Organizations & projects
CertAutoPilot is organized as one organization (the tenant) containing many projects. Projects are the isolation boundary for day-to-day certificate work; org-wide resources are shared across all of them. Confusingly for newcomers, Settings → Organizations is not the tenant — it manages OV/EV organization profiles used in certificate subjects (see below).
Tenancy model
- Users hold an org role plus optional per-project role overrides — see Auth & RBAC.
- Most pages in the UI are scoped by the project selector in the top bar; switching projects switches every project-scoped list.
Org-wide vs project-scoped resources
Org-wide (/api/v1/...) | Project-scoped (/api/v1/projects/:projectId/...) |
|---|---|
| Users, LDAP, OTP policy | Certificates (issue, renew, revoke, download) |
| License | ACME accounts, MSCA connections |
| General settings, syslog | DNS credentials, zones |
| Organization profiles (OV/EV) | Module configs & credentials, targets, target groups |
| CA providers | Distributions, PathSets/ActionSets, project variables |
| Notification templates | Notification channels & rules |
| Org-level audit logs | Domain tracking, discovery sources & inventory |
| Approval requests (approve/reject) | Dashboard, bulk actions, certificate policy, project audit logs |
| Jobs (list, logs, retry, cancel) |
Org-level actions check only the org role; project-scoped actions check the effective project role (most-permissive of org and project role).
Projects
Managed at Settings → Projects (org admin).
- Create — name, slug (lowercase letters, numbers, hyphens; immutable after creation), optional description.
- Edit — name and description only; the slug is fixed.
- Delete — refused with 409 Conflict while the project still contains resources (certificates, module configs, targets, …). The error lists what's still referenced; delete or move those resources first, then retry. Once empty, the project document is hard-deleted. Deletion of a project requires the org owner role.
There is no cascade delete — a project can never take certificates or credentials down with it by accident. Emptying a project is a deliberate, resource-by-resource operation.
Organization profiles (OV/EV)
Settings → Organizations manages reusable subject profiles for OV/EV certificates. DV (domain-validated) certificates don't need one — the list's empty state says exactly that. Fields are included in the CSR Subject; the CA may verify and modify them during validation.
| Field | Subject attribute | Required |
|---|---|---|
| Organization Name | O — legal name, must match official registration for OV/EV | yes |
| Country | C — ISO 3166-1 two-letter code | yes |
| State / Province | ST | yes |
| City / Locality | L | yes |
| Street Address | street address — some CAs require it for EV | no |
| Postal Code | may be verified during OV/EV validation | no |
An additional collapsed EV Certificate Fields section covers: jurisdiction country / province / locality (place of legal incorporation), registration number (government-assigned business/tax ID), incorporation date (YYYY-MM-DD, used as EV serialNumber when no registration number exists), and business category (one of the four CA/Browser Forum values: Private Organization, Government Entity, Business Entity, Non-Commercial Entity).
Deleting a profile is refused while any certificate references it (organization is referenced by N certificate(s) and cannot be deleted).
See also
- Auth & RBAC — roles, project overrides, escalation guard
- RBAC & tenancy concepts
- Certificate issuance
- General settings reference