Organizations¶
Core Concepts
An organization is the top-level container in NOB.center. Every piece of data — domains, filters, alert rules, users, API tokens, billing — belongs to exactly one organization.
Creating an organization¶
An organization is created automatically when you sign up. You provide:
- Organization name — a human-readable label shown in the UI
- Organization slug — a URL-safe identifier derived from the name (used internally)
- Initial domain — the first domain you want to monitor (used to populate your first filter)
The user who completes signup becomes the signup user for the organization and is automatically granted admin-level access to all modules.
Inviting team members¶
Additional users join by invitation. An admin sends an invitation email to the new user's address and selects which modules they should have access to and which role to assign per module (see Roles & Permissions).
The invitation contains a unique token that expires. The invited user clicks the link, sets a password, and lands directly in the organization's workspace.
Note
A user account always belongs to exactly one organization. There is no concept of a user switching between organizations.
What an organization owns¶
| Resource | Scoped to org |
|---|---|
| CT-Log filters | Yes |
| Certificate matches (InfluxDB) | Yes |
| DNS domain monitors | Yes |
| RDAP domain monitors | Yes |
| Certificate watcher monitors | Yes |
| Alert rules and templates | Yes |
| Alert history | Yes |
| Users and invitations | Yes |
| API tokens | Yes |
| Audit reports | Yes |
| Subscription and billing | Yes |
Subscription tiers¶
Each organization is on a subscription tier that determines quota limits and feature availability. See Quotas & Limits for the per-tier breakdown.
Billing is managed through Paddle. You can view and manage your subscription under Administration → Billing & Subscriptions.
Data isolation¶
Organizations are fully isolated. Users in one organization cannot see or interact with data belonging to another organization. All API endpoints enforce this at the database query level — every query is scoped to the authenticated user's organization ID.