Multi-tenancy & governance
Serve multiple organisations from one deployment with strict isolation, and govern who can author and publish templates through roles and an approval workflow.
Multi-tenancy
A single DocsNG deployment can host many tenants with per-tenant data isolation. Isolation is enforced centrally so cross-tenant access is impossible by construction — not left to individual queries. Each tenant has its own:
- Data, templates and documents (isolated).
- Branding and logo.
- Signing keys and timestamp-authority configuration (see Signing and bring-your-own-key).
- Administrators and users.
Tenant isolation applies everywhere, including background and batch jobs. A tenant provisioning flow onboards new organisations.
Roles & access control
Beyond the base User and Administrator roles, granular roles let you separate duties:
| Role | Can |
|---|---|
| Author | Create and edit template drafts |
| Reviewer | Review and approve/reject templates |
| Publisher | Publish approved templates |
| Administrator | Full control of the tenant |
Template approval workflow
Templates move through a lifecycle: draft → in-review → approved/published → retired. Only approved/published versions can be used for generation, and every approval action is recorded in the tamper-evident audit trail. A review queue lets reviewers approve or reject with comments, and publishers release approved versions.
Template versioning
Every publish creates a new template version. Authors can view the version history, download any prior version, and restore an older version (which creates a new version rather than overwriting history). A lightweight diff shows what changed between versions.
Auditability
All data changes and workflow actions are captured automatically. Combined with the tamper-evident audit log, this gives an end-to-end, verifiable record of who did what and when.
Need help? Contact us or try the live demo.
