Organizations

This page describes how organizations are structured.

Organizations are entities that contain memberships and that can be associated with applications.

You are able to use organizations for multiple purposes:

To restrict access over a certain resource/page;
To manage/keep track a group of users using roles (for example like in an internal company application);
And more!

A user's relation to an organization is called a Membership.

A membership can contain several roles, which can be arbitrary strings that are used to describe the purpose of the user in the organization.

There are also some special roles that give the user access to some features.

Special Roles

Special roles have permissions and a permission level.

The permission level of a role is used to calculate the permission level of the membership, the role with the lowest permission level is counted as main role.

Users cannot preform actions on other users with lower or equal membership permission level.

Name Permissions Permission Level

Name	Permissions	Permission Level
`SuperAdmin`	Delete the organization.	0
`Admin`	Update organization details. Update membership roles;	1
`Moderator`	Invite members. Remove members.	2
`Api`	Access to the `organization:roles` scope; The ability to associate this organization with an application.	3

SuperAdmin

Delete the organization.

Admin

Update organization details.
Update membership roles;

Moderator

Invite members.
Remove members.

Api

Access to the organization:roles scope;
The ability to associate this organization with an application.

PreviousQuick Start NextScopes and Claims

Last updated 2 years ago