Organization Setup

This guide covers configuring and managing your organization in LumoAuth.

Getting Your Organization

When you sign up for LumoAuth, you create an organization during onboarding. Your organization is immediately available at:

https://app.lumoauth.dev/orgs/{your-organization-slug}/portal/

Your organization ID is a URL-safe identifier (e.g., acme-corp) that you chose during signup.

Organization Configuration

Configure your organization settings through the organization portal at /orgs/{orgId}/portal/.

Authentication Settings

Navigate to /orgs/{orgId}/portal/configuration/auth-settings to configure:

Setting	Description
Password Policy	Minimum length, complexity requirements, breach detection
Session Lifetime	How long user sessions remain active
MFA Policy	Required, optional, or adaptive MFA
Account Lockout	Failed attempt threshold and lockout duration
Registration	Allow self-registration or invitation-only
Email Verification	Require email verification for new accounts

Identity Providers

Configure external identity providers for your organization:

Provider Type	Configuration Path
Social Login	`/orgs/{orgId}/portal/configuration/social-login`
SAML 2.0 IdP	`/orgs/{orgId}/portal/configuration/saml-idp`
OIDC Federation	`/orgs/{orgId}/portal/configuration/oidc-idp`
LDAP / Active Directory	`/orgs/{orgId}/portal/configuration/ldap`

Adaptive Authentication

Configure risk-based authentication at /orgs/{orgId}/portal/configuration/adaptive-auth:

Risk score thresholds
Trusted IP ranges
Impossible travel detection
Fraud event webhooks

See Adaptive MFA for details.

Organization Roles

LumoAuth supports different roles within a organization:

Role	Description	Typical Permissions
Organization Admin	Full control over the organization	All organization operations
User Manager	Manage users and assignments	Create/edit/delete users, assign roles
App Manager	Manage OAuth applications	Create/edit/delete applications
Auditor	Read-only access to logs	View audit logs, view users

Assigning Organization Admins

Go to /orgs/{orgId}/portal/access-management/users
Select a user
Assign the Organization Admin role from the roles tab

Organization Settings via API

You can also manage organization settings programmatically using the Admin API:

# Update organization authentication settings
curl -X PATCH https://app.lumoauth.dev/orgs/acme-corp/api/v1/admin/settings \
  -H "Authorization: Bearer {access_token}" \
  -H "Content-Type: application/json" \
  -d '{
    "registration_enabled": true,
    "email_verification_required": true,
    "mfa_policy": "optional"
  }'

See the Admin API documentation for the full list of available endpoints.

Organization Data Model

Each organization owns the following resources:

Organization Portal - Navigate the admin portal
Custom Domains - Map your domain to a organization
Configure Your Organization - Step-by-step organization configuration walkthrough

Getting Your Organization​

Organization Configuration​

Authentication Settings​

Identity Providers​

Adaptive Authentication​

Organization Roles​

Assigning Organization Admins​

Organization Settings via API​

Organization Data Model​

Related Guides​