Docs
[IAM]

Organisations

Organisations represent the business and structural layer within a Realm.

They are used to group users, define operational boundaries, and scope access control in a way that reflects real-world structures such as companies, teams, or customers.

What is an organisation?

An organisation is a logical container within a realm that:

  • Groups users under a shared context
  • Defines access boundaries for resources
  • Structures identity around real-world entities
  • Acts as a namespace for access control

While a realm provides isolation, organisations provide structure within that isolation.

Organisations as context

In IAM, access is not only determined by roles and permissions, but also by organisation context.

This means:

  • A user may have different access in different organisations
  • Roles can be applied within a specific organisation
  • Permissions are evaluated in relation to the organisation being accessed

The same user can behave differently depending on the organisation they are operating in.

Relationship to users

Users are always connected to one or more organisations.

This allows:

  • Multi-organisation access for a single identity
  • Separation of responsibilities across different contexts
  • Support for partners, resellers, or multi-tenant setups

A user does not exist in isolation — access is always evaluated through the organisations they belong to.

Relationship to groups and roles

Organisations structure how access is applied:

  • Groups can exist within an organisation
  • Roles can be assigned within organisation context
  • Permissions are enforced based on both role and organisation

This creates a layered model:

User → Group → Role → Permission (within Organisation)

Multi-organisation support

IAM supports users that belong to multiple organisations within the same realm.

This enables:

  • Working across multiple companies or clients
  • Separation between personal and professional contexts
  • Delegated access for partners or external users

Each organisation remains logically separated, even within the same realm.

Use cases

Organisations are commonly used for:

  • Companies or legal entities
  • Departments or teams
  • Customers within a SaaS platform
  • Reseller or partner structures
  • Environment separation within a business

Why organisations matter

Organisations provide the structure needed to make IAM usable in real-world scenarios.

They ensure:

  • Access is scoped to the correct business context
  • Users can operate across multiple contexts safely
  • Permissions remain structured and predictable
  • The platform can scale across complex organisational models

Without organisations, access control would lack the context needed to reflect real-world structures.