Organization
Data Entity
Description
Top-level organizational entity representing a member organization such as NHF, Blindeforbundet, or HLF. Organizations are the root of the hierarchy and own all scoped data including activities, reports, members, labels, and integration configurations.
Data Structure
| Name | Type | Description | Constraints |
|---|---|---|---|
id |
uuid |
Globally unique identifier for the organization, used as the foreign key anchor for all child entities and RLS policy scoping throughout the system. | PKrequiredunique |
name |
string |
Full official name of the member organization, e.g. 'Norges Handikapforbund', 'Norges Blindeforbund', or 'Hørselsforbundet'. Displayed in all admin screens and reports. | requiredunique |
slug |
string |
URL-safe lowercase identifier derived from the organization name, used in referral links, deep links, and integration routing. E.g. 'nhf', 'blindeforbundet', 'hlf'. | requiredunique |
org_type |
enum |
Classification of the organization type. Drives which feature sets are enabled and which Bufdir reporting categories apply. | required |
is_active |
boolean |
Soft-delete and operational status flag. Inactive organizations are hidden from all user-facing screens and excluded from Bufdir report aggregation, but data is retained for audit purposes. | required |
country_code |
string |
ISO 3166-1 alpha-2 country code for the organization. Defaults to 'NO' for all current member organizations. Reserved for future multi-country expansion. | required |
contact_email |
string |
Primary administrative contact email for the organization. Used for system notifications, integration error alerts, and Bufdir submission confirmations. | - |
logo_url |
string |
URL to the organization's logo asset stored in Supabase Storage. Displayed in the organization selection screen, multi-org profile widget, and PDF report headers. | - |
bufdir_org_id |
string |
External organization identifier as registered with Bufdir. Required for automated Bufdir report submission via the Bufdir API. Null for organizations that export manually. | unique |
feature_flags |
json |
Per-organization feature flag map controlling which optional capabilities are enabled, such as encrypted_assignments, driver_honorarium, geographic_matching, mentor_program, course_enrollment, and portal_coordination. Keys are feature IDs, values are booleans. | required |
settings |
json |
Flexible key-value store for organization-wide configuration not captured by dedicated columns. Includes honorarium threshold values (e.g. office_honorarium_count: 3, high_rate_count: 15 for Blindeforbundet), auto-approval expense thresholds, and locale preferences. | required |
default_language |
string |
BCP 47 language tag for the organization's default UI language. Defaults to 'nb' (Norwegian Bokmål). Reserved for future Sami language support flagged by NHF. | required |
created_at |
datetime |
UTC timestamp of when the organization record was first created in the system. Set automatically on insert and never modified. | required |
updated_at |
datetime |
UTC timestamp of the most recent update to this organization record. Updated automatically via database trigger on any column change. | required |
Database Indexes
idx_organizations_slug
Columns: slug
idx_organizations_is_active
Columns: is_active
idx_organizations_org_type
Columns: org_type
idx_organizations_bufdir_org_id
Columns: bufdir_org_id
idx_organizations_name
Columns: name
Validation Rules
name_not_empty
error
Validation failed
slug_format_valid
error
Validation failed
slug_globally_unique
error
Validation failed
contact_email_valid_format
error
Validation failed
feature_flags_valid_json_object
error
Validation failed
settings_valid_json_object
error
Validation failed
org_type_known_enum_value
error
Validation failed
bufdir_org_id_unique_if_set
error
Validation failed
country_code_two_char_uppercase
error
Validation failed
logo_url_valid_format_if_set
warning
Validation failed
Business Rules
soft_delete_only
Organizations must never be hard-deleted. Setting is_active = false is the only permitted deletion mechanism. This preserves all historical activity data, Bufdir reports, and audit logs for compliance with Norwegian grant accountability requirements.
global_admin_create_only
Only users with the global_admin role may create new organization records. Organization-level admins and coordinators have no create permission. Enforced via Supabase RLS policy tied to auth.uid() role claims.
slug_immutable_after_create
The slug field cannot be changed after the organization is created. Slugs are embedded in referral links, deep-link URL schemes, and integration routing keys. Changing a slug would break all outstanding links and integration configurations.
rls_scoping_anchor
Every child table that is scoped to an organization must join through organizations.id using Supabase RLS policies. The organization record is the root trust anchor for all row-level security throughout the system. No child data may be accessed by users not affiliated with the owning organization.
feature_flag_governs_capability_access
Feature flags in the feature_flags JSON column are the authoritative gate for optional capabilities. Components must check the relevant feature flag before rendering or executing organization-specific features such as encrypted_assignments (Blindeforbundet), driver_honorarium (Blindeforbundet), geographic_matching (Blindeforbundet), and portal_coordination (HLF).
bufdir_org_id_required_for_api_submission
An organization may only submit Bufdir reports via the Bufdir API if bufdir_org_id is populated. Organizations without this field must export reports manually as PDF or CSV. The Bufdir Report Generator Service checks this before initiating API submission.
settings_honorarium_threshold_required_for_blindeforbundet
For organizations where the driver_honorarium feature flag is enabled, the settings JSON must include honorarium threshold configuration (office_honorarium_count, high_rate_honorarium_count). The Honorarium Calculation Service reads these values and errors if they are absent.
inactive_org_excludes_from_bufdir_aggregation
Organizations with is_active = false must be excluded from all Bufdir report aggregation queries. This prevents stale or archived organizations from inflating grant compliance metrics.
CRUD Operations
Storage Configuration
Entity Relationships
Achievement badges are defined per organization to reflect their specific recognition programmes
Activities are scoped to an organization for RLS enforcement and Bufdir attribution
Activity types are defined per organization to reflect their specific Bufdir reporting categories
Honorarium records are scoped to an organization as threshold configurations vary per organization
Assignments are scoped to an organization for RLS enforcement and reporting
Contacts are scoped to an organization for RLS data isolation and custom field resolution
Courses are offered by specific organizations and scoped for enrollment eligibility and certificate issuance
Honorarium records are scoped to an organization as rate configurations vary per organization
Encrypted documents are scoped to an organization for RLS access policy enforcement
Events are scoped to an organization for RLS enforcement and Bufdir reporting attribution
Local associations are owned by a top-level organization for RLS scoping and Bufdir attribution
Mentor pairings are scoped to an organization for RLS access control and coordinator oversight
National associations belong to the top-level organization entity
NDA agreements are scoped to an organization as templates and legal requirements vary
An organization generates multiple Bufdir reports across different reporting periods
An organization may have multiple integration configurations for different external accounting and member systems
Each organization defines its own terminology label overrides for all configurable text keys in the app
Each organization defines its own set of Bufdir reporting period boundaries
Each peer mentor profile is associated with a primary organization for scoping and reporting
POA documents are scoped to an organization for access control and compliance tracking
Regions are scoped to a top-level organization for RLS enforcement
Expense reports are scoped to an organization for approval routing and accounting system sync
Each membership record is scoped to a specific top-level organization
Workshop sessions are scoped to an organization for access control and aggregate Bufdir reporting