'%20filter='url(%23b)'%20transform='translate(0%20-286)'/%3e%3cpath%20d='M1636.5%20147c-123.436%200-223.5%20102.975-223.5%20230s100.064%20230%20223.5%20230S1860%20504.025%201860%20377c-.143-126.964-100.124-229.853-223.5-230Zm107.16%20308.341c-1.892%202.323-4.973%203.231-7.78%202.295l-98.896-32.908-98.896%2032.908c-2.807.933-5.884.022-7.774-2.3-1.89-2.32-2.212-5.587-.815-8.25l101.128-192.49c1.376-2.238%203.776-3.596%206.357-3.596%202.58%200%204.981%201.358%206.357%203.596l101.128%20192.49c1.401%202.663%201.08%205.932-.81%208.255Z'%20fill='url(%23c)'%20filter='url(%23d)'%20transform='translate(0%20-286)'/%3e%3c/g%3e%3c/svg%3e)
Organizations — tenant, verification, and structure
An organization is Loopback’s tenant: the legal and operational container for projects, billing, DNS, integrations, and member access. This guide is for customer admins who own or administer an organization.
Why organizations matter
- Billing rolls up here (invoices, payment methods, spending limits).
- Data isolation — other organizations cannot see your projects or infrastructure metadata.
- Policy — verification status, blocked/waitlist states, and capability limits apply at org scope.
- Integrations — Git OAuth (GitHub/GitLab) for bundles, monitoring sources, notification channels, and more attach here.
Multiple organizations per person
A single account can be a member of many organizations with different roles in each. That supports:
- Agencies managing client tenants.
- Separate legal entities under one login.
Switching organization in the product changes every list view: projects, workspaces, billing.
Organization status (what blocks you)
Verification / business status
Common values:
- In setup — onboarding incomplete; many write actions disabled.
- Verified — normal operations (create projects, Kubernetes workspaces, etc.).
- Pending / blocked / waitlist — manual review; expect creation APIs to refuse with “entity status” errors.
Resource state
Organizations also have active / inactive / deleted lifecycle. Deleted orgs should be invisible in normal use.
What belongs to an organization (inventory)
Use this as a checklist of features your admins may manage:
People & access
- Memberships — which accounts belong to the org.
- Invites — pending invitations.
- Roles — named permission bundles assigned to members.
- Authentication providers — optional IdP configuration for Loopback login (distinct from Kubernetes OIDC).
Money & contracts
- Payment methods (e.g. card, SEPA).
- Invoices and cost summaries (where exposed).
Naming & trust
- Domains — domain registration records Loopback tracks for DNS workflows.
- DNS records and DNS record zones at organization scope (patterns delegated to projects/workspaces).
- Network bridges — connectivity constructs between network segments (operator-dependent use).
Delivery & Git
- Bundles — repositories, bundle definitions, environments, revisions, deployments, build/deploy operations.
- GitHub / GitLab OAuth app wiring for bundle repositories.
Observability
- Monitoring sources — catalog of probe/agent sources for monitoring.
- Notification channels — where org-level alerts may be delivered.
Projects
- Projects — required parent for workspaces and many resources.
Not every deployment turns on every integration; if a menu is missing, the feature may be off or enterprise-only.
Capabilities and limits
Organizations carry soft limits (e.g. maximum hosts) and limitations flags (e.g. whether SEPA payment is allowed). Hitting a limit surfaces as limit-reached style errors — resolve with your operator or plan upgrade.
Creating the first project
Once verified, an admin creates a project (name + metadata). Projects are mandatory parents for workspaces and anchor project-scoped load balancers, object storage, and DNS zones.
See Project resources.