
-
-    {#if activeOrg && $orgQuery.isFetching}
-      <div class="flex items-center gap-2 py-4">
-        <div
-          class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-        />
-        <span class="text-sm text-slate-500">Loading quotas...</span>
-      </div>
-    {:else if activeOrg && $orgQuery.data?.organization}
-      <div class="grid grid-cols-2 lg:grid-cols-3 gap-4">
-        <div class="flex flex-col gap-1">
-          <label
-            class="text-xs font-medium text-slate-500"
-            for="projects">Projects</label
-          >
-          <input
-            id="projects"
-            type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-            bind:value={projects}
-          />
-        </div>
-        <div class="flex flex-col gap-1">
-          <label
-            class="text-xs font-medium text-slate-500"
-            for="deployments">Deployments</label
-          >
-          <input
-            id="deployments"
-            type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-            bind:value={deployments}
-          />
-        </div>
-        <div class="flex flex-col gap-1">
-          <label
-            class="text-xs font-medium text-slate-500"
-            for="slotsTotal">Total Slots</label
-          >
-          <input
-            id="slotsTotal"
-            type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-            bind:value={slotsTotal}
-          />
-        </div>
-        <div class="flex flex-col gap-1">
-          <label
-            class="text-xs font-medium text-slate-500"
-            for="slotsPerDeployment">Slots per Deployment</label
-          >
-          <input
-            id="slotsPerDeployment"
-            type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-            bind:value={slotsPerDeployment}
-          />
-        </div>
-        <div class="flex flex-col gap-1">
-          <label
-            class="text-xs font-medium text-slate-500"
-            for="outstandingInvites">Outstanding Invites</label
-          >
-          <input
-            id="outstandingInvites"
-            type="number"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-            bind:value={outstandingInvites}
-          />
-        </div>
-        <div class="flex flex-col gap-1">
-          <label
-            class="text-xs font-medium text-slate-500"
-            for="storageLimitBytes">Storage Limit (bytes)</label
-          >
-          <input
-            id="storageLimitBytes"
-            type="text"
-            class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-            bind:value={storageLimitBytes}
-          />
-        </div>
-      </div>
-
-      <div class="mt-4">
-        <button
-          class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap"
-          on:click={handleSaveQuotas}
-        >
-          Save Quotas
-        </button>
-      </div>
-    {/if}
-  </section>
-</div>
diff --git a/web-admin/src/routes/-/admin/superusers/+page.svelte b/web-admin/src/routes/-/admin/superusers/+page.svelte
deleted file mode 100644
index 8847396ae8a..00000000000
--- a/web-admin/src/routes/-/admin/superusers/+page.svelte
+++ /dev/null
@@ -1,165 +0,0 @@
-<!-- web-admin/src/routes/-/admin/superusers/+page.svelte -->
-<script lang="ts">
-  import {
-    createAdminServiceListSuperusers,
-    createAdminServiceSetSuperuser,
-  } from "@rilldata/web-admin/client";
-  import AdminPageHeader from "@rilldata/web-admin/features/admin/layout/AdminPageHeader.svelte";
-  import ConfirmDialog from "@rilldata/web-admin/features/admin/shared/ConfirmDialog.svelte";
-  import {
-    notifySuccess,
-    notifyError,
-  } from "@rilldata/web-admin/features/admin/shared/notify";
-  import { useQueryClient } from "@tanstack/svelte-query";
-
-  let newEmail = "";
-  let addLoading = false;
-  let confirmOpen = false;
-  let confirmTitle = "";
-  let confirmDescription = "";
-  let confirmDestructive = false;
-  let confirmAction: () => Promise<void> = async () => {};
-
-  const queryClient = useQueryClient();
-  const superusersQuery = createAdminServiceListSuperusers();
-  const setSuperuser = createAdminServiceSetSuperuser();
-
-  async function handleAdd() {
-    if (!newEmail) return;
-    addLoading = true;
-    try {
-      await $setSuperuser.mutateAsync({ data: { email: newEmail, superuser: true } });
-      notifySuccess( `${newEmail} added as superuser`);
-      newEmail = "";
-      await queryClient.invalidateQueries({
-        predicate: (q) =>
-          (q.queryKey[0] as string)?.includes("/v1/superuser"),
-      });
-    } catch (err) {
-      notifyError( `Failed: ${err}`);
-    } finally {
-      addLoading = false;
-    }
-  }
-
-  function handleRemove(email: string) {
-    confirmTitle = "Remove Superuser";
-    confirmDescription = `Remove superuser access for ${email}? They will lose access to this admin console.`;
-    confirmDestructive = true;
-    confirmAction = async () => {
-      try {
-        await $setSuperuser.mutateAsync({ data: { email, superuser: false } });
-        notifySuccess( `${email} removed as superuser`);
-        await queryClient.invalidateQueries({
-          predicate: (q) =>
-            (q.queryKey[0] as string)?.includes("/v1/superuser"),
-        });
-      } catch (err) {
-        notifyError( `Failed: ${err}`);
-      }
-    };
-    confirmOpen = true;
-  }
-</script>
-
-<AdminPageHeader
-  title="Superusers"
-  description="Manage who has superuser (super admin) access across all of Rill Cloud."
-/>
-
-<div class="p-5 rounded-lg border border-slate-200 mb-6">
-  <h2 class="text-sm font-semibold text-slate-900 mb-3">
-    Add Superuser
-  </h2>
-  <div class="flex gap-3 items-center flex-wrap">
-    <input
-      type="email"
-      class="px-3 py-2 text-sm rounded-md border border-slate-300 bg-slate-50 text-slate-900 placeholder:text-slate-400 focus:outline-none focus:ring-2 focus:ring-blue-500"
-      placeholder="Email address"
-      bind:value={newEmail}
-      on:keydown={(e) => e.key === "Enter" && handleAdd()}
-    />
-    <button
-      class="px-4 py-2 text-sm rounded-md bg-blue-600 text-white hover:bg-blue-700 whitespace-nowrap flex items-center gap-2 disabled:opacity-50 disabled:cursor-not-allowed"
-      on:click={handleAdd}
-      disabled={addLoading || !newEmail}
-    >
-      {#if addLoading}
-        <span
-          class="inline-block w-3 h-3 border-2 border-white/30 border-t-white rounded-full animate-spin"
-        />
-        Adding...
