diff --git a/automation/README.md b/automation/README.md
index 6e09b9d..2a7b047 100644
--- a/automation/README.md
+++ b/automation/README.md
@@ -221,6 +221,11 @@ before a release tag deploys them to prod.
 - A fixed banner **"INTERNAL DEV / STAGING - NOT PRODUCTION"** is shown (driven by
   `NEXT_PUBLIC_ENV_LABEL` in the staging `.env`; the `EnvBanner` component renders nothing
   when the var is unset, so production is unaffected).
+- **Feature flags on staging:** `staging-up.sh` enables
+  `NEXT_PUBLIC_SUBMITTER_VIEW_ALL_ENABLED=true`, so submitters (TECHNICAL/MANNING) can
+  read every PO and open the History page here (read-only) for testing ahead of a prod
+  rollout. The line is appended idempotently, so already-provisioned staging `.env`s pick
+  it up on the next refresh.
 - Log in with a password user (SSO is off here), e.g. `admin@pelagiamarine.com`.
 
 ## Issue label lifecycle
diff --git a/automation/staging-up.sh b/automation/staging-up.sh
index efb3d83..b80f9fb 100644
--- a/automation/staging-up.sh
+++ b/automation/staging-up.sh
@@ -42,12 +42,20 @@ AZURE_AD_CLIENT_SECRET="dev-placeholder"
 AZURE_AD_TENANT_ID="dev-placeholder"
 DATABASE_URL="$TEST_URL"
 GST_SERVICE_URL="http://localhost:3003"
+NEXT_PUBLIC_SUBMITTER_VIEW_ALL_ENABLED=true
 NEXT_PUBLIC_ENV_LABEL="INTERNAL DEV / STAGING - NOT PRODUCTION"
 PORT=$PORT
 EOF
     chmod 600 "$DIR/App/.env"
 fi
 
+# Ensure feature flags are present on already-provisioned staging envs too (the
+# .env above is written only once, so a flag added later won't appear without
+# this). Let submitters (TECHNICAL/MANNING) read all POs + open History on staging.
+if ! grep -qE '^NEXT_PUBLIC_SUBMITTER_VIEW_ALL_ENABLED=' "$DIR/App/.env"; then
+    printf 'NEXT_PUBLIC_SUBMITTER_VIEW_ALL_ENABLED=true\n' >> "$DIR/App/.env"
+fi
+
 # pm2-run wrapper so the dev server always gets nvm on PATH and the right port.
 # Bind to 127.0.0.1 only -- staging is reachable solely via SSH tunnel
 # (ssh -L 3200:localhost:3200 ...), never directly from the public internet.