Tenants and access

This page is about two simple questions:

• Who can get into Esper?
• Which workspace are they allowed to operate?

Operator authentication

The current login flow is GitHub-backed. The frontend sends operators to the backend login endpoint and expects a token returned to the callback page:

/auth/github/login

On callback:

• the token is read from the URL hash
• the token is stored as esper.auth_token
• the app calls /me to validate the session
• invalid sessions are cleared and redirected back to /login

Plain English:

• GitHub proves who the operator is
• Esper stores a token so the browser can stay signed in
• /me confirms that the token still maps to a valid operator session

Tenant lifecycle

The tenant form currently supports two fields only:

• name
• slug

What they mean:

Field	Meaning	Why it matters
name	The human-friendly workspace name	Seen throughout the UI
slug	The short stable identifier for the tenant	Useful for consistent naming and references

Create requests are sent to:

POST /tenants

Update requests are sent to:

PATCH /tenants/{tenant_id}

Membership management

Memberships are tenant-scoped. The current UI supports:

• create or update membership with user_id and role
• remove membership by user_id

Endpoints used by the frontend:

GET /tenants/{tenant_id}/memberships
POST /tenants/{tenant_id}/memberships
DELETE /tenants/{tenant_id}/memberships/{user_id}

Supported roles:

Role	Current meaning in the UI
Owner	highest-level tenant role exposed by the console
Admin	administrative tenant operator
Analyst	analytical operator role
Viewer	read-oriented operator role

The current frontend does not expose role-specific conditional UI; it submits and displays the role values returned by the backend.

Practical guidance:

• create separate tenants for clearly separate customers or environments
• keep tenant names obvious, such as Acme Production or Internal Staging
• use memberships to control who can operate a tenant, even if the UI currently shows the same surfaces to every role