docs: define organization account model
This commit is contained in:
@@ -18,7 +18,9 @@ Allow workspace managers to invite teammates, clients, and providers into a work
|
||||
|
||||
## Domain Rules
|
||||
|
||||
- Workspace invites grant access to one workspace owned by one organization.
|
||||
- Workspace invites belong to exactly one workspace.
|
||||
- Invite acceptance does not automatically create organization membership.
|
||||
- Invite email matching should use normalized email addresses.
|
||||
- Pending invite tokens must be single-use and should expire.
|
||||
- Accepted invites must grant the invited role and a workspace scope claim for the invite workspace.
|
||||
@@ -28,6 +30,7 @@ Allow workspace managers to invite teammates, clients, and providers into a work
|
||||
- Managers can create, list, cancel, and resend invites only for workspaces they can manage.
|
||||
- Managers must not be able to create duplicate pending invites for the same normalized email in the same workspace.
|
||||
- Invite acceptance must be auditable through stored status and timestamp changes.
|
||||
- External collaborator invitees should remain visible in workspace members and organization-level access review views without receiving organization-level billing, connector, or subscription permissions.
|
||||
|
||||
## Proposed Statuses
|
||||
|
||||
|
||||
Reference in New Issue
Block a user