Skip to content

Add organizations, teams, and RBAC #28

Open
Open
Add organizations, teams, and RBAC#28
Labels
enhancementNew feature or request
Milestone
Phase 4: Enterprise-grade open source polish
@jusso-dev

Description

@jusso-dev
jusso-dev
opened on May 31, 2026

Problem

Single-scope API keys are enough for early development, but teams need isolated organizations, roles, and permission boundaries.

Scope

  • Add organization and team data model.
  • Add roles: owner, admin, editor, responder, viewer.
  • Add permission checks to monitor, incident, status page, notification, and settings APIs.
  • Add invitation flow or bootstrap-only team membership for v1.
  • Plan migration from existing single-tenant data into a default organization.

Acceptance criteria

  • Existing installs migrate into a default organization without data loss.
  • Role permissions are enforced consistently in API handlers.
  • API keys can be scoped to an organization and role.
  • Tests cover allowed and denied access for each role.
  • OpenAPI marks endpoints that require elevated permission.

Notes

This issue is part of the GoUpTime product roadmap.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions