Multi end users, authenticating under a "company" log in?

Hi all,

I want to develop an app where we have an “organisation”, and this organisation has “users”.

So a user could be created, but it must be assigned to an organisation.

For example, imagine this is a… real estate website (it is not).

You would have a company, maybe called “Rip Off Real Estate Co” and they would have many users logging in. Sales agents, receptionist, managers, etc. But, they would all fall under the umbrella of the main company / organisation.

Currently, all the tutorials I see, are about having a single user auth, that gets access to the site. But, I need to somehow tie each user to that organisation only.

Then, once tied, if they tried to see another organisation’s data, they could not.

So for example, if a user from tried to view data from they would be rejected.

I imagine you would ‘create a new organisation’, and this would come with a default ‘user’. The Admin user for that organisation.

But, how do you then create new ones that can only interact with that organisation?

I hope that all made sense. Thanks so much.

This is a perfect use-case for Django Groups.

Create a group for each Company. People can be made members of groups. You then use the permissions system to determine whether an individual has access to specific data based upon group membership.

You will need to create some type of “workflow” where only authorized people can assign users to groups - but you’d need to do that regardless of the mechanism you choose to manage this type of situation.

1 Like

Thank you so much. I’ll research groups, and see what I come up with. Appreciate your time responding.

I am thinking I’ll be super user.

Then the company will get an auto assigned user, which is a form of Admin for that company (and all its routes).

Then they can add their own users, which are normal users (or variations of), for that company (and again, all its routes).

Thanks again!