Understanding Workspaces and Organizations
Every SecureAuth Connect tenant has at least one workspace. Organizations are an optional feature you add to a workspace when you need multiple business customers to have isolated access.
Workspaces
A workspace is your identity and authorization environment in SecureAuth. It has:
- Identity pool - Where all users are stored
- Authorization server - Handles login and token issuance
- Applications - Your applications and resources that need authentication
- Policies - Security rules and access control defaults
- Branding - Logos, colors, email templates
Create a new workspace when you need different security models, compliance requirements, or user populations. For example, one workspace for internal employees and another for external customers.
Organizations
Organizations let you represent multiple business customers or partners inside a single workspace. Each organization:
- Represents one business customer
- Has its own users and administrators
- Inherits workspace policies as defaults
- Can override workspace policies with stricter rules
- Enables delegated administration (customers manage their own users)
Quick comparison
| Aspect | Workspace | Organization |
|---|---|---|
| Purpose | Your identity environment | Customer tenant within your workspace |
| When to create | Different security models or products | Multiple business customers |
| User management | You manage workspace users | Customers manage their own users |
| Policies | Sets baseline defaults | Inherit or override workspace policies |
| Isolation | Independent from other workspaces | Isolated from other organizations |
When to use organizations
Create organizations when:
- You're building a B2B SaaS platform
- Multiple business customers need isolated access
- Each customer manages their own users
- Customers need their own administrative control
For a detailed walkthrough of how to use organizations in a B2B SaaS scenario, see Building B2B SaaS platforms with Organizations.
Suborganizations
If a customer has hierarchical structures (like a franchise with store locations), create suborganizations nested under a parent organization. This lets customers organize their own structure while maintaining security isolation.
Learn how to set up suborganizations in Create organizations and suborganizations.
Policy layering
Workspaces set baseline policies that all organizations inherit. Organizations can then override with stricter rules when needed.
Example:
- Workspace policy: All users require MFA
- Organization A policy: Admins must use WebAuthn
- Organization B policy: Inherits workspace requirement (MFA)
See also
- Building B2B SaaS platforms with Organizations - Full B2B use case example
- Create organizations and suborganizations - Step-by-step instructions
- Manage organizations - Organize and scale your customer base
- Add new workspaces - When you need a separate workspace