authaz / products / organization-managementHOSTED · BRANDABLEAPI + UI● CHANGES AUDITED

The settings page
your buyer already pictured.

Members, domains, policies, billing — a full self-serve admin console out of the box. Per-tenant overrides, inherited defaults, audited every step.

A
Acme Corporg_01HZX9
● 142 membersenterpriseus-east-1
WORKSPACE
General
Members
Domains
Roles
Policies
SSO
BILLING
$Plan
Invoices
MembersInvitesGroupsActivity

Workspace identity

How your organization appears across login, invites, and admin emails.

Acme Corp
https://app.acme.com/acme/

Members · 142

Roster pulled from SCIM. Override role assignments inline; everything is audited.

USER
ROLE
SINCE
VM
Val Marsh
val@acme.com
owner
Aug 2024
RW
Rod Walsh
rod@acme.com
admin
Sep 2024
SK
Sam Kerr
sam@acme.com
developer
Nov 2024
LB
Lee Bryant
lee@acme.com
billing-admin
Jan 2026

Policy overrides

Tenant-level overrides on top of platform defaults. Both are versioned and audited.

Require MFA for admin actions
Inherits platform default · override active
Auto-join on verified domain
@acme.com · @acme-vendor.com
Allow personal accounts
Block social login for this tenant
session lifetime
7d · refresh 24h
max sessions / user
5
password rotation
disabled · webauthn-only
The shape

Every B2B product needs a settings page. Authaz ships the one you'd build.

Your buyers expect the same shape: members, domains, roles, policies, billing, audit. Authaz gives you all of it — as an embeddable React surface or as raw API.

— 01

Members + roles + invites

Add, remove, role-change, transfer ownership. Bulk import. Time-boxed guests for vendors and auditors.

— 02

Domains + auto-join

Verified domains route new signups to the right org. Multi-region orgs get multiple domains; sandboxes get their own.

— 03

Policies, inherited or overridden

Defaults at the platform level, overrides per tenant. Buyers tighten what they need; you don't loosen what you don't.

Surfaces

The console buyers want. The API you want.

— 01

Domains, with the verification baked in.

TXT-record verification, primary/sandbox marking, region pinning. Auto-join on verified domains so new hires land in the right org without an invite ping-pong.

  • unlimited verified domains
  • sandbox / production marking
  • auto-join policy per domain
acme.com · primaryauto-join · ssoverified
acme.co.uk · region · euauto-joinverified
acme-labs.com · sandboxmanual invite onlyverified
getacme.iomarketing redirectDNS pending
— 02

Roster that mirrors your IdP.

SCIM-pushed members, invite-onboarded admins, time-boxed guests. Source of truth for each row is captured and auditable.

  • SCIM · invite · domain auto-join · time-box
  • role + team in one row
  • export to CSV · webhooks for change events
MEMBERROLETEAMSOURCE
val@acme.comownerplatformsso · okta
rod@acme.comadminplatformsso · okta
lee@acme.combillingfinanceinvite
kim@acme.comdeveloperplatformscim
audit@deloitteguestexternaltime-box
— 03

Policies the buyer's admin can read.

Session TTL, MFA, SSO enforcement, IP allow-list, audit retention, data residency. Each one labeled inherited or org override, so admins always know what's on.

  • inheritance · override · pin
  • diffable history of changes
  • simulator for "what would change if…"
session.ttl12horg override
session.idle30minherited
mfa.requiredyes · webauthnorg override
sso.enforceyes · acme.com onlyorg override
ip.allowcorp range + vpnorg override
invite.auto-joinverified domains onlyinherited
audit.retention7 yrsorg override
data.regionus-west-2org override
— 04

Billing that doesn't need a second product.

Seats, usage, plan, renewal — surfaced where the buyer is already managing their org. Stripe-backed, with line items that mirror your pricing.

  • seats · usage · annual / monthly · proration
  • invoices · receipts · purchase orders
  • webhook to your billing system
Enterprise · Annual$48,000 / yr
142 / 200 seats71% used
seats · base200 × $200
locker · gb-mo410 gb
sso connections3 included
audit retention7 yrs
next invoice2027-04-12
API

Provision an org with everything turned on.

POST /v1/orgs200 · 41ms
await authaz.orgs.create({ name: "Acme Corp", domains: ["acme.com", "acme.co.uk"], policies: { mfa: "webauthn", session: { ttl: "12h" }, region: "us-west-2", }, billing: { plan: "enterprise" }, });
Spec

The fine print, up front.

Surfaces
embedded React console · hosted dashboard · admin API
Members
invite · SCIM · auto-join · time-boxed guests · transfer ownership
Domains
TXT verification · multi-region · sandbox marking · auto-join
Policies
session · MFA · SSO · IP · retention · region · inherit / override
Billing
Stripe-backed · seats · usage · annual / monthly · invoices
Audit
every config change · diffable · streamed to your SIEM
Webhooks
member · domain · policy · billing · session events
Pricing model
per active member · org chrome included
Pairs with

One platform. Every primitive.

Every Authaz product shares the same primitives — sessions, policies, audit, tenants. Pick what you need today; add the rest when you do.

Explore all products →
Get started

Ship the settings page on day one.

Members, domains, policies, billing — the surface every B2B buyer expects, ready before signup.