-      {:else}
-        Add Superuser
-      {/if}
-    </button>
-  </div>
-</div>
-
-{#if $superusersQuery.isFetching}
-  <div class="flex items-center gap-2 py-4">
-    <div
-      class="w-4 h-4 border-2 border-slate-300 border-t-blue-600 rounded-full animate-spin"
-    />
-    <span class="text-sm text-slate-500">Loading superusers...</span>
-  </div>
-{:else if $superusersQuery.data?.users?.length}
-  <p class="text-xs text-slate-500 mb-2">
-    {$superusersQuery.data.users.length} superuser{$superusersQuery.data.users.length === 1 ? "" : "s"}
-  </p>
-  <table class="w-full">
-    <thead>
-      <tr>
-        <th
-          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-        >
-          Email
-        </th>
-        <th
-          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-        >
-          Display Name
-        </th>
-        <th
-          class="text-left text-xs font-medium text-slate-500 uppercase tracking-wider px-4 py-2 border-b border-slate-200"
-        >
-          Actions
-        </th>
-      </tr>
-    </thead>
-    <tbody>
-      {#each $superusersQuery.data.users as user}
-        <tr>
-          <td
-            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100 font-mono text-xs"
-          >
-            {user.email}
-          </td>
-          <td
-            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100"
-          >
-            {user.displayName ?? "-"}
-          </td>
-          <td
-            class="px-4 py-3 text-sm text-slate-700 border-b border-slate-100"
-          >
-            <button
-              class="text-xs px-2 py-1 rounded border border-red-300 text-red-600 hover:bg-red-50"
-              on:click={() => handleRemove(user.email ?? "")}
-            >
-              Remove
-            </button>
-          </td>
-        </tr>
-      {/each}
-    </tbody>
-  </table>
-{/if}
-
-<ConfirmDialog
-  bind:open={confirmOpen}
-  title={confirmTitle}
-  description={confirmDescription}
-  destructive={confirmDestructive}
-  onConfirm={confirmAction}
-/>
diff --git a/web-admin/src/routes/-/superuser/+layout.svelte b/web-admin/src/routes/-/superuser/+layout.svelte
new file mode 100644
index 00000000000..8d3faf4dc5e
--- /dev/null
+++ b/web-admin/src/routes/-/superuser/+layout.svelte
@@ -0,0 +1,14 @@
+<script lang="ts">
+  import SuperuserSidebar from "@rilldata/web-admin/features/superuser/layout/SuperuserSidebar.svelte";
+</script>
+
+<svelte:head>
+  <title>Superuser Console | Rill</title>
+</svelte:head>
+
+<div class="flex h-screen overflow-hidden bg-surface-base">
+  <SuperuserSidebar />
+  <div class="flex-1 overflow-y-auto p-8">
+    <slot />
+  </div>
+</div>
diff --git a/web-admin/src/routes/-/admin/+layout.ts b/web-admin/src/routes/-/superuser/+layout.ts
similarity index 96%
rename from web-admin/src/routes/-/admin/+layout.ts
rename to web-admin/src/routes/-/superuser/+layout.ts
index 7dd63351c0b..623c81e334d 100644
--- a/web-admin/src/routes/-/admin/+layout.ts
+++ b/web-admin/src/routes/-/superuser/+layout.ts
@@ -1,4 +1,4 @@
-// web-admin/src/routes/-/admin/+layout.ts
+// Superuser console layout guard: verifies the current user is a superuser
 import {
   adminServiceGetCurrentUser,
   adminServiceListSuperusers,
diff --git a/web-admin/src/routes/-/superuser/+page.svelte b/web-admin/src/routes/-/superuser/+page.svelte
new file mode 100644
index 00000000000..4b8e85d9841
--- /dev/null
+++ b/web-admin/src/routes/-/superuser/+page.svelte
@@ -0,0 +1,182 @@
+<script lang="ts">
+  import SuperuserPageHeader from "@rilldata/web-admin/features/superuser/layout/SuperuserPageHeader.svelte";
+  import SearchInput from "@rilldata/web-admin/features/superuser/shared/SearchInput.svelte";
+  import { Button } from "@rilldata/web-common/components/button";
+  import {
+    AlertDialog,
+    AlertDialogContent,
+    AlertDialogDescription,
+    AlertDialogFooter,
+    AlertDialogHeader,
+    AlertDialogTitle,
+  } from "@rilldata/web-common/components/alert-dialog";
+  import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+  import {
+    searchUsers,
+    createDeleteUserMutation,
+  } from "@rilldata/web-admin/features/superuser/users/selectors";
+  import { assumedUser } from "@rilldata/web-admin/features/superuser/users/assume-state";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let searchQuery = "";
+  let dialogOpen = false;
+  let dialogTitle = "";
+  let dialogDescription = "";
+  let dialogDestructive = false;
+  let dialogAction: () => Promise<void> = async () => {};
+  let dialogLoading = false;
+  let actionInProgress = "";
+
+  const queryClient = useQueryClient();
+  const deleteUser = createDeleteUserMutation();
+
+  $: usersQuery = searchUsers(searchQuery);
+
+  function handleSearch(e: CustomEvent<string>) {
+    searchQuery = e.detail;
+  }
+
+  function handleAssume(email: string) {
+    dialogTitle = "Open as User";
+    dialogDescription = `You will start browsing Rill Cloud as ${email}. The session will expire after 60 minutes. Use the banner to unassume when done.`;
+    dialogDestructive = false;
+    dialogAction = async () => {
+      assumedUser.assume(email);
+    };
+    dialogOpen = true;
+  }
+
+  function handleUnassume() {
+    assumedUser.unassume();
+  }
+
+  function handleDelete(email: string) {
+    dialogTitle = "Delete User";
+    dialogDescription = `This will permanently delete the user ${email}. This action cannot be undone.`;
+    dialogDestructive = true;
+    dialogAction = async () => {
+      actionInProgress = `delete:${email}`;
+      try {
+        await $deleteUser.mutateAsync({ email });
+        eventBus.emit("notification", { type: "success", message: `User ${email} deleted` });
+        await queryClient.invalidateQueries({
+          predicate: (q) => q.queryKey[0] === "/v1/users/search",
+        });
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed to delete user: ${err}` });
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    dialogOpen = true;
+  }
+
+  async function handleConfirm() {
+    dialogLoading = true;
+    try {
+      await dialogAction();
+      dialogOpen = false;
+    } catch {
+      // Keep dialog open for retry
+    } finally {
+      dialogLoading = false;
+    }
+  }
+</script>
+
+<SuperuserPageHeader
+  title="Users"
+  description="Search for users by email across all organizations."
+/>
+
+{#if $assumedUser}
+  <div
+    class="flex items-center gap-3 mb-4 px-4 py-2 rounded-md bg-yellow-100 border border-yellow-300 text-yellow-800 text-sm"
+  >
+    <span>Currently assumed as <strong>{$assumedUser}</strong></span>
+    <Button large class="font-normal" type="tertiary" onClick={handleUnassume}>Unassume</Button>
+  </div>
+{/if}
+
+<div class="mb-4 max-w-md">
+  <SearchInput
+    placeholder="Search by email (min 3 characters)..."
+    on:search={handleSearch}
+  />
+</div>
+
+{#if $usersQuery.isFetching && searchQuery.length >= 3}
+  <p class="text-sm text-fg-secondary py-4">Searching users...</p>
+{:else if $usersQuery.data?.users?.length}
+  <p class="text-sm text-fg-secondary mb-2">
+    {$usersQuery.data.users.length} result{$usersQuery.data.users.length === 1
+      ? ""
+      : "s"}
+  </p>
+  <div class="rounded-lg border overflow-hidden">
+    <table class="w-full border-collapse">
+      <thead>
+        <tr>
+          <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Email</th>
+          <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Display Name</th>
+          <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Created</th>
+          <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Actions</th>
+        </tr>
+      </thead>
+      <tbody>
+        {#each $usersQuery.data.users as user}
+          {@const isAssumed = $assumedUser === user.email}
+          <tr>
+            <td class="px-4 py-3 text-sm font-mono text-fg-primary border-b">{user.email}</td>
+            <td class="px-4 py-3 text-sm text-fg-primary border-b">{user.displayName ?? "-"}</td>
+            <td class="px-4 py-3 text-sm text-fg-secondary border-b">
+              {user.createdOn ? new Date(user.createdOn).toLocaleDateString() : "-"}
+            </td>
+            <td class="px-4 py-3 text-sm text-fg-primary border-b">
+              <div class="flex gap-2">
+                {#if isAssumed}
+                  <Button large class="font-normal" type="tertiary" onClick={handleUnassume}>Unassume</Button>
+                {:else}
+                  <Button large class="font-normal" type="tertiary" onClick={() => handleAssume(user.email ?? "")}>Open as User</Button>
+                {/if}
+                <Button large class="font-normal"
+                  type="secondary-destructive"
+                                   disabled={actionInProgress === `delete:${user.email}`}
+                  loading={actionInProgress === `delete:${user.email}`}
+                  onClick={() => handleDelete(user.email ?? "")}
+                >
+                  Delete
+                </Button>
+              </div>
+            </td>
+          </tr>
+        {/each}
+      </tbody>
+    </table>
+  </div>
+{:else if searchQuery.length >= 3 && $usersQuery.isSuccess}
+  <p class="text-sm text-fg-secondary">No users found for "{searchQuery}"</p>
+{:else if searchQuery.length < 3}
+  <p class="text-sm text-fg-muted">
+    Type at least 3 characters to search across all organizations.
