Organizations
An organization is the tenant boundary in Relynt. All agents, policies, connectors, receipts, and approvals belong to exactly one organization.
Multi-tenancy
Relynt is multi-tenant by design. Every resource is scoped to an organization:
- Agents can only be accessed by members of their organization
- Policies apply only within their organization
- Receipts are isolated per organization
- Approvals route to the organization’s configured Slack channel
Organization scoping is enforced at every layer: Supabase Row-Level Security (RLS), backend middleware, and API authorization checks.
Membership
Users belong to organizations through memberships. Each membership has a role that determines what the user can do.
Roles
| Role | Permissions |
|---|---|
| Owner | Full access. Manage members, agents, policies, connectors, and settings. |
| Admin | Same as owner except cannot transfer ownership or delete the organization. |
| Viewer | Read-only access to agents, policies, receipts, and approvals. Cannot create or modify resources. |
Role enforcement
- Owner and Admin can create agents, rotate credentials, manage policies, and configure connectors
- Viewer can view the dashboard, browse receipts, and see agent details but cannot make changes
- Role checks are enforced in both the frontend (UI gating) and the backend (API authorization)
Creating an organization
- Sign up for a Relynt account
- During onboarding, create your organization with a name
- You become the Owner of the organization
- Invite team members and assign roles
Organization settings
Each organization can configure:
- Slack integration — install the Relynt Slack app and choose an approval channel
- Connector — configure the target API for agent write actions
- Members — invite users and assign roles
Changing organization settings (Slack channel, connector URL) affects all agents in that organization. Coordinate with your team before making changes.
Last updated on