What are organizations and projects?
In redirection.io, organizations are groups of people, who can collaborate on several projects at once.
- the Rules are gathered in projects ;
- a project belongs to one organization ;
- a given user can belong to several organizations. In each of these organizations, he can be given specific permissions.
Organizations may include an unlimited number of collaborators, and allow to give specific project permissions to their members.
In an organization, a project is usually mapped to a website, even though you may want to separate various parts of your website into several redirection.io projects, in order to have a fine-grained permissions control.
For example, imagine that your web platform is an international websites, which contains the local websites of all your geographical regions. This is usually made using subdomains (eg.
uk.example.com, etc.), or paths within the URL (eg.
example.com/uk, etc.). If you need or want to delegate the redirections management to the local marketing teams, in each country, you can create an organisation "example.com", then create as many redirection.io projects as there are geographical entities.
As another example, your company will want to create separate redirection.io projects for its dedicated brands websites, even if the same people are managing these websites rules. This allows for a neat separation of traffic data across websites, and helps performing better traffic analysis and redirect rules management.
You can still manage several websites in one redirection.io project, but remember that the users in this project will be able to edit the rules for all the websites. If you have a requirement on permissions, then the way to go is to use several redirection.io projects.
At the organization level, there are three different roles:
- simple member
- members with financial responsibilities
- organization administrator
The member role only provides a few permissions. A "member" can :
- see the list of the organization users
- see the list of the projects they are explicitly attached to.
If you do not grant an organization member an explicit role to any of the organization projects, they will see an empty projects list, and will not be able to contribute.
The Financial role is specifically tailored for people who should have access to billing and invoicing information, but should not be allowed to changed the project settings, the rulesets, etc. In details, a user with the "Financial" role will get all the “Member” permissions, plus:
- they can edit the billing information of the organization
- they can see the list of all the projects of the organization
- they can upgrade projects to paid plans
Users with the organization administrator role have a complete administrative access to the entire organization and projects.
- they can create, delete, upgrade projects
- they can invite or remove users
- they can edit the billing information
- they can edit or delete the organization
The organization admin role is quite powerful, and should only be restricted to a few contacts in your organization.
At the project scale, there are different permission levels:
- Project administrator
Of course, a specific organization member can be given the
Reader role in one of the projects of the organization, and the
Publisher role in another project.
A project reader may only read data, which means that they can:
- see and export the trafic logs
- see and export the rules
- see and export the crawls
- see the list of instances
- see the list of the project users
A member with the "Reader" role is not allowed to edit project settings, to created rules or to manage the project.
A project contributor can perform write actions on rules or crawls, but cannot manage the project settings nor publish rulesets. In details, they can:
- create, edit or remove rules in draft mode
- start/cancel/stop a crawl
- remove an instance
A project publisher can perform write actions on rules or crawls, manage the project rules settings and publish rulesets, but cannot manage user permissions, billing or the project deletion. In details, they have all the Contributor permissions, plus they can:
- edit the rules settings
- publish a new ruleset
A project administrator can perform write actions on the project and manage all the project settings, including the users permissions, the billing and project upgrade, and the deletion of the project. In details, they can:
- rename or delete the project
- manage the project billing
- invite or remove users
Create a new organization¶
You can create a new organization when you first log into the manager or later, using the organization dropdown menu:
- click on the "Add new" button in the organization dropdown menu
- fill the form and use your shiny new organization ✨
Create a new project¶
You can create a new project when you first log into the manager or later, from the organization dashboard:
- Visit your organization dashboard
- click on the "Add a new project" button
- fill the form and use your shiny new project ✨
When hitting the organization name, in the upper left corner of the manager, you can access the organization settings, which allow the organization administrators to perform several administrative tasks:
- rename or delete the organization
- configure some security and notification settings
Under the security tab, organization admins can choose to enforce Two-factor authentication for all the members across the organization. In other words, when this option is on, all the users who do not have two-factor authentication enabled for their personal account won’t be able to access the organization until they configure 2FA.
Please note that this setting does not affect users who log in exclusively using an external identity provider (eg., Google, Microsoft, ...). Also, if a user usually logs in using an external identity provider, and has also defined a password in his account, he will have to enable 2FA to regain access to this organization.
All the users of the organization who have not yet configured 2FA will receive an email notice and will have to enable 2FA to regain access to the organization.