Skip to main content
Organizations are the foundation of Paygentic’s resource model. Everything in the system - products, metrics, plans, accounts - belongs to an organization.

Two Types of Organizations

Merchants

Sell services through Paygentic. They create products, define pricing, manage customer relationships, and receive payments.

Consumers

Buy services from merchants. They hold accounts for payments and subscriptions to merchant offerings. The same entity can be both - selling their own services while purchasing from others.

Managed Customers

Merchants often handle billing without requiring customers to interact with Paygentic directly. This is done through managed consumer organizations. When you create a customer through the API, Paygentic automatically:
  1. Creates a consumer organization
  2. Links it to your merchant organization
  3. Isolates their account funds to your relationship
  4. Provides limited portal access for viewing usage
The customer never needs a Paygentic login. You maintain full control while they get transparency.

Users vs Organizations

Organizations own. Users do. Users are individuals who perform actions - creating products, viewing analytics, managing billing. Each user belongs to one or more organizations and inherits specific permissions within each.

Permission Boundaries

Every action requires two validations:
  1. Does the user belong to the organization?
  2. Does the user have permission for this action?
This dual-check prevents both unauthorized access and accidental modifications.

Platform Operations

A special platform organization exists for system-level operations. This handles:
  • Cross-merchant settlements
  • Platform fee collection
  • System maintenance tasks
  • Compliance operations
Regular organizations never interact with platform operations directly - it works transparently in the background.

Identity Federation

Organizations can connect external identity providers. This enables:
  • Single sign-on for team members
  • Automated provisioning/deprovisioning
  • Centralized permission management
  • Audit trail compliance

Data Isolation

Each organization’s data is cryptographically isolated. Even within shared infrastructure:
  • Queries are scoped to organization context
  • Cross-organization access is impossible
  • Backups maintain isolation boundaries
  • Deletion is complete and irreversible

Next Steps