+  </p>
+{/if}
+
+<AlertDialog bind:open={dialogOpen}>
+  <AlertDialogContent>
+    <AlertDialogHeader>
+      <AlertDialogTitle>{dialogTitle}</AlertDialogTitle>
+      <AlertDialogDescription>{dialogDescription}</AlertDialogDescription>
+    </AlertDialogHeader>
+    <AlertDialogFooter>
+      <Button large class="font-normal" type="tertiary" onClick={() => (dialogOpen = false)}>Cancel</Button>
+      <Button large class="font-normal"
+        type={dialogDestructive ? "destructive" : "primary"}
+        onClick={handleConfirm}
+        loading={dialogLoading}
+      >
+        Confirm
+      </Button>
+    </AlertDialogFooter>
+  </AlertDialogContent>
+</AlertDialog>
diff --git a/web-admin/src/routes/-/superuser/billing/+page.svelte b/web-admin/src/routes/-/superuser/billing/+page.svelte
new file mode 100644
index 00000000000..05c519ddf8a
--- /dev/null
+++ b/web-admin/src/routes/-/superuser/billing/+page.svelte
@@ -0,0 +1,252 @@
+<script lang="ts">
+  import SuperuserPageHeader from "@rilldata/web-admin/features/superuser/layout/SuperuserPageHeader.svelte";
+  import OrgPicker from "@rilldata/web-admin/features/superuser/shared/OrgPicker.svelte";
+  import { Button } from "@rilldata/web-common/components/button";
+  import {
+    AlertDialog,
+    AlertDialogContent,
+    AlertDialogDescription,
+    AlertDialogFooter,
+    AlertDialogHeader,
+    AlertDialogTitle,
+  } from "@rilldata/web-common/components/alert-dialog";
+  import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+  import type { V1BillingIssueType } from "@rilldata/web-admin/client";
+  import {
+    getBillingSetupURL,
+    createExtendTrialMutation,
+    createDeleteBillingIssueMutation,
+    getBillingIssues,
+  } from "@rilldata/web-admin/features/superuser/billing/selectors";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  // Billing Setup state
+  let setupOrg = "";
+  let setupLoading = false;
+  let setupUrl = "";
+
+  // Extend Trial state
+  let trialOrg = "";
+  let trialDays = 14;
+  let trialLoading = false;
+
+  // Billing Issues state
+  let issuesOrg = "";
+
+  // Confirmation dialog state
+  let dialogOpen = false;
+  let dialogTitle = "";
+  let dialogDescription = "";
+  let dialogDestructive = false;
+  let dialogAction: () => Promise<void> = async () => {};
+  let dialogLoading = false;
+
+  const queryClient = useQueryClient();
+  const extendTrial = createExtendTrialMutation();
+  const deleteBillingIssue = createDeleteBillingIssueMutation();
+
+  $: billingIssuesQuery = getBillingIssues(issuesOrg);
+
+  async function handleBillingSetup() {
+    if (!setupOrg) return;
+    setupLoading = true;
+    setupUrl = "";
+    try {
+      const url = await getBillingSetupURL(setupOrg);
+      if (url) {
+        setupUrl = url;
+        eventBus.emit("notification", { type: "success", message: `Billing setup URL generated for ${setupOrg}` });
+      } else {
+        eventBus.emit("notification", { type: "error", message: "No URL returned; check the org name." });
+      }
+    } catch (err) {
+      eventBus.emit("notification", { type: "error", message: `Failed to generate billing setup URL: ${err}` });
+    } finally {
+      setupLoading = false;
+    }
+  }
+
+  function confirmExtendTrial() {
+    if (!trialOrg) return;
+    dialogTitle = "Extend Trial";
+    dialogDescription = `This will extend the trial for "${trialOrg}" by ${trialDays} day${trialDays === 1 ? "" : "s"}.`;
+    dialogDestructive = false;
+    dialogAction = async () => {
+      trialLoading = true;
+      try {
+        await $extendTrial.mutateAsync({
+          data: { org: trialOrg, days: trialDays },
+        });
+        eventBus.emit("notification", { type: "success", message: `Trial extended by ${trialDays} days for ${trialOrg}` });
+        trialOrg = "";
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed to extend trial: ${err}` });
+      } finally {
+        trialLoading = false;
+      }
+    };
+    dialogOpen = true;
+  }
+
+  function confirmDeleteIssue(org: string, type: V1BillingIssueType) {
+    dialogTitle = "Delete Billing Issue";
+    dialogDescription = `This will delete the billing issue "${type}" for "${org}". This action cannot be undone.`;
+    dialogDestructive = true;
+    dialogAction = async () => {
+      try {
+        await $deleteBillingIssue.mutateAsync({ org, type });
+        eventBus.emit("notification", { type: "success", message: `Billing issue "${type}" deleted for ${org}` });
+        await queryClient.invalidateQueries({
+          predicate: (q) =>
+            (q.queryKey[0] as string)?.includes("/v1/organizations") ||
+            (q.queryKey[0] as string)?.includes("/v1/superuser/billing"),
+        });
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed to delete billing issue: ${err}` });
+      }
+    };
+    dialogOpen = true;
+  }
+
+  async function handleConfirm() {
+    dialogLoading = true;
+    try {
+      await dialogAction();
+      dialogOpen = false;
+    } catch {
+      // Keep open for retry
+    } finally {
+      dialogLoading = false;
+    }
+  }
+</script>
+
+<SuperuserPageHeader
+  title="Billing"
+  description="Generate billing setup links, extend trials, and manage billing issues."
+/>
+
+<div class="flex flex-col gap-6 pb-12">
+  <!-- Billing Setup -->
+  <section class="p-5 rounded-lg border border-primary-200 bg-primary-50/50">
+    <h2 class="text-sm font-semibold text-fg-primary mb-1">Billing Setup</h2>
+    <p class="text-sm text-fg-secondary mb-4">
+      Generate a Stripe checkout page link for an organization to enter their billing information.
