Enterprise buyers ask about permissions in the second call. If your data model cannot answer 'who can see this?', deals stall.
Model orgs and memberships
User belongs to Organisation via Membership with role enum. Resources belong to Organisation. Every query filters by org_id from the session, never from client input alone.
Role matrix (starter)
- Owner: billing, delete org, manage all data.
- Admin: manage users and settings, not billing.
- Member: create and edit assigned resources.
- Viewer: read-only.
Customer portal users
Separate table or role flag for external users with access to one project or account. Never reuse internal admin routes.
Use this as a working checklist inside your team first. When the same steps repeat every week and spreadsheets start breaking, that is usually the moment to scope the smallest reliable integration that removes repeated copy-paste from a core workflow as an owned system. See the relevant Standen service · More guides · SaaS ops audit.