Hey guys. I’ve been checking out strapi recently and have been doing some testing using it for projects. In one such project I need to be able to create multiple organizations each with team members with different roles. Each team member from an organization should only be able to modify content belonging to only their org such as creating new offerings/ products under their org. Is this possible with strapi and if so what would be a good approach to this.
Hello @Rayuse and welcome to the Strapi Community Forums 
I think that if you want more roles etc, you want to get the Enterprise license,
The bronze will give you access to this, if you require multiple admin roles etc.
Hello @Rayuse
Yes, this can be achieved through custom permission and enterprise license.
In my case, in a single Strapi instance we have 4 different websites (all the collection-types have a relation with a collection-type called websites), and each team has a specific permission that provides them access to content that is in relation with that website.
1 Like
So if I’m understanding correctly the way this could be achieved is with more admin panel roles. Each org would have a role specifically for them then their team members would be of type end users with a relation to that org admin role with custom controllers that only allow them to access info related to that org role. So if this is how it would work how would you go about keeping each org role separate from one another would it be in the permissions or would it also require custom controllers, policy, etc. And then finally how would orgs be able to invite a team member to join under their org or how would a team member be able to join under a specific org when they sign up?would the org have to create a user on the backend for each team member instead of users themselves signing up through the frontend? Sorry for all these questions I’m pretty new to strapi so I’m trying to wrap my head around how all this works. In my tests I was able to create end users with their info separate from one another I just couldn’t figure out the org part so I do appreciate the help.
You can invite users to sign-up to a specific Team.
Example, creating an invitation for someone who should join Organization 1, Marketing Team:
No need, when the user receives his invitation link, he is able to Signup on his own through the registration form, and his role will be automatically assigned.
When the user will access the invitation link, his details will be pre-populated from the invitation that was created through Admin panel.
Example of invitation URL:
http://my-organization-website.com/admin/auth/register?registrationToken=fd8ec5e5ae567325de69d6dac5a9c68e615d440f
Ok so basically there would need to be at least 2 roles for each agency, an agency 1 role then another role called agency 1 member? Or would just having the agency 1 member role be fine. Then essentially all users of the web app would be admins and not end users? I want members to only be able to add services / products from the frontend not the backend.
@Rayuse You are referring primarily to the End-users (consumers of the APIs).?
Because Admin Roles are designed for Admins that should have access to the Strapi Admin UI. You can definitely use it also for the end-users if you configure all the roles/permissions properly.
But if you want to add services from a different frontend, then you need to use the user-permissions plugin.
For this particular project yes we want everything to be handled on the frontend for agencies and members. We don’t want them to have access to the admin panel of strapi. As mentioned I was able to setup user registration already and adding products under those users as well as isolating each users data from one another the main issue right now is I can’t figure out a good way to do the agencies were each user is under an agency where multiple users under the same agency would be the team members and the user that created the agency would be the admin.