+    </p>
+    <div class="flex gap-3 items-center flex-wrap">
+      <div class="w-64">
+        <OrgPicker bind:value={setupOrg} />
+      </div>
+      <Button large class="font-normal"
+        type="primary"
+        onClick={handleBillingSetup}
+        disabled={setupLoading || !setupOrg}
+        loading={setupLoading}
+      >
+        Generate Setup Link
+      </Button>
+    </div>
+    {#if setupUrl}
+      <div class="mt-4 flex flex-col gap-1">
+        <span class="text-sm text-fg-secondary">Share this link with the customer:</span>
+        <div class="flex items-center gap-2 p-3 rounded-md bg-surface-subtle border">
+          <a
+            href={setupUrl}
+            target="_blank"
+            rel="noreferrer"
+            class="flex-1 text-sm text-accent-primary-action break-all hover:underline"
+          >
+            {setupUrl}
+          </a>
+          <Button large class="font-normal"
+            type="tertiary"
+            onClick={() => {
+              navigator.clipboard.writeText(setupUrl);
+              eventBus.emit("notification", { type: "success", message: "URL copied to clipboard" });
+            }}
+          >
+            Copy
+          </Button>
+        </div>
+      </div>
+    {/if}
+  </section>
+
+  <!-- Extend Trial -->
+  <section class="p-5 rounded-lg border">
+    <h2 class="text-sm font-semibold text-fg-primary mb-1">Extend Trial</h2>
+    <p class="text-sm text-fg-secondary mb-4">Add days to an organization's trial period.</p>
+    <div class="flex gap-3 items-center flex-wrap">
+      <div class="w-64">
+        <OrgPicker bind:value={trialOrg} />
+      </div>
+      <input
+        type="number"
+        class="w-24 px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500 focus:border-transparent"
+        min="1"
+        max="30"
+        bind:value={trialDays}
+      />
+      <Button large class="font-normal"
+        type="primary"
+        onClick={confirmExtendTrial}
+        disabled={trialLoading || !trialOrg}
+        loading={trialLoading}
+      >
+        Extend Trial
+      </Button>
+    </div>
+  </section>
+
+  <!-- Billing Issues -->
+  <section class="p-5 rounded-lg border">
+    <h2 class="text-sm font-semibold text-fg-primary mb-1">Billing Issues</h2>
+    <p class="text-sm text-fg-secondary mb-4">View and resolve billing issues for an organization.</p>
+    <div class="flex gap-3 items-center flex-wrap mb-4">
+      <div class="w-64">
+        <OrgPicker bind:value={issuesOrg} />
+      </div>
+    </div>
+    {#if $billingIssuesQuery.isFetching}
+      <p class="text-sm text-fg-secondary py-2">Loading issues...</p>
+    {:else if $billingIssuesQuery.data?.issues?.length}
+      <div class="flex flex-col gap-2">
+        {#each $billingIssuesQuery.data.issues as issue}
+          <div class="flex items-center justify-between px-3 py-2 rounded bg-surface-subtle">
+            <div>
+              <span class="text-sm font-mono text-fg-primary">{issue.type}</span>
+              <span class="text-sm text-fg-secondary ml-2">{issue.metadata ?? ""}</span>
+            </div>
+            <Button large class="font-normal"
+              type="secondary-destructive"
+              onClick={() => confirmDeleteIssue(issuesOrg, issue.type ?? "BILLING_ISSUE_TYPE_UNSPECIFIED")}
+            >
+              Delete Issue
+            </Button>
+          </div>
+        {/each}
+      </div>
+    {:else if issuesOrg && $billingIssuesQuery.isSuccess}
+      <p class="text-sm text-fg-secondary">No billing issues found.</p>
+    {/if}
+  </section>
+</div>
+
+<AlertDialog bind:open={dialogOpen}>
+  <AlertDialogContent>
+    <AlertDialogHeader>
+      <AlertDialogTitle>{dialogTitle}</AlertDialogTitle>
+      <AlertDialogDescription>{dialogDescription}</AlertDialogDescription>
+    </AlertDialogHeader>
+    <AlertDialogFooter>
+      <Button large class="font-normal" type="tertiary" onClick={() => (dialogOpen = false)}>Cancel</Button>
+      <Button large class="font-normal"
+        type={dialogDestructive ? "destructive" : "primary"}
+        onClick={handleConfirm}
+        loading={dialogLoading}
+      >
+        Confirm
+      </Button>
+    </AlertDialogFooter>
+  </AlertDialogContent>
+</AlertDialog>
diff --git a/web-admin/src/routes/-/superuser/organizations/+page.svelte b/web-admin/src/routes/-/superuser/organizations/+page.svelte
new file mode 100644
index 00000000000..4145de958a0
--- /dev/null
+++ b/web-admin/src/routes/-/superuser/organizations/+page.svelte
@@ -0,0 +1,244 @@
+<script lang="ts">
+  import SuperuserPageHeader from "@rilldata/web-admin/features/superuser/layout/SuperuserPageHeader.svelte";
+  import OrgPicker from "@rilldata/web-admin/features/superuser/shared/OrgPicker.svelte";
+  import { Button } from "@rilldata/web-common/components/button";
+  import {
+    AlertDialog,
+    AlertDialogContent,
+    AlertDialogDescription,
+    AlertDialogFooter,
+    AlertDialogHeader,
+    AlertDialogTitle,
+  } from "@rilldata/web-common/components/alert-dialog";
+  import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+  import {
+    getOrganization,
+    getOrgMembers,
+    getOrgProjects,
+    createDeleteOrgMutation,
+  } from "@rilldata/web-admin/features/superuser/organizations/selectors";
+  import {
+    createRedeployProjectMutation,
+    createHibernateProjectMutation,
+  } from "@rilldata/web-admin/features/superuser/projects/selectors";
+
+  let selectedOrg = "";
+  let dialogOpen = false;
+  let dialogTitle = "";
+  let dialogDescription = "";
+  let dialogDestructive = false;
+  let dialogAction: () => Promise<void> = async () => {};
+  let dialogLoading = false;
+  let actionInProgress = "";
+
+  const redeployProject = createRedeployProjectMutation();
+  const hibernateProject = createHibernateProjectMutation();
+  const deleteOrg = createDeleteOrgMutation();
+
+  // Load details for the selected org
+  $: orgQuery = getOrganization(selectedOrg);
+  $: membersQuery = getOrgMembers(selectedOrg);
+  $: projectsQuery = getOrgProjects(selectedOrg);
+
+  function handleDeleteOrg(orgName: string) {
+    dialogTitle = "Delete Organization";
+    dialogDescription = `This will permanently delete "${orgName}" and all its projects, members, and data. This action cannot be undone.`;
+    dialogDestructive = true;
+    dialogAction = async () => {
+      try {
+        await $deleteOrg.mutateAsync({ org: orgName });
+        eventBus.emit("notification", { type: "success", message: `Organization "${orgName}" deleted` });
+        selectedOrg = "";
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed to delete organization: ${err}` });
+      }
+    };
+    dialogOpen = true;
+  }
+
+  function handleHibernate(orgName: string, projectName: string) {
+    dialogTitle = "Hibernate Project";
+    dialogDescription = `This will hibernate the deployment for ${orgName}/${projectName}. The project data will be preserved but the deployment will be stopped.`;
+    dialogDestructive = false;
+    dialogAction = async () => {
+      actionInProgress = `hibernate:${projectName}`;
+      try {
+        await $hibernateProject.mutateAsync({ org: orgName, project: projectName });
+        eventBus.emit("notification", { type: "success", message: `Project ${orgName}/${projectName} hibernated` });
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed: ${err}` });
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    dialogOpen = true;
+  }
+
+  function handleRedeploy(orgName: string, projectName: string) {
+    dialogTitle = "Redeploy Project";
+    dialogDescription = `This will completely redeploy ${orgName}/${projectName}. This is a disruptive operation.`;
+    dialogDestructive = true;
+    dialogAction = async () => {
+      actionInProgress = `redeploy:${projectName}`;
+      try {
+        await $redeployProject.mutateAsync({ org: orgName, project: projectName });
+        eventBus.emit("notification", { type: "success", message: `Project ${orgName}/${projectName} redeployed` });
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed: ${err}` });
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    dialogOpen = true;
+  }
+
+  async function handleConfirm() {
+    dialogLoading = true;
+    try {
+      await dialogAction();
+      dialogOpen = false;
+    } catch {
+      // Keep open for retry
+    } finally {
+      dialogLoading = false;
+    }
+  }
+</script>
+
+<SuperuserPageHeader
+  title="Organizations"
+  description="Search for any organization by name to view details, members, and projects."
+/>
+
+<div class="mb-6 max-w-lg">
+  <OrgPicker bind:value={selectedOrg} placeholder="Search organizations (min 3 characters)..." />
+</div>
+
+<!-- Selected org details -->
+{#if selectedOrg}
+  {#if $orgQuery.isFetching}
+    <p class="text-sm text-fg-secondary py-4">Loading organization...</p>
+  {:else if $orgQuery.isError}
+    <p class="text-sm text-destructive">
+      Organization "{selectedOrg}" not found or access denied.
