Organizations
Organizations in Beacon Tower are the primary mechanism for managing access, permissions, and resource ownership. They provide multi-tenant capabilities, allowing you to partition users, assets, dashboards, and other resources into logical groups with independent access controls.
Definitions
| Term | Definition |
|---|---|
| Organization | A logical group that controls access, permissions, and resource ownership for users and resources. |
| Parent Organization | The organization that created and owns a child organization. |
| Child Organization | An organization created under a parent, inheriting privilege limits from the parent. |
| Root Organization | A top-level organization with no parent. |
| Privilege | A permission that determines what actions members of an organization can perform. |
| Relation | A connection between an organization and a resource that grants access to that resource. |
| Organization Template | A pre-configured set of privileges, relations, and settings that can be applied when creating organizations. |
Concept
Organization Concept
An organization is an entity that has:
- Privileges determining what it is allowed to do
- Access to resources which determines what resources the organization is allowed to see or access
- Users which determines which users are allowed to access the organization and in turn the resources it has access to
There are additional organization features like licenses and themes, but the three above are the core functionality.
Common uses for organizations include representing customers to ensure they only have access to their devices, or providing groups within your company (like R&D) access to resources the rest of the organization does not have.
An organization exists within a hierarchy. An organization can either be created with another organization as parent or with "No Parent". An organization with no parent is the top organization of its own hierarchy. Resource access is NOT dependent on this hierarchy, and resources like assets can be shared with other organizations regardless of whether they are in the same hierarchy or a different one.
Below is an example of how a hierarchy can look, with assets being shared with multiple different organizations.
Your organization
├── Customer A
│ └── Asset 1
├── Customer B
├── Reseller
│ ├── Customer C
│ │ └── Asset 2
│ └── Customer B
│ └── Asset 3
└── Service Partner
└── Asset 1
└── Asset 2
Privileges
Privileges determine what actions members of an organization can perform. Available privileges include:
| Privilege | Description |
|---|---|
| Asset Management | Create, edit, and delete assets |
| Dashboard Management | Create, edit, and delete dashboards |
| User Management | Manage users within the organization |
| Tree Management | Create and manage node trees |
| Model Management | Create and manage asset models |
| Alarm Management | Create and manage alarm definitions |
| Organization Management | Create child organizations and manage settings |
| Provider Management | Manage data providers |
| Provider Client Management | Manage IoT Hub device connections |
| Notification Management | Configure notification settings |
| Firmware Management | Manage firmware releases and deployments |
When creating a new organization, it starts with no privileges. Administrators must explicitly grant privileges, limited to those available from the parent organization.
Default Contacts
Organizations can designate default contact users and groups for notifications. When alarms trigger or system events occur, these contacts receive notifications. See Notifications for more details.
Organization Templates
Templates allow you to pre-configure organizations with:
- Default privileges
- Pre-assigned relations (dashboards, assets, users, groups, etc.)
- Theme settings
- License requirements
- Default notification contacts
Using a template when creating an organization automatically applies all template settings, reducing manual configuration.
Use Cases
Standard Customer Setup
The most common use of organizations is to represent customers. One organization is created per customer, usually with no or few privileges, as customers normally are not allowed to create or edit resources. Larger customers might have User Management to manage their own users or Dashboard Management to create their own dashboards.
For resellers or independent sales offices, more complex organizations can be set up that have Organization Management to create and manage their own sub-organizations, or Asset Management to create their own assets.
Best Practices
- Plan your hierarchy: Design the organization structure before creating organizations to ensure proper privilege inheritance
- Use templates: Create templates for common organization configurations to ensure consistency
Workflows
Creating an Organization
- Navigate to Administration > Organizations
- Click Add to open the new organization dialog
- Select a Parent organization (or "No Parent" for root)
- Enter a Display Name
- Optionally add a Description
- Optionally select a Template to apply pre-configured settings
- Click Create
After creation, you can configure privileges and relations on the organization edit page.