Organisations

Multi-organisation membership

A SemaFore user is identified by phone number and can be a full member of multiple organisations. This lets people participate in each organisation where they have been invited without creating separate accounts for the same phone number.

In the mobile app, members use a workspace-style organisation switcher to choose their active organisation context. Each context shows only that organisation’s members, conversations, groups, and broadcasts.

What administrators manage

As an organisation administrator, you manage only your own organisation. You can invite members, approve devices, change roles, revoke access, manage groups, send broadcasts, and review audit logs for your organisation.

You cannot see whether a member also belongs to another organisation. Other organisation affiliations are not shown in the portal, audit logs, member lists, or device approval screens.

Tenant isolation

Multi-organisation membership does not weaken tenant isolation. Full tenant isolation is maintained: a user sees another organisation’s content only if they are explicitly a member of that organisation and have switched to that organisation context.

When a member is viewing your organisation context, they see your organisation’s members and conversations. When they switch away, your organisation’s content is no longer visible in the active view.

Cryptographic identity

The user’s device keeps one cryptographic identity across organisations. The device has one key bundle, containing its Identity Key, Signed Pre-Key, and One-Time Pre-Keys. SemaFore does not create a separate key bundle for each organisation.

Organisation membership controls access to members and conversations. The cryptographic identity belongs to the device, not to an individual organisation.