+    </p>
+  {:else if $orgQuery.data?.organization}
+    {@const org = $orgQuery.data.organization}
+    <div class="flex flex-col gap-4">
+      <section class="p-5 rounded-lg border">
+        <div class="flex items-center justify-between mb-3">
+          <h2 class="text-sm font-semibold text-fg-primary">Organization Details</h2>
+          <Button large class="font-normal"
+            type="destructive"
+            onClick={() => handleDeleteOrg(org.name ?? "")}
+          >
+            Delete Organization
+          </Button>
+        </div>
+        <div class="grid grid-cols-2 lg:grid-cols-4 gap-3">
+          {#each [
+            { label: "ID", value: org.id, mono: true },
+            { label: "Name", value: org.name },
+            { label: "Display Name", value: org.displayName ?? "-" },
+            { label: "Description", value: org.description ?? "-" },
+            { label: "Billing Plan", value: org.billingPlanDisplayName ?? "-" },
+            { label: "Billing Customer ID", value: org.billingCustomerId ?? "-", mono: true },
+            { label: "Custom Domain", value: org.customDomain ?? "None" },
+            { label: "Created", value: org.createdOn ? new Date(org.createdOn).toLocaleDateString() : "-" },
+          ] as field}
+            <div class="flex flex-col">
+              <span class="text-sm text-fg-secondary uppercase tracking-wider">{field.label}</span>
+              <span class="text-sm text-fg-primary" class:font-mono={field.mono}>{field.value}</span>
+            </div>
+          {/each}
+        </div>
+      </section>
+
+      <!-- Projects list -->
+      {#if $projectsQuery.data?.projects?.length}
+        <section class="p-5 rounded-lg border">
+          <h2 class="text-sm font-semibold text-fg-primary mb-3">
+            Projects ({$projectsQuery.data.projects.length})
+          </h2>
+          <div class="flex flex-col gap-1">
+            {#each $projectsQuery.data.projects as project}
+              <div class="flex items-center justify-between px-3 py-2 rounded bg-surface-subtle">
+                <a
+                  href={`/${org.name}/${project.name}`}
+                  target="_blank"
+                  class="text-sm text-accent-primary-action hover:underline"
+                >
+                  {project.name}
+                </a>
+                <div class="flex gap-2">
+                  <Button large class="font-normal"
+                    type="tertiary"
+                    disabled={actionInProgress === `hibernate:${project.name}`}
+                    loading={actionInProgress === `hibernate:${project.name}`}
+                    onClick={() => handleHibernate(org.name ?? "", project.name ?? "")}
+                  >
+                    Hibernate
+                  </Button>
+                  <Button large class="font-normal"
+                    type="secondary-destructive"
+                    disabled={actionInProgress === `redeploy:${project.name}`}
+                    loading={actionInProgress === `redeploy:${project.name}`}
+                    onClick={() => handleRedeploy(org.name ?? "", project.name ?? "")}
+                  >
+                    Redeploy
+                  </Button>
+                </div>
+              </div>
+            {/each}
+          </div>
+        </section>
+      {/if}
+
+      <!-- Members list -->
+      {#if $membersQuery.isFetching}
+        <p class="text-sm text-fg-secondary py-4">Loading members...</p>
+      {:else if $membersQuery.data?.members?.length}
+        <section class="p-5 rounded-lg border">
+          <h2 class="text-sm font-semibold text-fg-primary mb-3">
+            Members ({$membersQuery.data.members.length})
+          </h2>
+          <table class="w-full">
+            <thead>
+              <tr>
+                <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Email</th>
+                <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Role</th>
+              </tr>
+            </thead>
+            <tbody>
+              {#each $membersQuery.data.members as member}
+                <tr>
+                  <td class="px-4 py-2 text-sm font-mono text-fg-primary border-b">{member.userEmail}</td>
+                  <td class="px-4 py-2 text-sm text-fg-primary border-b">{member.roleName}</td>
+                </tr>
+              {/each}
+            </tbody>
+          </table>
+        </section>
+      {/if}
+    </div>
+  {/if}
+{/if}
+
+<AlertDialog bind:open={dialogOpen}>
+  <AlertDialogContent>
+    <AlertDialogHeader>
+      <AlertDialogTitle>{dialogTitle}</AlertDialogTitle>
+      <AlertDialogDescription>{dialogDescription}</AlertDialogDescription>
+    </AlertDialogHeader>
+    <AlertDialogFooter>
+      <Button large class="font-normal" type="tertiary" onClick={() => (dialogOpen = false)}>Cancel</Button>
+      <Button large class="font-normal"
+        type={dialogDestructive ? "destructive" : "primary"}
+        onClick={handleConfirm}
+        loading={dialogLoading}
+      >
+        Confirm
+      </Button>
+    </AlertDialogFooter>
+  </AlertDialogContent>
+</AlertDialog>
diff --git a/web-admin/src/routes/-/superuser/projects/+page.svelte b/web-admin/src/routes/-/superuser/projects/+page.svelte
new file mode 100644
index 00000000000..a724eae1ea9
--- /dev/null
+++ b/web-admin/src/routes/-/superuser/projects/+page.svelte
@@ -0,0 +1,269 @@
+<script lang="ts">
+  import SuperuserPageHeader from "@rilldata/web-admin/features/superuser/layout/SuperuserPageHeader.svelte";
+  import SearchInput from "@rilldata/web-admin/features/superuser/shared/SearchInput.svelte";
+  import { Button } from "@rilldata/web-common/components/button";
+  import {
+    AlertDialog,
+    AlertDialogContent,
+    AlertDialogDescription,
+    AlertDialogFooter,
+    AlertDialogHeader,
+    AlertDialogTitle,
+  } from "@rilldata/web-common/components/alert-dialog";
+  import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+  import { adminServiceGetProject } from "@rilldata/web-admin/client";
+  import {
+    searchProjects,
+    createUpdateProjectMutation,
+    createRedeployProjectMutation,
+    createHibernateProjectMutation,
+  } from "@rilldata/web-admin/features/superuser/projects/selectors";
+
+  let searchQuery = "";
+  let dialogOpen = false;
+  let dialogTitle = "";
+  let dialogDescription = "";
+  let dialogDestructive = false;
+  let dialogAction: () => Promise<void> = async () => {};
+  let dialogLoading = false;
+  let actionInProgress = "";
+
+  // Change Slots modal state
+  let slotsDialogOpen = false;
+  let slotsProjectName = "";
+  let slotsValue = "";
+  let slotsCurrentValue = "";
+  let slotsLoading = false;
+  let slotsSaving = false;
+
+  const updateProject = createUpdateProjectMutation();
+  const redeployProject = createRedeployProjectMutation();
+  const hibernateProject = createHibernateProjectMutation();
+
+  $: projectsQuery = searchProjects(searchQuery);
+
+  function handleSearch(e: CustomEvent<string>) {
+    searchQuery = e.detail;
+  }
+
+  async function handleChangeSlots(name: string) {
+    slotsProjectName = name;
+    slotsValue = "";
+    slotsCurrentValue = "";
+    slotsLoading = true;
+    slotsDialogOpen = true;
+    try {
+      const [org, project] = name.split("/");
+      const resp = await adminServiceGetProject(org, project, {
+        superuserForceAccess: true,
+      });
+      slotsCurrentValue = resp.project?.prodSlots ?? "";
+      slotsValue = slotsCurrentValue;
+    } catch {
+      slotsCurrentValue = "?";
+    } finally {
+      slotsLoading = false;
+    }
+  }
+
+  async function handleSaveSlots() {
+    const slots = parseInt(slotsValue, 10);
+    if (!slots || slots < 1) {
+      eventBus.emit("notification", { type: "error", message: "Prod slots must be a positive integer" });
+      return;
+    }
+    const [org, project] = slotsProjectName.split("/");
+    slotsSaving = true;
+    try {
+      await $updateProject.mutateAsync({
+        org,
+        project,
+        data: { prodSlots: String(slots), superuserForceAccess: true },
+      });
+      eventBus.emit("notification", { type: "success", message: `Prod slots for ${slotsProjectName} set to ${slots}` });
+      slotsDialogOpen = false;
+    } catch (err) {
+      eventBus.emit("notification", { type: "error", message: `Failed to update slots: ${err}` });
+    } finally {
+      slotsSaving = false;
+    }
+  }
+
+  function handleHibernate(name: string) {
+    const [org, project] = name.split("/");
+    dialogTitle = "Hibernate Project";
+    dialogDescription = `This will hibernate the deployment for ${name}. The project data will be preserved but the deployment will be stopped.`;
+    dialogDestructive = false;
+    dialogAction = async () => {
+      actionInProgress = `hibernate:${name}`;
+      try {
+        await $hibernateProject.mutateAsync({ org, project });
+        eventBus.emit("notification", { type: "success", message: `Project ${name} hibernated` });
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed: ${err}` });
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    dialogOpen = true;
+  }
+
+  function handleRedeploy(name: string) {
+    const [org, project] = name.split("/");
+    dialogTitle = "Redeploy Project";
+    dialogDescription = `This will completely redeploy ${name}. This is a disruptive operation.`;
+    dialogDestructive = true;
+    dialogAction = async () => {
+      actionInProgress = `redeploy:${name}`;
+      try {
+        await $redeployProject.mutateAsync({ org, project });
+        eventBus.emit("notification", { type: "success", message: `Project ${name} redeployed` });
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed: ${err}` });
+      } finally {
+        actionInProgress = "";
+      }
+    };
+    dialogOpen = true;
+  }
+
+  async function handleConfirm() {
+    dialogLoading = true;
+    try {
+      await dialogAction();
+      dialogOpen = false;
+    } catch {
+      // Keep open for retry
+    } finally {
+      dialogLoading = false;
+    }
+  }
+</script>
+
+<SuperuserPageHeader
+  title="Projects"
+  description="Search projects across all organizations. Change prod slots, hibernate, or redeploy."
