Organizations¶
Organizations provide multi-tenant isolation in SentriKat. Each organization has its own products, vulnerability matches, users, and notification settings.
PRO Feature
Multi-tenant organizations require a PRO license. The DEMO edition includes a single default organization.
Creating an Organization¶
- Go to Admin > Organizations
- Click Add Organization
- Fill in the details:
- Name: Display name (e.g., "ACME Corp")
- Slug: URL-friendly identifier (auto-generated from name)
- Description: Optional notes about this organization
- Primary Contact: Email address for organization-level alerts
- Click Save
# Or create via API
curl -X POST https://sentrikat.example.com/api/organizations \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "ACME Corp",
"description": "Production environment",
"primary_contact": "[email protected]"
}'
Organization Settings¶
Each organization can be configured independently:
| Setting | Description | Default |
|---|---|---|
| Name | Display name | Required |
| Primary Contact | Alert recipient | None |
| Auto-Approve Agents | Skip manual agent approval | Off |
| Default Criticality | Default product criticality | 3 |
| Alert Threshold | Minimum priority for alerts | High |
Editing Settings¶
- Go to Admin > Organizations
- Click the organization name
- Select the Settings tab
- Modify settings and click Save
Assigning Users¶
Users are scoped to one or more organizations. A user's role can differ per organization.
- Navigate to the organization's Members tab
- Click Add Member
- Select an existing user or enter an email to invite
- Choose a role:
- Admin -- Full control within this organization
- Manager -- Manage products and acknowledge vulnerabilities
- Viewer -- Read-only access
- Click Add
Tip
A super_admin has access to all organizations automatically. You do not need to assign them individually.
For more details on user roles, see Users & Roles.
Assigning Products¶
Products can belong to one or more organizations. When a product matches a KEV entry, only users in the assigned organizations see the match.
Manual Assignment¶
- Go to Admin > Products
- Select a product and open the Organizations tab
- Check the organizations that use this product
- Click Save
Bulk Assignment¶
- Select multiple products from the product list
- Click Bulk Edit > Assign to Organization
- Choose the target organization
- Confirm
Agent-Based Assignment¶
When an agent submits inventory, products are automatically assigned to the organization configured on that agent's API key.
Organization Isolation¶
SentriKat enforces strict data isolation between organizations:
| Data | Isolated? | Notes |
|---|---|---|
| Products | Yes | Each org sees only its assigned products |
| Vulnerability matches | Yes | Matches scoped to org's products |
| Users | Yes | Users see only their org's data |
| Alerts | Yes | Notifications sent per org settings |
| API keys | Yes | Keys scoped to a single org |
| Agents | Yes | Agents report to one org |
Warning
Deleting an organization removes all associated product assignments and vulnerability acknowledgments. The products themselves are preserved but become unassigned.
Default Organization¶
Every SentriKat installation has a default organization created during setup. This organization:
- Cannot be deleted
- Is used when no organization is specified in API calls
- Receives products from agents that lack an explicit organization scope
Managing Multiple Organizations¶
For environments with many organizations (e.g., MSPs managing client environments):
- Naming convention -- Use consistent prefixes like
client-acme,client-globex - Dedicated API keys -- Create one API key per organization for agent deployments
- Contact mapping -- Set unique primary contacts so alerts route correctly
- Regular audits -- Review the organization list quarterly and decommission unused entries
API Operations¶
# List all organizations
curl https://sentrikat.example.com/api/organizations \
-H "Authorization: Bearer YOUR_TOKEN"
# Get organization details
curl https://sentrikat.example.com/api/organizations/1 \
-H "Authorization: Bearer YOUR_TOKEN"
# Update an organization
curl -X PUT https://sentrikat.example.com/api/organizations/1 \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name": "ACME Corp - Production", "primary_contact": "[email protected]"}'
# Delete an organization
curl -X DELETE https://sentrikat.example.com/api/organizations/1 \
-H "Authorization: Bearer YOUR_TOKEN"
Next Steps¶
- Configure users and roles
- Set up notifications per organization
- Deploy agents scoped to organizations