Organization & Role-Based Access Control
Multi-tenant organization management with hierarchical structure, granular permissions, and team-based access control for your developer infrastructure.
Organization: Acme Corp
├── Owner: alice@acme.com
├── Members
│ ├── Admins (3)
│ ├── Finance (1)
│ └── Members (12)
├── Departments
│ ├── Engineering
│ │ ├── Frontend Team (4 members)
│ │ └── Backend Team (5 members)
│ └── Operations
│ └── DevOps Team (3 members)
├── Tunnel Configs (org-scoped)
├── API Keys (team-scoped)
└── Billing: Pro PlanCapabilities
Multi-tenant Organizations
Create multiple organizations with isolated data, members, and billing. Perfect for agencies, consultancies, or teams managing multiple clients.
Hierarchical Structure
Organize teams within departments within organizations. Enable or disable departments based on your team size and complexity.
Role-Based Access Control
Four organization roles (Owner, Admin, Finance, Member) with granular permissions. Control who can invite members, create teams, or access billing.
Team Management
Create teams with leads and members. Scope tunnel configs and API keys to specific teams for fine-grained access control.
Invitation System
Invite members via email with role pre-assignment. Pending invitations can be resent or revoked. Audit trail for all membership changes.
Organization Switching
Users can belong to multiple organizations with different roles. Switch between orgs instantly from the navigation bar.
Permission Matrix
Four organization roles with clear permission boundaries. Higher roles inherit all permissions from lower roles.
| Permission | Owner | Admin | Finance | Member |
|---|---|---|---|---|
| Manage organization settings | ||||
| Invite & manage members | ||||
| Create teams & departments | ||||
| Issue API keys | ||||
| View & manage billing | ||||
| Create tunnel configs | ||||
| Use tunnel configs | ||||
| Transfer ownership |
Use Cases
Development Teams
- Separate frontend and backend teams
- Team leads manage their own members
- Shared org-level tunnel configs
- Team-scoped API keys for CI/CD
Agencies & Consultancies
- One organization per client
- Isolated billing per client
- Team members access only their projects
- Switch between client orgs instantly
Enterprise
- Department-based hierarchy
- Finance role for billing oversight
- Audit trail for compliance
- Granular permission boundaries
Startups
- Disable departments for simplicity
- Flat team structure
- All developers as Members
- One Admin manages everything
Technical Details
Security
- Row-Level Security (RLS) at database level
- Server-side permission validation
- Soft deletes for audit compliance
- Ownership transfer with verification
Integration
- Stripe billing per organization
- API keys scoped to org/team
- Tunnel configs with team access
- Email invitations via Resend
Included in All Plans
Organization management and RBAC are included in every ASD subscription, from Free to Scale.
Frequently Asked Questions
You can create unlimited organizations. Each organization has isolated data, members, and billing. This is perfect for agencies managing multiple clients.
Yes, users can belong to multiple organizations with different roles in each. Switch between organizations instantly from the navigation bar.
Admins manage team members, create tunnel configs, and issue API keys but cannot access billing. Finance role can only view and manage billing without access to development resources.
No, departments are optional. Smaller teams can disable departments and use a flat team structure. Enable departments when you need more hierarchy.
Developer Documentation
Learn how to implement RBAC in your integration with our technical documentation.
View Documentation