Authorization model
Organizations, roles, portfolio scopes, and the current status of role-to-IdP-group mapping.
- An organization in LeaseWizard is your tenant.
- Each user has a role per organization (Owner, Admin, Member, Viewer) + optional portfolio country scope (e.g. user can only see leases in FR and GB).
- Roles are org-scoped; custom roles with custom permission sets are supported.
- Role-to-IdP-group mapping is not implemented today. All role assignment happens in the LeaseWizard admin console. Group claim ingestion is planned.