Skip to content
RateStack
Capability · Team & delegation

Org, Entity, LO — and a delegation model that actually works.

Typed org hierarchy (ORIGINATOR / INVESTOR / CORRESPONDENT / SUBSERVICER) with Entity sub-units (BRANCH·REGION·TEAM·DIVISION·CORPORATE). Loan sharing via JWT visibility predicates with TTL grants. Bulk-assign by directive. Every cross-tenant action writes actingAsOrgId into the audit chain.

Request a demoRead the API docs

Overview

What it is, in one paragraph

Team and delegation in RateStack is built around three primitives: typed orgs, typed entities, and capability grants. Orgs carry OrgRoles (ORIGINATOR / INVESTOR / CORRESPONDENT / SUBSERVICER) and out-of-the-box capability sets. Entities are sub-units inside an org with their own type (BRANCH / REGION / TEAM / DIVISION / CORPORATE). Loan sharing and delegation use TTL-bounded JWT grants that carry specific capabilities; expiry is enforced server-side and grants are revocable. Every cross-tenant action — pricing, locking, viewing — writes actingAsOrgId into the audit chain so wholesale lenders can prove which originator initiated each request.

  • Typed Orgs

    ORIGINATOR / INVESTOR / CORRESPONDENT / SUBSERVICER. Each ships with a default capability set; admins can refine per-org.

  • Typed Entities

    BRANCH / REGION / TEAM / DIVISION / CORPORATE. Hierarchies nest naturally; capability scoping respects the path.

  • Capability catalog

    12 operational capabilities (loan.read, loan.write, loan.share, loan.price, etc.) and 7 provider capabilities. Published at /v1/capabilities.

  • TTL loan-share grants

    Grant another org or user time-bound visibility on a specific loan. JWT-gated; expiry enforced server-side.

  • Bulk assign by directive

    Reassign loans to a new LO with one bulk command. The audit chain captures the directive + reason + every loan touched.

  • actingAsOrgId on audit

    Every cross-tenant operation writes actingAsOrgId. Wholesale lenders can prove which originator instigated a price-discovery or lock.

How it works

The pipeline, end to end.

Numbered steps from input to output. Each step maps to a specific subsystem you can inspect via OpenTelemetry.

  1. 1

    Define orgs and their type

    Admins create orgs and assign type (ORIGINATOR / INVESTOR / CORRESPONDENT / SUBSERVICER). The platform applies the matching default capability set.

  2. 2

    Build the entity tree

    Add entities (BRANCH, REGION, TEAM, etc.) under the org. Entities nest naturally; capability scoping inherits down.

  3. 3

    Assign users to entities

    Users belong to a primary entity and may have secondary affiliations. Capability resolution walks the entity path.

  4. 4

    Grant cross-tenant visibility

    POST a loan-share with grantee, capabilities, and TTL. The platform issues a delegation grant that the api-service's JWT layer enforces.

  5. 5

    Cross-tenant action audits

    When the grantee operates against the shared loan, the audit row carries actingAsOrgId = grantor + actor.orgId = grantee. The trace is unambiguous.

  6. 6

    Expiry + revocation

    Grants expire at TTL by default. Admins can revoke early via the grant endpoint; revoked grants 401 on next request.

Hands on

Grant TTL loan-share to a partner org

Live cURL sample — copy, paste, ship.

# Grant another org temporary visibility into a loan
curl -X POST https://api.ratestack.com/v1/loans/lck_8a7c/share \
  -H "X-API-Key: $RATESTACK_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "granteeOrgId":    "org_partner_42",
    "capabilities":    ["loan.read", "loan.price"],
    "ttlMinutes":      120,
    "reason":          "Partner is exploring counter-offers for this borrower"
  }'

# Returns:
# {
#   "grantId":   "grant_b4f2",
#   "expiresAt": "2026-05-26T16:42:11Z",
#   "auditId":   "audit_9c1d"
# }

Why this matters

The pain it removes.

TPO partnerships stop being friction

Originators and investors collaborate on the same loan record with explicit, time-bound grants. No email exports, no 'temporary user' accounts.

Wholesale audits get unambiguous evidence

actingAsOrgId on the audit chain shows exactly which originator initiated a price discovery or a lock at a wholesale partner.

Bulk reassignments stop being a Sunday job

Moving 200 loans from LO A to LO B is one directive. The audit row captures every loan touched with the reason.

Frequently asked

Direct answers, no marketing spin.

Can a user belong to multiple orgs?

Yes. A user has an identity; org membership is a relation with its own role. Capability resolution combines memberships on every request.

How do TTL grants interact with revocation?

TTL is the upper bound. Revocation is immediate: the next request from the grantee returns 401. Already-completed actions remain in the audit chain (we don't rewrite history).

Can we restrict the capability catalog per-org?

Yes. Org admins can shrink the set; they cannot expand beyond what the org type allows. Enterprise customers can request custom capability bundles.

What does 'embed' do on an exception?

Embeds attach the exception as context for the next detector run. Not part of team/delegation strictly — but it shows up here because exception ownership respects entity scoping.

How is bulk-assign audited?

Single directive row + a child row per loan touched (loan-id, prior LO, new LO, reason). All hash-chained.

Related capabilities

Pieces that work better together.

Comp & margin

Margin rules over the same hierarchy.

White-label

Org-level branding atop the typed hierarchy.

Security

Capability catalog + JWT enforcement.

Ready to see it on your data?

Wire org, entity, lo — and a delegation model that actually works. up to your real workflow.

We'll spin you a sandbox, load your actual ratesheets, and walk you through this capability against your top scenarios.

Request a demoOr start in the sandbox
Team & delegation — Org / Entity / LO with TTL grants | RateStack