Teams & Organizations
Soup Cloud supports multi-user access through organizations.
Organizations
Section titled “Organizations”An organization is a container for projects and team members.
Personal Organization
Section titled “Personal Organization”When you sign up, a personal organization is created automatically:
- Named “Personal”
- Only you have access
- Cannot be deleted
- Great for personal projects
Team Organizations
Section titled “Team Organizations”Create team organizations for your company:
# Via CLIsoup org create "Acme Corp"
# Or in the dashboard# Settings → Organizations → CreateOrganization Roles
Section titled “Organization Roles”| Role | View Projects | Create Projects | Manage Members | Delete Org |
|---|---|---|---|---|
| Member | ✓ | ✗ | ✗ | ✗ |
| Admin | ✓ | ✓ | ✓ | ✗ |
| Owner | ✓ | ✓ | ✓ | ✓ |
Project Roles
Section titled “Project Roles”| Role | View Secrets | Edit Secrets | Manage Members | Delete Project |
|---|---|---|---|---|
| Member | ✓ | ✓ | ✗ | ✗ |
| Admin | ✓ | ✓ | ✓ | ✗ |
| Owner | ✓ | ✓ | ✓ | ✓ |
Managing Members
Section titled “Managing Members”Invite to Organization
Section titled “Invite to Organization”# Via CLI (coming soon)soup org invite "Acme Corp" colleague@example.com --role admin
# In dashboard# Settings → Members → InviteNew members receive an email invitation.
Add to Project
Section titled “Add to Project”Organization members can be added to specific projects:
soup project add-member my-app user_abc123 --role memberOr in the dashboard: Project Settings → Members → Add
Remove Member
Section titled “Remove Member”soup org remove-member "Acme Corp" user_abc123Removing from an org also removes from all projects in that org.
Permissions Model
Section titled “Permissions Model”Inheritance
Section titled “Inheritance”Organization admins/owners automatically have access to all projects in the org.
Regular members must be explicitly added to each project.
Example Setup
Section titled “Example Setup”Acme Corp organization:
- Alice (Owner) - Full access to everything
- Bob (Admin) - Can create projects, manage members
- Charlie (Member) - Needs to be added to specific projects
my-api project:
- Alice (Owner via org)
- Bob (Admin via org)
- Charlie (Member) - Added explicitly
- Diana (Member) - External contractor, not in org
Best Practices
Section titled “Best Practices”1. Use Organizations for Teams
Section titled “1. Use Organizations for Teams”Create an organization for each team or department:
engineering- All engineersdevops- DevOps teamcontractors- External contractors
2. Minimal Permissions
Section titled “2. Minimal Permissions”Add people with the minimum role they need:
- Most engineers:
memberon projects they work on - Tech leads:
adminon their team’s projects - CTO:
ownerof the organization
3. Separate Prod Access
Section titled “3. Separate Prod Access”For sensitive production secrets:
- Create a separate project:
my-app-prod - Only add senior engineers and DevOps
- Regular engineers access
my-app(dev/staging only)
4. Regular Audits
Section titled “4. Regular Audits”Review organization members quarterly:
- Remove ex-employees
- Demote unused admin accounts
- Review project memberships
Leaving an Organization
Section titled “Leaving an Organization”Members can leave organizations (except owners):
soup org leave "Acme Corp"Owners must transfer ownership first:
soup org transfer "Acme Corp" new-owner@example.comDeleting an Organization
Section titled “Deleting an Organization”Only owners can delete organizations:
soup org delete "Acme Corp" --confirm "Acme Corp"This deletes:
- All projects in the organization
- All secrets in those projects
- All member associations