Organizations

Organizations are the top-level administrative unit in Spiral. They are used to configure single sign-on, billing, audit logging, and other settings that apply to all users within the organization.

Since resources belong to projects, and all projects must belong to an organization, each user must be a member of at least one organization in order to use Spiral.

Organization Roles

Each member of an organization is given one of three roles:

Owner: The owner has full control over the organization.
Member: Members cannot configure the organization, but are able to create projects.
Guest: Guests can only access projects they have been invited to, and cannot create new ones.

You can check your role within an organization using the Spiral CLI:


spiral orgs ls


                     Organizations
┏━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━┳━━━━━━━┓
┃    ┃ id                             ┃ name   ┃ role  ┃
┡━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━╇━━━━━━━┩
│ 👉 │ org_01J9KF5Y2CB6DFK9YMBKG7S0Q4 │ Spiral │ owner │
└────┴────────────────────────────────┴────────┴───────┘

The 👉 symbol indicates the organization you are currently logged into. All administrative commands will apply to this organization. You can switch organization using the Spiral CLI:


spiral orgs switch org_01J9KF5Y2CB6DFK9YMBKG7S0Q4

You can decide the role of a user when you invite them to your organization, or by configuring default role mappings with directory sync.

User Management

There are three ways to manage users within your organization (in order of recommendation): SSO, domain verification, and manual invitation.

Single Sign-On (SSO)

Single sign-on (SSO) is the recommended way to manage organization membership. This allows you to automatically add and remove users from your organization based on your existing identity provider.

You can configure SSO for your organization using the Spiral CLI:


spiral orgs sso

See also the directory sync feature for more advanced group-based configuration.

Domain Verification

If you are unable to use SSO, you can verify your domain using a DNS record. This will automatically add to your organization any user that signs up with an email address from your domain.


spiral orgs domains

Manual Invitation

Finally, you can manually invite users to your organization using the Spiral CLI:


spiral orgs invite <email> --role <role>

Groups and Teams

Groups and teams allow you to grant permissions to sets of users at a time.

⚠️

Groups and teams are not yet supported. Please contact us if you are interested in this feature.

Groups are created automatically via directory sync, a feature that replicates group structures from an external directory provider such as Active Directory or Google Workspace.

Teams are functionally identical to groups, however they are managed manually by an organization owner.

Directory Sync

Coming soon! Please contact support if you would like to enable this feature.

Managing Teams

Coming soon! Please contact support if you would like to enable this feature.