+/>
+
+<div class="mb-4 max-w-md">
+  <SearchInput
+    placeholder="Search projects (e.g. org/project, min 3 chars)..."
+    on:search={handleSearch}
+  />
+</div>
+
+{#if $projectsQuery.isFetching && searchQuery.length >= 3}
+  <p class="text-sm text-fg-secondary py-4">Searching projects...</p>
+{:else if $projectsQuery.data?.names?.length}
+  <p class="text-sm text-fg-secondary mb-2">
+    {$projectsQuery.data.names.length} result{$projectsQuery.data.names.length === 1 ? "" : "s"}
+  </p>
+  <table class="w-full">
+    <thead>
+      <tr>
+        <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Project</th>
+        <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Actions</th>
+      </tr>
+    </thead>
+    <tbody>
+      {#each $projectsQuery.data.names as name}
+        <tr>
+          <td class="px-4 py-3 text-sm font-mono text-fg-primary border-b">{name}</td>
+          <td class="px-4 py-3 text-sm text-fg-primary border-b">
+            <div class="flex gap-2 items-center">
+              <Button large class="font-normal" type="tertiary" href={`/${name}`} target="_blank">View</Button>
+              <Button large class="font-normal" type="tertiary" onClick={() => handleChangeSlots(name)}>Change Slots</Button>
+              <Button large class="font-normal"
+                type="tertiary"
+                               disabled={actionInProgress === `hibernate:${name}`}
+                loading={actionInProgress === `hibernate:${name}`}
+                onClick={() => handleHibernate(name)}
+              >
+                Hibernate
+              </Button>
+              <Button large class="font-normal"
+                type="secondary-destructive"
+                               disabled={actionInProgress === `redeploy:${name}`}
+                loading={actionInProgress === `redeploy:${name}`}
+                onClick={() => handleRedeploy(name)}
+              >
+                Redeploy
+              </Button>
+            </div>
+          </td>
+        </tr>
+      {/each}
+    </tbody>
+  </table>
+{:else if searchQuery.length >= 3 && $projectsQuery.isSuccess}
+  <p class="text-sm text-fg-secondary">No projects found for "{searchQuery}"</p>
+{:else if searchQuery.length < 3}
+  <p class="text-sm text-fg-muted">
+    Type at least 3 characters to search across all organizations.
+  </p>
+{/if}
+
+<!-- Hibernate / Redeploy confirmation dialog -->
+<AlertDialog bind:open={dialogOpen}>
+  <AlertDialogContent>
+    <AlertDialogHeader>
+      <AlertDialogTitle>{dialogTitle}</AlertDialogTitle>
+      <AlertDialogDescription>{dialogDescription}</AlertDialogDescription>
+    </AlertDialogHeader>
+    <AlertDialogFooter>
+      <Button large class="font-normal" type="tertiary" onClick={() => (dialogOpen = false)}>Cancel</Button>
+      <Button large class="font-normal"
+        type={dialogDestructive ? "destructive" : "primary"}
+        onClick={handleConfirm}
+        loading={dialogLoading}
+      >
+        Confirm
+      </Button>
+    </AlertDialogFooter>
+  </AlertDialogContent>
+</AlertDialog>
+
+<!-- Change Slots modal -->
+<AlertDialog bind:open={slotsDialogOpen}>
+  <AlertDialogContent>
+    <AlertDialogHeader>
+      <AlertDialogTitle>Change Prod Slots</AlertDialogTitle>
+      <AlertDialogDescription>
+        Update the number of production slots for {slotsProjectName}.
+      </AlertDialogDescription>
+    </AlertDialogHeader>
+    {#if slotsLoading}
+      <p class="text-sm text-fg-secondary py-2">Loading current slots...</p>
+    {:else}
+      <div class="flex flex-col gap-3 py-2">
+        <div class="flex items-center gap-2">
+          <span class="text-sm text-fg-secondary">Current:</span>
+          <span class="text-sm font-mono text-fg-primary">{slotsCurrentValue || "—"}</span>
+        </div>
+        <div class="flex flex-col gap-1">
+          <label class="text-sm font-medium text-fg-secondary" for="slots-input">New slots</label>
+          <input
+            id="slots-input"
+            type="number"
+            class="w-full px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500 focus:border-transparent"
+            placeholder="Number of slots"
+            min="1"
+            bind:value={slotsValue}
+            on:keydown={(e) => e.key === "Enter" && handleSaveSlots()}
+          />
+        </div>
+      </div>
+    {/if}
+    <AlertDialogFooter>
+      <Button large class="font-normal" type="tertiary" onClick={() => (slotsDialogOpen = false)}>Cancel</Button>
+      <Button large class="font-normal"
+        type="primary"
+        onClick={handleSaveSlots}
+        disabled={slotsSaving || slotsLoading || !slotsValue}
+        loading={slotsSaving}
+      >
+        Save
+      </Button>
+    </AlertDialogFooter>
+  </AlertDialogContent>
+</AlertDialog>
diff --git a/web-admin/src/routes/-/superuser/quotas/+page.svelte b/web-admin/src/routes/-/superuser/quotas/+page.svelte
new file mode 100644
index 00000000000..d290a2b8c3d
--- /dev/null
+++ b/web-admin/src/routes/-/superuser/quotas/+page.svelte
@@ -0,0 +1,150 @@
+<script lang="ts">
+  import SuperuserPageHeader from "@rilldata/web-admin/features/superuser/layout/SuperuserPageHeader.svelte";
+  import OrgPicker from "@rilldata/web-admin/features/superuser/shared/OrgPicker.svelte";
+  import { Button } from "@rilldata/web-common/components/button";
+  import {
+    AlertDialog,
+    AlertDialogContent,
+    AlertDialogDescription,
+    AlertDialogFooter,
+    AlertDialogHeader,
+    AlertDialogTitle,
+  } from "@rilldata/web-common/components/alert-dialog";
+  import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+  import {
+    getOrgForQuotas,
+    createUpdateOrgQuotasMutation,
+  } from "@rilldata/web-admin/features/superuser/quotas/selectors";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let activeOrg = "";
+  let dialogOpen = false;
+  let dialogLoading = false;
+
+  const queryClient = useQueryClient();
+  const updateOrgQuotas = createUpdateOrgQuotasMutation();
+
+  // Quota fields for editing
+  let projects = "";
+  let deployments = "";
+  let slotsTotal = "";
+  let slotsPerDeployment = "";
+  let outstandingInvites = "";
+  let storageLimitBytes = "";
+
+  $: orgQuery = getOrgForQuotas(activeOrg);
+
+  // Populate fields when org data loads
+  $: if ($orgQuery.data?.organization?.quotas) {
+    const q = $orgQuery.data.organization.quotas;
+    projects = q.projects != null ? String(q.projects) : "";
+    deployments = q.deployments != null ? String(q.deployments) : "";
+    slotsTotal = q.slotsTotal != null ? String(q.slotsTotal) : "";
+    slotsPerDeployment = q.slotsPerDeployment != null ? String(q.slotsPerDeployment) : "";
+    outstandingInvites = q.outstandingInvites != null ? String(q.outstandingInvites) : "";
+    storageLimitBytes = q.storageLimitBytesPerDeployment ?? "";
+  }
+
+  function confirmSaveQuotas() {
+    dialogOpen = true;
+  }
+
+  async function handleSaveQuotas() {
+    dialogLoading = true;
+    try {
+      await $updateOrgQuotas.mutateAsync({
+        data: {
+          org: activeOrg,
+          projects: projects ? Number(projects) : undefined,
+          deployments: deployments ? Number(deployments) : undefined,
+          slotsTotal: slotsTotal ? Number(slotsTotal) : undefined,
+          slotsPerDeployment: slotsPerDeployment ? Number(slotsPerDeployment) : undefined,
+          outstandingInvites: outstandingInvites ? Number(outstandingInvites) : undefined,
+          storageLimitBytesPerDeployment: storageLimitBytes ? storageLimitBytes : undefined,
+        },
+      });
+      eventBus.emit("notification", { type: "success", message: `Quotas updated for org: ${activeOrg}` });
+      await queryClient.invalidateQueries({
+        predicate: (q) =>
+          (q.queryKey[0] as string)?.includes("/v1/superuser/quotas") ||
+          (q.queryKey[0] as string)?.includes("/v1/organizations"),
+      });
+      dialogOpen = false;
+    } catch (err) {
+      eventBus.emit("notification", { type: "error", message: `Failed to update quotas: ${err}` });
+    } finally {
+      dialogLoading = false;
+    }
+  }
+</script>
+
+<SuperuserPageHeader
+  title="Quotas"
+  description="View and adjust resource quotas for organizations."
