Layi Docs

Operations

Org Manager

Identity, user lifecycle, billing, and governance for every tenant

Last updated: December 2025

πŸ›οΈ What the Org Manager controls

This page covers the Org Manager portalβ€”the human admin screen for identity, user lifecycle, billing, and governance. It is separate from the AI Org-Manager agent that supervises other agents; see Agents & Memory for that role. The portal is provisioned during org bootstrap and fronts identity + billing workflows so operators can administer their tenant without touching the underlying systems.

Identity service
Sign-up, sign-in, password reset, and MFA run through the managed identity tier per org.
User & Role Admin
Org Manager APIs add/remove users, assign roles, and mirror the roster into supervisor configs.
Usage & Billing
Tracks workflow volume, voice minutes, and tool spend; exports invoices per billing cycle.
Operational Health
Schedules nightly audits, follows up on low reward scores, and escalates incidents when required.

πŸͺͺ Authentication & session management

Org Manager fronts the identity tier to keep auth fully multi-tenant. Each org receives dedicated namespaces so JWTs naturally scope `org_id` and `user_id` into every workflow input.

  • Sign-up: Public registration flow (or sales-assisted provisioning) calls OrgManagerCreatorWorkflow, which seeds identity records, Cassandra registry entries, and the mandatory sub-agent roster.
  • Sign-in: The identity layer issues JWTs that Org Manager validates and injects into dashboard sessions, channel gateways, and SDK tokens.
  • Password reset: Hosted reset links trigger Org Manager hooks so recent sessions are revoked and audit trails capture the change.
  • MFA / SSO: Optional SSO providers (SAML/OIDC) are registered per org; Org Manager enforces whether they are mandatory.

πŸ‘₯ User lifecycle APIs

User management flows through Org Manager endpoints so operational teams can automate staffing without touching the underlying identity store. These endpoints interact with humans and the portal UIβ€”AI agents cannot call them directly.

Invite user
POST /orgs/{org_id}/users β†’ sends an invite email, seeds RBAC state, and emits audit telemetry.
Remove / suspend
DELETE /orgs/{org_id}/users/{user_id} β†’ disables the identity record, revokes tokens, and pauses assigned agents.
Assign role
PATCH /orgs/{org_id}/users/{user_id} β†’ updates Org Manager RBAC (viewer/operator/admin/billing) and cascades to dashboard feature flags.
Reset credentials
POST /orgs/{org_id}/users/{user_id}/reset-password β†’ issues a reset link + logs policy.decision events.
Usage monitoring
GET /orgs/{org_id}/usage β†’ streams metrics (workflow count, voice minutes, tool spend) for internal dashboards.
Audit export
GET /orgs/{org_id}/audit β†’ packages reward events, plan diffs, and clarification resolutions for compliance.

πŸ’³ Billing & usage

Org Manager aggregates workflow telemetry, tool gateway spend, and LiveKit voice consumption to generate per-org invoices.

  • Usage sources: Temporal workflow metadata, FastMCP cost hooks, LiveKit session duration, and RAG token metering.
  • Billing periods: Default monthly; override via Org Manager settings to align with enterprise fiscal calendars.
  • Export formats: JSON + CSV delivered via secure download or pushed to the customer's billing system through the Tool Gateway.
  • Alerts: Thresholds trigger email/webhook notifications and optional automatic throttling via Org Manager policies.

βš–οΈ Governance & follow-up workflows

After each agent run the orchestrator persists reward payloads and, when necessary, calls `trigger_org_manager_followup`. That workflow reviews the run, routes incidents, and can request agent refinements.

  • Nightly schedule: `ensure_org_manager_schedule` maintains a Temporal schedule per org (default 24h cadence) for health scans.
  • Follow-up reasons: Severity alerts, scores below threshold, verification failures, SLA breaches, or billing anomalies.
  • Escalations: Org Manager can page humans, open incidents via MCP tools, or submit configuration changes for review.
  • Procedural memory: Lessons feed back into procedural memory so future runs adopt successful mitigations automatically.

Threads & Messaging