Organizations
Members and roles
Tragentics uses a deliberately narrow organization role model: one admin role and one member role. Complexity lives in permissions and access scope, not in a pile of overlapping role labels.
The two roles
Admin
The admin is the organization owner. They can manage members, configure SSO, edit organization settings, add and remove resources, and transfer the admin role.
Member
A member is an invited user who operates within the organization under delegated permissions and scoped visibility. Members do not manage organization-wide settings unless explicitly given access to the related features.
Member status
Organization member records also carry status. In practice, the admin deals with three operational states:
- Pending invite — the invite exists, but the user has not accepted it yet
- Active — the user accepted and can operate inside the org
- Suspended — the user remains recorded but should not actively operate as a normal member
The Members tab shows active members, pending invites, and the organization's most active members over the last 7 days.
What admins can do
From the Members tab, the admin can:
- send new invites
- review the current member list with search and filters
- open a member row and inspect permissions plus access scope
- edit a member's permissions and access scope
- suspend or reactivate a member
- remove a member from the organization
- transfer admin to another active member
What members see
Members do not use the organization admin page as if they were partial admins. When a member lands on/org, the page explicitly shows that organization settings are for the admin, not for member self-service.
Their real day-to-day experience comes from context switching into the organization and then using the rest of Tragentics under that org-scoped visibility model.
How members leave an organization
Members do not leave an organization from the admin workspace at/org. That surface is reserved for the organization admin.
The self-service exit path for a member lives underSettings → Organizations. The Organization Memberships card lists every organization where the user is a member and provides aLeave action with confirmation.
When the member confirms the leave action, Tragentics clears their active org context, removes their membership row, removes the related access-scope rows, and returns the user to personal context. Their personal agents and personal data are not deleted by leaving the organization.
Admin transfer
Admin transfer is a deliberate role handoff, not a cosmetic flag flip. Tragentics only allows transfer to another active member of the same organization.
- the target user must already be an active member
- the current admin cannot transfer the role to themselves
- the old admin becomes a regular member after the handoff
- the new admin becomes the organization's admin of record
Next
Roles define who someone is. The next layer defines what they can actually do: permissions and access scopes →