+/>
+
+<div class="flex flex-col gap-6">
+  <section class="p-5 rounded-lg border">
+    <div class="flex gap-3 items-center flex-wrap mb-4">
+      <div class="w-64">
+        <OrgPicker bind:value={activeOrg} />
+      </div>
+    </div>
+
+    {#if activeOrg && $orgQuery.isFetching}
+      <p class="text-sm text-fg-secondary py-4">Loading quotas...</p>
+    {:else if activeOrg && $orgQuery.data?.organization}
+      <div class="grid grid-cols-2 lg:grid-cols-3 gap-4">
+        <div class="flex flex-col gap-1">
+          <label class="text-sm font-medium text-fg-secondary" for="projects">Projects</label>
+          <input id="projects" type="number" class="px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500" bind:value={projects} />
+        </div>
+        <div class="flex flex-col gap-1">
+          <label class="text-sm font-medium text-fg-secondary" for="deployments">Deployments</label>
+          <input id="deployments" type="number" class="px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500" bind:value={deployments} />
+        </div>
+        <div class="flex flex-col gap-1">
+          <label class="text-sm font-medium text-fg-secondary" for="slotsTotal">Total Slots</label>
+          <input id="slotsTotal" type="number" class="px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500" bind:value={slotsTotal} />
+        </div>
+        <div class="flex flex-col gap-1">
+          <label class="text-sm font-medium text-fg-secondary" for="slotsPerDeployment">Slots per Deployment</label>
+          <input id="slotsPerDeployment" type="number" class="px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500" bind:value={slotsPerDeployment} />
+        </div>
+        <div class="flex flex-col gap-1">
+          <label class="text-sm font-medium text-fg-secondary" for="outstandingInvites">Outstanding Invites</label>
+          <input id="outstandingInvites" type="number" class="px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500" bind:value={outstandingInvites} />
+        </div>
+        <div class="flex flex-col gap-1">
+          <label class="text-sm font-medium text-fg-secondary" for="storageLimitBytes">Storage Limit (bytes)</label>
+          <input id="storageLimitBytes" type="text" class="px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500" bind:value={storageLimitBytes} />
+        </div>
+      </div>
+
+      <div class="mt-4">
+        <Button large class="font-normal" type="primary" onClick={confirmSaveQuotas}>Save Quotas</Button>
+      </div>
+    {/if}
+  </section>
+</div>
+
+<AlertDialog bind:open={dialogOpen}>
+  <AlertDialogContent>
+    <AlertDialogHeader>
+      <AlertDialogTitle>Update Quotas</AlertDialogTitle>
+      <AlertDialogDescription>
+        This will update the resource quotas for "{activeOrg}". This change takes effect immediately.
+      </AlertDialogDescription>
+    </AlertDialogHeader>
+    <AlertDialogFooter>
+      <Button large class="font-normal" type="tertiary" onClick={() => (dialogOpen = false)}>Cancel</Button>
+      <Button large class="font-normal"
+        type="primary"
+        onClick={handleSaveQuotas}
+        loading={dialogLoading}
+      >
+        Confirm
+      </Button>
+    </AlertDialogFooter>
+  </AlertDialogContent>
+</AlertDialog>
diff --git a/web-admin/src/routes/-/superuser/superusers/+page.svelte b/web-admin/src/routes/-/superuser/superusers/+page.svelte
new file mode 100644
index 00000000000..b43c6ea2e7d
--- /dev/null
+++ b/web-admin/src/routes/-/superuser/superusers/+page.svelte
@@ -0,0 +1,148 @@
+<script lang="ts">
+  import {
+    createAdminServiceListSuperusers,
+    createAdminServiceSetSuperuser,
+  } from "@rilldata/web-admin/client";
+  import SuperuserPageHeader from "@rilldata/web-admin/features/superuser/layout/SuperuserPageHeader.svelte";
+  import { Button } from "@rilldata/web-common/components/button";
+  import {
+    AlertDialog,
+    AlertDialogContent,
+    AlertDialogDescription,
+    AlertDialogFooter,
+    AlertDialogHeader,
+    AlertDialogTitle,
+  } from "@rilldata/web-common/components/alert-dialog";
+  import { eventBus } from "@rilldata/web-common/lib/event-bus/event-bus";
+  import { useQueryClient } from "@tanstack/svelte-query";
+
+  let newEmail = "";
+  let addLoading = false;
+  let dialogOpen = false;
+  let dialogAction: () => Promise<void> = async () => {};
+  let dialogLoading = false;
+  let removeTarget = "";
+
+  const queryClient = useQueryClient();
+  const superusersQuery = createAdminServiceListSuperusers();
+  const setSuperuser = createAdminServiceSetSuperuser();
+
+  async function handleAdd() {
+    if (!newEmail) return;
+    addLoading = true;
+    try {
+      await $setSuperuser.mutateAsync({ data: { email: newEmail, superuser: true } });
+      eventBus.emit("notification", { type: "success", message: `${newEmail} added as superuser` });
+      newEmail = "";
+      await queryClient.invalidateQueries({
+        predicate: (q) => (q.queryKey[0] as string)?.includes("/v1/superuser"),
+      });
+    } catch (err) {
+      eventBus.emit("notification", { type: "error", message: `Failed: ${err}` });
+    } finally {
+      addLoading = false;
+    }
+  }
+
+  function handleRemove(email: string) {
+    removeTarget = email;
+    dialogAction = async () => {
+      try {
+        await $setSuperuser.mutateAsync({ data: { email, superuser: false } });
+        eventBus.emit("notification", { type: "success", message: `${email} removed as superuser` });
+        await queryClient.invalidateQueries({
+          predicate: (q) => (q.queryKey[0] as string)?.includes("/v1/superuser"),
+        });
+      } catch (err) {
+        eventBus.emit("notification", { type: "error", message: `Failed: ${err}` });
+      }
+    };
+    dialogOpen = true;
+  }
+
+  async function handleConfirm() {
+    dialogLoading = true;
+    try {
+      await dialogAction();
+      dialogOpen = false;
+    } catch {
+      // Keep open for retry
+    } finally {
+      dialogLoading = false;
+    }
+  }
+</script>
+
+<SuperuserPageHeader
+  title="Superusers"
+  description="Manage who has superuser access across all of Rill Cloud."
