Accounts
The Accounts model describes the representation of Tenant and User accounts and how they relate to each other. User accounts exist independently of any tenant and are created when a person signs up for Arda. A user with the proper permissions and active subscription can create tenants.
Concepts
Section titled “Concepts”Tenant
Section titled “Tenant”A Tenant is an organization that has contracted with Arda to use the system. All business-domain entities (items, facilities, kanban cards, purchase orders) belong to a specific tenant. The tenant is the primary unit of data isolation and access control.
A tenant has:
- A name identifying the organization within the Arda platform
- An optional reference to the legal entity that subscribed with Arda
- Settings governing how the tenant operates within the platform
- A set of user accounts authorized to act on behalf of the tenant (through
AgentForrelationships) - A subscription describing the terms of their agreement with Arda
UserAccount
Section titled “UserAccount”A UserAccount is the individual user profile within the Arda system. It exists independently of any specific tenant — a user can be affiliated with multiple tenants.
A user account has:
- A name
- Real-world identification information
- One or more sets of authentication credentials (delegated to the OAuth2 / Cognito service)
- A set of tenant affiliations (through
AgentForrelationships), representing all tenants the user can act for - An indication of the currently active affiliation, remembered between sessions
- A personal subscription describing the user’s individual agreement with Arda
AgentFor
Section titled “AgentFor”AgentFor is the relationship entity between a UserAccount and a Tenant. It captures how a user can access and interact with a tenant’s information and which workflows they are authorized to perform.
| Property | Type | Description |
|---|---|---|
agent | Reference to UserAccount | The user account granted access |
sponsor | Reference to Tenant | The tenant granting access |
settings | (structured) | Tenant-specific settings for this user |
state | AffiliationState | Current state of the affiliation |
An AgentFor relationship is scoped to a tenant. A user may have multiple AgentFor relationships, one per tenant.
Subscription
Section titled “Subscription”A Subscription represents the contractual relationship between Arda and either a user or a tenant. It has a lifecycle:
| State | Description |
|---|---|
PENDING | Subscription created but not yet active (e.g., awaiting terms acceptance or payment) |
ACTIVE | Subscription in good standing; associated features are accessible |
SUSPENDED | Subscription temporarily inactive (e.g., payment issue); features may be restricted |
CANCELLED | Subscription permanently terminated |
Key properties include the subscription state, the timestamp when terms and conditions were accepted, and the identity of the person who accepted them.
UserSession
Section titled “UserSession”A UserSession represents a current interaction between the user and the system. During a session, the user operates within the context of one specific tenant (selected from their available AgentFor relationships). The session is transient — the system does not persist it between sessions, though it remembers the active affiliation to use as a default on the next login.
State Models
Section titled “State Models”AffiliationState
Section titled “AffiliationState”The state of the relationship between a user and a tenant:
| Value | Description |
|---|---|
INVITED | The user has been invited to join the tenant but has not yet accepted |
ACTIVE | The user is an active agent for the tenant |
SUSPENDED | The user’s access to the tenant is temporarily suspended |
REVOKED | The user’s access to the tenant has been permanently revoked |
SubscriptionState
Section titled “SubscriptionState”Full enumeration of subscription states includes: PENDING, PP2 (pre-paid / promotional state), ACTIVE, SUSPENDED, CANCELLED.
Relationships
Section titled “Relationships”UserAccount --[0..*]--> AgentFor --[1]--> TenantUserAccount --[1]--> Subscription (personal)Tenant --[1]--> Subscription (organizational)UserAccount --[0..1]--> AgentFor (active affiliation)A user creates an account independently of any tenant. A tenant creator automatically has an AgentFor relationship to their own tenant. The Arda Account Admin persona manages AgentFor relationships, inviting users to tenants and managing their affiliation state.
Excluded from this document: Authentication credential management (OAuth2, AWS Cognito integration), token formats, and session management implementation details belong in the Current System section.
Copyright: © Arda Systems 2025-2026, All rights reserved