Authentication

Authorization model

Organizations, roles, portfolio scopes, and the current status of role-to-IdP-group mapping.

An organization in LeaseWizard is your tenant.
Each user has a role per organization (Owner, Admin, Member, Viewer) + optional portfolio country scope (e.g. user can only see leases in FR and GB).
Roles are org-scoped; custom roles with custom permission sets are supported.
Role-to-IdP-group mapping is not implemented today. All role assignment happens in the LeaseWizard admin console. Group claim ingestion is planned.

Domain verification

Proving your organization controls an email domain before LeaseWizard will route users to your IdP or JIT-provision them.

Network & firewall whitelisting

Hosts, IP ranges, and TLS inspection notes for enterprise firewall or egress proxy allowlists.

Authorization model | LeaseWizard