Organizations
An organization is a top-level tenant. Each organization has its own users, groups, applications, and workspaces, plus a default policy and an authentication mode. A new deployment ships with a single Default Organization, which is enough for most single-tenant setups.
What an organization controls
- Default policy set applied to workspaces that do not specify their own.
- Authentication mode: Built-in, OIDC, LDAP, or Workgroup.
- Branding for the login experience.
- Recording overrides and AMI configuration for the tenant.
When to create more than one
Use multiple organizations when you need hard separation between tenants — for example, distinct customers or business units that must not share users, applications, or workspaces. For a single business running several applications, one organization with multiple workspaces and groups is usually simpler.