+/>
+
+<div class="p-5 rounded-lg border mb-6">
+  <h2 class="text-sm font-semibold text-fg-primary mb-3">Add Superuser</h2>
+  <div class="flex gap-3 items-center flex-wrap">
+    <input
+      type="email"
+      class="px-3 py-2 text-sm rounded-md border bg-input text-fg-primary placeholder:text-fg-muted focus:outline-none focus:ring-2 focus:ring-primary-500"
+      placeholder="Email address"
+      bind:value={newEmail}
+      on:keydown={(e) => e.key === "Enter" && handleAdd()}
+    />
+    <Button large class="font-normal"
+      type="primary"
+      onClick={handleAdd}
+      disabled={addLoading || !newEmail}
+      loading={addLoading}
+    >
+      Add Superuser
+    </Button>
+  </div>
+</div>
+
+{#if $superusersQuery.isFetching}
+  <p class="text-sm text-fg-secondary py-4">Loading superusers...</p>
+{:else if $superusersQuery.data?.users?.length}
+  <p class="text-sm text-fg-secondary mb-2">
+    {$superusersQuery.data.users.length} superuser{$superusersQuery.data.users.length === 1 ? "" : "s"}
+  </p>
+  <table class="w-full">
+    <thead>
+      <tr>
+        <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Email</th>
+        <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Display Name</th>
+        <th class="text-left text-sm font-medium text-fg-secondary uppercase tracking-wider px-4 py-2 border-b">Actions</th>
+      </tr>
+    </thead>
+    <tbody>
+      {#each $superusersQuery.data.users as user}
+        <tr>
+          <td class="px-4 py-3 text-sm font-mono text-fg-primary border-b">{user.email}</td>
+          <td class="px-4 py-3 text-sm text-fg-primary border-b">{user.displayName ?? "-"}</td>
+          <td class="px-4 py-3 text-sm text-fg-primary border-b">
+            <Button large class="font-normal"
+              type="secondary-destructive"
+                           onClick={() => handleRemove(user.email ?? "")}
+            >
+              Remove
+            </Button>
+          </td>
+        </tr>
+      {/each}
+    </tbody>
+  </table>
+{/if}
+
+<AlertDialog bind:open={dialogOpen}>
+  <AlertDialogContent>
+    <AlertDialogHeader>
+      <AlertDialogTitle>Remove Superuser</AlertDialogTitle>
+      <AlertDialogDescription>
+        Remove superuser access for {removeTarget}? They will lose access to this console.
+      </AlertDialogDescription>
+    </AlertDialogHeader>
+    <AlertDialogFooter>
+      <Button large class="font-normal" type="tertiary" onClick={() => (dialogOpen = false)}>Cancel</Button>
+      <Button large class="font-normal" type="destructive" onClick={handleConfirm} loading={dialogLoading}>Remove</Button>
+    </AlertDialogFooter>
+  </AlertDialogContent>
+</AlertDialog>

From 79cb89ed18dbce89733dc020c9640a07769afe55 Mon Sep 17 00:00:00 2001
From: ericokuma <eric.okuma@rilldata.com>
Date: Tue, 24 Mar 2026 12:37:05 -0700
Subject: [PATCH 35/35] feat(superuser-console): add keyboard navigation to
 `OrgPicker` dropdown

Arrow Up/Down to navigate results, Enter to select, Escape to dismiss.
Adds ARIA listbox/option roles for accessibility.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../superuser/shared/OrgPicker.svelte         | 35 +++++++++++++++++--
 .../superuser/shared/SearchInput.svelte       |  7 ++--
 2 files changed, 38 insertions(+), 4 deletions(-)

diff --git a/web-admin/src/features/superuser/shared/OrgPicker.svelte b/web-admin/src/features/superuser/shared/OrgPicker.svelte
index 4428d2b92a3..6ace260d4a5 100644
--- a/web-admin/src/features/superuser/shared/OrgPicker.svelte
+++ b/web-admin/src/features/superuser/shared/OrgPicker.svelte
@@ -7,9 +7,12 @@
 
   let searchQuery = "";
   let showResults = false;
+  let highlightedIndex = -1;
 
   $: orgNamesQuery = searchOrgNames(searchQuery);
   $: matchedOrgs = extractUniqueOrgs($orgNamesQuery.data?.names ?? []);
+  // Reset highlight when results change
+  $: matchedOrgs, (highlightedIndex = -1);
 
   function extractUniqueOrgs(names: string[]): string[] {
     const orgs = new Set<string>();
@@ -33,6 +36,27 @@
     value = org;
     searchQuery = org;
     showResults = false;
+    highlightedIndex = -1;
+  }
+
+  function handleKeydown(e: CustomEvent<KeyboardEvent>) {
+    const key = e.detail.key;
+    if (!showResults || !matchedOrgs.length) return;
+
+    if (key === "ArrowDown") {
+      e.detail.preventDefault();
+      highlightedIndex = (highlightedIndex + 1) % matchedOrgs.length;
+    } else if (key === "ArrowUp") {
+      e.detail.preventDefault();
+      highlightedIndex =
+        highlightedIndex <= 0 ? matchedOrgs.length - 1 : highlightedIndex - 1;
+    } else if (key === "Enter" && highlightedIndex >= 0) {
+      e.detail.preventDefault();
+      selectOrg(matchedOrgs[highlightedIndex]);
+    } else if (key === "Escape") {
+      showResults = false;
+      highlightedIndex = -1;
+    }
   }
 </script>
 
@@ -41,6 +65,7 @@
     bind:value={searchQuery}
     {placeholder}
     on:search={handleSearch}
+    on:keydown={handleKeydown}
   />
   {#if showResults && searchQuery.length >= 3 && !value}
     {#if $orgNamesQuery.isFetching}
@@ -48,10 +73,16 @@
         <p class="text-sm text-fg-secondary">Searching...</p>
       </div>
     {:else if matchedOrgs.length > 0}
-      <div class="absolute z-10 left-0 right-0 mt-1 flex flex-col gap-0.5 max-h-48 overflow-y-auto rounded-md border bg-surface-base shadow-md">
-        {#each matchedOrgs as org}
+      <div
+        class="absolute z-10 left-0 right-0 mt-1 flex flex-col gap-0.5 max-h-48 overflow-y-auto rounded-md border bg-surface-base shadow-md"
+        role="listbox"
+      >
+        {#each matchedOrgs as org, i}
           <button
             class="px-3 py-2 text-sm text-fg-primary text-left hover:bg-surface-hover cursor-pointer"
+            class:bg-surface-hover={i === highlightedIndex}
+            role="option"
+            aria-selected={i === highlightedIndex}
             on:click={() => selectOrg(org)}
           >
             {org}
diff --git a/web-admin/src/features/superuser/shared/SearchInput.svelte b/web-admin/src/features/superuser/shared/SearchInput.svelte
index 3fbb159a635..eaf858e8f40 100644
--- a/web-admin/src/features/superuser/shared/SearchInput.svelte
+++ b/web-admin/src/features/superuser/shared/SearchInput.svelte
@@ -5,7 +5,7 @@
   export let value: string = "";
   export let debounceMs: number = 300;
 
-  const dispatch = createEventDispatcher<{ search: string }>();
+  const dispatch = createEventDispatcher<{ search: string; keydown: KeyboardEvent }>();
 
   let timeout: ReturnType<typeof setTimeout>;
 
@@ -29,6 +29,9 @@
     {placeholder}
     bind:value
     on:input={handleInput}
-    on:keydown={(e) => e.key === "Enter" && handleSubmit()}
+    on:keydown={(e) => {
+      if (e.key === "Enter") handleSubmit();
+      dispatch("keydown", e);
+    }}
   />
 </div>