GET/api/v1/projects/teams200 OK · 200 OK · enterprise

Jotform Teams — Multi-Tenant Platform

Turning a single-user product into an enterprise collaboration platform.

Jotform Teams — Multi-Tenant Platform — product screenshot
// teams-00.png — product screenshot
RBAC
centralized permissions
1
enforcement point
N
tenants isolated
core
of Jotform Enterprise

#01 The challenge

Jotform grew up as a single-owner product: every form, submission, and asset belonged to exactly one user. Enterprise customers needed the opposite — shared workspaces where teams collaborate on assets nobody personally owns, with roles, permissions, and strict data isolation between tenants.

Bolting sharing onto a deeply single-owner data model, without rewriting the product, was the real problem.

#02 Architecture & approach

The key design decision was the ghost-user ownership model: each team is backed by a system-owned ghost user that owns team assets. Existing code paths that assumed "everything has an owner" kept working — the owner just became the team.

On top of that sat a role-based access control system with centralized permission enforcement: one choke point where every access decision is made, instead of permission checks scattered across the codebase. That single enforcement point is what made the model auditable for enterprise security reviews.

The architecture later carried Global Search and Move-To infrastructure — moving assets between personal and team spaces without breaking URLs, integrations, or submission history.

#03 Outcome

Teams became a cornerstone of Jotform Enterprise. The ghost-user model proved durable: new features inherit multi-tenancy instead of re-implementing it, and data isolation guarantees hold at the architecture level rather than by convention.

Want the full story behind this build?

POST /contact