Multi-tenant SaaS

Invite your team. Role-based access. Per-tenant scoping.

Built for businesses with multiple admins and ops people. Each admin sees only their own merchant. Audit log captures every state change. SSO ready.

What you get

Per-tenant scoping

Each business admin is bound to a merchant_id. They see only their users, transactions, and treasury. No cross-tenant leaks.

Role-based access

platform_admin (super) · admin (per-tenant) · operator (read-only). Add custom roles for your team.

Audit log

Every state change — approve, reject, pay, increase balance, allocate wallet — captured with who, when, IP, user-agent.

2FA + TOTP

2FA is mandatory for business admins. Google Authenticator, Authy, 1Password all work.

SSO ready

SAML 2.0 + OIDC. Connect Okta, Azure AD, Google Workspace in minutes. We charge SSO at enterprise tier only.

Custom roles

Build your own roles: "Finance Ops", "Compliance", "KYC Reviewer". Granular permission control.

In practice

Business · Northwind Trading · 5 admins

Northwind has 5 business admins — 1 owner, 2 ops, 1 compliance, 1 finance. Each sees only what their role allows. Audit log shows who approved which card application. No spreadsheet tracking.

5 roles

Northwind configured

At a glance

Roles per tenant

2FA

SSO

Audit retention