Help Center · Obsidian plugin
Get Ledger's enterprise layer inside Obsidian — on Mac, Windows, Linux, or mobile, since Obsidian is already the cross-platform host. Sign in with an access token and you can push/pull your team's org vault, stamp reviews, see a governance report, and publish compliance evidence, all without leaving Obsidian.
Plugin vs browser folder sync: the plugin runs inside Obsidian (any OS, including mobile) and syncs to your team's org cloud vault. The browser folder sync runs in a Chromium browser and syncs Ledger to a folder on disk. Use whichever matches how you work; they interoperate via the same org vault.
reviewed_on on the current note, and open a report of never-reviewed / stale notes.Until it's listed in Obsidian's Community Plugins directory, install it manually:
obsidian-plugin/ directory from Ledger — it must contain manifest.json and main.js).<your-vault>/.obsidian/plugins/ledger-enterprise/.There's no build step — Obsidian loads main.js directly. It works on desktop and mobile (the manifest is not desktop-only).
Because Obsidian can't run the web app's redirect-based sign-in cleanly, the plugin authenticates with a pasted access token (the standard Obsidian-plugin pattern). The token is a long-lived bearer credential for your DosanjhLabs account.
dosanjhlabs.com/ledger/account).Verify checks your token and shows who you are.
The plugin re-verifies quietly on load if a token is present, so your status bar reflects sign-in state automatically.
All commands live in the Command Palette (Ctrl/Cmd+P, type "Ledger"). There's also a ribbon icon (book) for one-click push.
| Command | What it does |
|---|---|
| Sign in (verify access token) | Checks your token, shows account + org. |
| Push vault to org cloud | Uploads every Markdown note in the vault to the shared org vault. The status bar reports how many notes were pushed. (Also the ribbon icon.) |
| Pull vault from org cloud | Downloads the org vault. Existing notes are updated only if their content differs; missing notes (and their folders) are created. Pull never deletes a local note. |
| Mark current note reviewed (stamp reviewed_on) | Writes today's date into the active note's reviewed_on frontmatter field. |
| Show governance report (stale / unreviewed notes) | Opens a modal listing notes ranked by review status: never reviewed first, then stale, then fresh — with owner and age. Click a row to open that note. |
| Publish documentation evidence | Sends structural signals (paths, titles, type, reviewed_on, counts — never note bodies) to the evidence graph. |
The plugin's sync is a whole-vault push and a non-destructive pull:
kb-state key the web app uses. That's why the web app and plugin share one org vault.Compared with the browser folder sync, the plugin's pull is intentionally simpler and safer (no deletes), and it talks to the cloud org vault rather than to a local folder.
reviewed_on: <today> into the current note's frontmatter — the same field the web app reads.owner and reviewed_on from every note's frontmatter and classifies each as fresh, stale (older than your stale threshold), or never reviewed, with counts at the top. It shows up to 200 notes; click any to open it.The same compliance evidence the web app emits, from inside Obsidian. It sends structural signals only — for each note, path, title, type, tags, reviewed_on, host; plus page counts and your org name; with secrets: none-stored. Note bodies are never sent.
| Setting | Meaning |
|---|---|
| Access token | Your DosanjhLabs bearer token (masked). Stored only in this vault's plugin data. |
| Verify sign-in | Button to check the token and show your account + org. |
| API base | The Keystone API origin (default https://api.dosanjhlabs.com). Change only for self-hosted/staging setups. |
| Organization name | Shown on the org vault and evidence. Defaults to your vault's name. |
| Review-stale threshold (days) | Notes not reviewed within this many days count as stale in the report (default 90). |
| Auto-sync on edit | Off by default. When on, pushes the whole vault to the org cloud a few seconds after you stop editing. |
.obsidian/plugins/ledger-enterprise/data.json) — never inside a note, never logged. Treat that vault folder as sensitive.requestUrl (so no browser CORS issues) to api.dosanjhlabs.com with the token as a bearer. The tenant is always derived server-side from your verified token — the client can't act as another organization.One platform dependency: the plugin needs Keystone to accept pasted personal access tokens as a bearer on the existing /whoami, /store, /evidence, and /billing/entitled endpoints. If Verify reports a 401 even with a fresh token, that capability may not be enabled yet in your environment — see Troubleshooting.