Organization Settings

Every tenant organization has unique operational requirements - different contact points, billing arrangements, and platform preferences. Without a self-service settings surface, every configuration change would require Norse Digital Products staff involvement, creating bottlenecks and slowing onboarding. Providing org admins with direct control reduces support load, accelerates time-to-value for new tenants, and gives organizations a sense of ownership over their instance. The audit trail integration ensures accountability for configuration changes, which is particularly important in regulated environments where Bufdir reporting and data governance are scrutinized. Multi-tenant isolation means one organization's settings changes never bleed into another's, preserving data integrity across the platform.

Organization settings are stored in the organizations PostgreSQL table and loaded as part of the session bootstrap response so clients always have the latest configuration without additional round-trips. The Next.js admin portal renders the settings page with server-side data fetching for immediate consistency. All mutations go through a dedicated settings API endpoint that enforces org-admin role authorization, validates the payload against a strict schema, and writes an audit log entry before committing. The Flutter mobile app consumes read-only organization metadata (name, labels) cached in Drift; settings mutation is admin-portal-only. Field-level validation runs both client-side (immediate feedback) and server-side (authoritative). The organizations table uses row-level tenant isolation enforced at the API layer - no cross-tenant reads are possible through this surface.