Workspaces, Identity and Access Control

Separate teams, departments, clients or regulated processes while maintaining access control and accountability across your document knowledge base.

Why access control matters for document intelligence

When AI makes documents instantly searchable, controlling who can see what becomes essential. NexDok lets you put the right documents in front of the right people — and keep everyone else out — so sensitive and regulated content stays protected.

Workspaces for separation and governance

Use separate workspaces to isolate teams, departments, clients or regulated processes. Each workspace keeps its documents, structure and access boundaries distinct, so information doesn’t leak across contexts.

Roles, permissions and groups

Grant access through roles, permissions and access groups. Define who can view, edit, approve or manage documents, and adjust permissions as teams and responsibilities change.

Traceability and accountability

Maintain a clear record of activity across your document base, so you always know who did what and when — the accountability that audited and regulated teams depend on.

Request a demo

Advanced Use Case

One identity.
Many workspaces.
Zero confusion.

A consultant invited to her client's workspace while running her own subscription. A board member on three non-profits. An auditor with eight active client engagements. NexDok was built for this exact reality.

The 30-second answer: One email = one identity, but you can belong to as many workspaces and as many subscriptions as you need — and they never get mixed up. Switch with one click. Each workspace stays fully isolated: its plan, its quotas, its branding, its audit log.

The model

Three separate concepts most tools conflate

Identity, membership, and subscription are usually treated as one. NexDok models them separately — that is what makes multi-context life work cleanly.

1

Identity

One per email, ever.
  • The email you sign in with
  • Your name and profile photo
  • Your password / SSO claims
  • MFA factors and backup codes
  • Personal language, time zone, settings
2

Membership

One per workspace you belong to.
  • Role in that workspace (Owner, Admin, Editor, Viewer)
  • Access groups assigned to you there
  • Per-document permissions in that scope
  • Lifecycle status (Pending, Active, Disabled)
  • Independent of your roles elsewhere
3

Subscription

The billing entity behind a workspace.
  • Plan: Solo, Team Basic, Team Pro, Enterprise
  • Payment method and billing contact
  • Owns one or more workspaces
  • Quotas apply per-account, not per-user
  • You can be a member of many accounts
YOUR IDENTITY you@example.com MEMBERSHIP Workspace A · role: Editor MEMBERSHIP Workspace B · role: Owner MEMBERSHIP Workspace C · role: Viewer ACCOUNT X Plan: Team Pro Paid by Client X ACCOUNT Y (yours) Plan: Solo Paid by you ACCOUNT Z Plan: Enterprise Paid by Acme Corp
A real scenario

Watch it play out: María, the consultant

Independent management consultant, on a 6-month engagement with Client X, also running her own NexDok Solo subscription. One email everywhere: maria@correo.com.

M
María García

Solo consultant · personal Solo subscription · invited as Editor on Client X's Team Pro

Day 1

María signs up

Creates her account at nexdok.com/signup. NexDok provisions:

  • Identity for her email
  • Personal account on Solo plan
  • Workspace_María (she is Owner)
  • She is the billing owner
Day 2

Client X invites her

Their admin sends an Editor invite to her email. NexDok detects her existing identity and skips creation. She accepts with her existing credentials. New membership created:

  • tenant: Client X — Operations
  • role: Editor · status: Active
  • No password reset, no second account
Day 30

A typical workday

One sign-in. The workspace switcher shows three options. She picks Client X — Operations: branding switches, quota now hits Account X. After lunch, one click moves her to Workspace_María. New context, new audit log, her own quota.

Quotas & billing

Your activity bills the workspace you are in — never you

Every quota in NexDok is per-account. The same person doing the same kind of work in two different workspaces hits two different meters.

Inside Workspace_María

Account_María · Solo plan
  • Document uploaded+1 of 1,000
  • AI query run−1 from Solo allotment
  • Storage usedagainst 5 GB
  • Invoice charged toMaría's card
  • Audit log entry inWorkspace_María

Inside Client X — Operations

Account_X · Team Pro
  • Document uploaded+1 against Team Pro limits
  • AI query run−1 from Account_X allotment
  • Storage usedagainst Account_X storage
  • Invoice charged toClient X's payment method
  • Audit log entry inClient X's Operations
In the wild

Six situations you will recognize

All handled by the same model: one login, many memberships, complete isolation between workspaces.

🏛️

Board member, three non-profits

Each non-profit's board materials live in its own workspace. Roberto reads all three under one login, with each fully isolated for confidentiality.

🏢

Departmental enterprise user

Sarah is Admin in HR, Editor in Legal (HR contracts), Viewer in Finance. Her HR-confidential content never leaks into other departments.

📊

External auditor

James pulls audit evidence from eight client workspaces into his firm's working papers. When the audit ends, clients revoke access — his firm's papers are unaffected.

💼

Family office advisor

Lucía manages 12 family workspaces plus her own — 13 contexts, one login, zero cross-contamination between families' tax returns and trusts.

🎨

Freelance creative on retainer

Dani works with three agencies, each its own workspace. Her own portfolio and contracts live in her Solo workspace, never tied to any agency.

⚖️

Counsel for multiple subsidiaries

Mark is Owner across five corporate workspaces (holding + 4 subsidiaries). Each subsidiary's matters and contracts stay separate for legal privilege.

Isolation guarantees

Three independent layers of separation

When you are inside Client X's workspace, you cannot see your personal documents. Not by UI hiding — by enforcement at three levels.

LAYER 1

Application-layer scope

Every API request is authenticated and scoped to a specific tenant. The API rejects any attempt to read or write a workspace you are not a member of.

LAYER 2

Database Row-Level Security

PostgreSQL RLS policies filter every query by tenant ID at the database engine. Even an application-layer bug cannot return rows from another workspace.

LAYER 3

Storage tenant prefix

Binary files live at tenant-scoped storage paths. URLs themselves contain the tenant ID; cross-tenant URL construction fails at the credential check.

Common questions

What people ask before they get it

If I sign in to my client's workspace, will my own documents be visible?

No. Workspaces are fully isolated at three layers (app, database RLS, storage). You only see content in the workspace you are currently in.

Will my client see that I have a personal subscription?

No. Your personal account is invisible to anyone outside it. Your client's admin sees your name and email (because you are a member), but cannot see what other workspaces or accounts you belong to.

Do I have to keep two passwords?

No. One identity, one password (plus your MFA factor). It works for every workspace you belong to.

Will I get charged extra for being a member of multiple accounts?

You only pay for accounts you own. If you are a member of someone else's account, your seat is paid for by that account — not by you.

What if my client cancels their NexDok subscription?

Their account enters the 90-day read-only grace period and eventually deletion if not reactivated. Your own workspace, under your own account, is completely unaffected.

If I am Owner of my own workspace, am I automatically Owner of any other workspace I join?

No. Roles are per-membership. You can be Owner in one and Viewer in another. Each membership is independent.

Is there any limit to how many workspaces I can be a member of?

No global limit. Practical experience suggests anyone with more than ~10 active workspaces benefits from pinning the most-used ones in the switcher.

Ready to handle multi-context life?

Whether you are sizing a deployment, evaluating multi-account setups, or just trying to figure out which plan to start on — we are here.

Talk to us →