# Admin API Node.js HTTP server for the Quinn admin control center. Port `3023`. Auth: SSO cookie (via `quinn-sso-api`) or service bearer token (`QUINN_ADMIN_SERVICE_TOKEN`). ## Dev proxy mode When `PROXY_TARGET` is set, the server short-circuits every request (except `/health`) and proxies it upstream to the target, injecting `Authorization: Bearer `. No local SQLite is touched. Copy `.env.local.example` to `.env.local` and fill in the token: ```bash cp .env.local.example .env.local # edit .env.local — get QUINN_ADMIN_SERVICE_TOKEN from /etc/quinn-admin-api/secrets.env on vps-0 ``` The server logs a `WARN` line at boot when proxy mode is active, and prefixes each proxied request log with `[PROXY→prod]`. See `docs/PROD_DB_UNIFICATION_PLAN.md` for full architecture context.