Multi-Tenant & Team Features

One account. Multiple sites. Unlimited team members. BlackOps Center's multi-tenant architecture lets you manage your entire content empire from a single dashboard—whether you're a solo creator with multiple brands or an agency managing dozens of clients.

Multi-Tenant Architecture

What Is Multi-Tenancy?

In BlackOps Center, a tenant (also called a site) is an isolated content workspace. Each site has its own:

• Custom Domain: yourclient.com or yourclient.blackopscenter.com
• Content: Blog posts, newsletters, reservoirs
• Branding: Logo, colors, theme
• Team Members: Collaborators with specific roles
• Settings: Independent configuration
• Analytics: Separate performance tracking

Use Cases

Solo Creator with Multiple Brands

Your Account
├─ benenewton.com (Personal blog)
├─ techstartuptips.com (Side project)
└─ consultingbrand.com (Business site)

Single login, switch between sites instantly

Agency Managing Clients

Agency Account
├─ client-saas.com (Tech client)
├─ client-ecommerce.com (Retail client)
├─ client-consulting.com (B2B client)
└─ ... 20+ more sites

Each client isolated, separate billing, team access

Enterprise Multi-Brand

Company Account
├─ mainbrand.com (Corporate site)
├─ product-a.com (Product line A)
├─ product-b.com (Product line B)
└─ blog.mainbrand.com (Content hub)

Shared content libraries, separate publishing

Creating & Managing Sites

Create a New Site

1. Log in to blackopscenter.com/admin
2. Click "Create New Site" in the site switcher
3. Configure:
   • Site Name: Internal identifier (e.g., "Tech Blog")
   • Subdomain: techblog.blackopscenter.com (free)
   • Custom Domain: techblog.com (optional, pro plan)
   • Timezone: Publishing schedule reference
4. Click "Create Site"
5. Site is ready in ~30 seconds

Site Switcher

In the top-left corner of the dashboard, the site switcher lets you jump between your sites instantly:

┌─ Site Switcher ───────────────┐
│ 🌐 Tech Blog        (current)  │
│ 📝 Personal Site               │
│ 🚀 SaaS Client                 │
│ ───────────────────────────    │
│ ➕ Create New Site             │
└────────────────────────────────┘

Keyboard shortcut: Cmd/Ctrl + K → "Switch site"

Site Settings

Each site has independent settings:

• General: Name, description, timezone
• Branding: Logo, favicon, colors, theme
• Publishing: Default author, tags, categories
• SEO: Metadata, OpenGraph, Twitter cards
• Integrations: Analytics, social accounts, third-party tools
• Team: Members, roles, permissions

Team Collaboration

Team Roles

BlackOps Center has 4 role levels (per site):

1. Owner

• Full Access: Everything including billing and site deletion
• Can Do: Add/remove team, change settings, publish, delete site
• Limit: One owner per site (transferable)

2. Admin

• Operational Control: Can manage content and team
• Can Do: Publish content, manage team (except owner), change most settings
• Cannot Do: Delete site, change billing, remove owner

3. Editor

• Content Control: Can create and publish content
• Can Do: Write, edit, publish posts; manage drafts; upload media
• Cannot Do: Change settings, manage team, access billing

4. Viewer

• Read-Only Access: Can see content but not change it
• Can Do: View published content, read analytics, browse reservoirs
• Cannot Do: Create/edit content, change settings, publish
• Use Case: Clients reviewing content before launch

Inviting Team Members

1. Go to Settings → Team
2. Click "Invite Member"
3. Enter email address
4. Select role (Owner, Admin, Editor, Viewer)
5. Optional: Add personal message
6. Click "Send Invitation"
7. They receive email with signup/login link
8. They join your site with assigned role

Team Dashboard

┌─ Team Members ─────────────────────────────────┐
│                                                 │
│ 👤 Ben Newton (Owner)                          │
│    Last active: 2 hours ago                    │
│    Content: 24 posts, 12 drafts               │
│                                                 │
│ 👤 Sarah Chen (Editor)                         │
│    Last active: 1 day ago                      │
│    Content: 8 posts, 3 drafts                 │
│    [Change Role ▼] [Remove]                    │
│                                                 │
│ 👤 Mike Johnson (Viewer)                       │
│    Last active: 3 days ago                     │
│    Content: View only                          │
│    [Change Role ▼] [Remove]                    │
│                                                 │
│ ✉️ Pending: alex@example.com (Editor)          │
│    Invited 2 days ago                          │
│    [Resend] [Cancel]                           │
│                                                 │
└─────────────────────────────────────────────────┘

Activity Log

Track team actions for accountability:

Recent Activity:
• Sarah published "React 19 Features" (2 hours ago)
• Ben updated site settings (4 hours ago)
• Sarah created draft "Next.js 15 Guide" (yesterday)
• Mike viewed analytics dashboard (2 days ago)
• Ben invited alex@example.com as Editor (2 days ago)

Content Isolation & Sharing

Data Isolation (Default)

By default, sites are completely isolated:

• Content: Posts, drafts, reservoirs are site-specific
• Team: Members of Site A can't see Site B
• Settings: Independent configuration
• Analytics: Separate tracking
• Billing: Optional per-site billing (enterprise)

Cross-Site Content Sharing (Pro Feature)

Share content between your own sites:

Shared Reservoirs

1. Go to Site A → Reservoirs
2. Select a reservoir
3. Click "Share with Other Sites"
4. Select Site B, Site C, etc.
5. Set permissions:
   • Read-Only: Other sites can view, not edit
   • Contribute: Other sites can add items
   • Full Access: Other sites can edit/delete

Use Case: You have a "General Marketing" reservoir shared across all your B2B client sites.

Syndicated Content

Publish once, syndicate everywhere:

1. Write post on Site A (primary)
2. Mark as "Syndicate to Site B, Site C"
3. Post appears on all sites
4. Canonical URL points to Site A (SEO-safe)
5. Edit on Site A → updates everywhere

Use Case: Company news published on corporate blog, automatically cross-posted to product blogs.

Billing & Subscription Management

Base + Add-On Model

BlackOps Center uses a flexible pricing model:

Base Subscription: $297/month
Includes: 1 site + core features

Additional Sites: $100/site/month
- Add as many sites as you need
- Remove sites anytime
- Prorated billing

Example Pricing:
• 1 site:  $297/month
• 3 sites: $297 + (2 × $100) = $497/month
• 10 sites: $297 + (9 × $100) = $1,197/month

Adding Sites

1. Create new site in dashboard
2. Automatic Stripe subscription update
3. $100/month added to next invoice
4. Prorated if mid-cycle

Removing Sites

1. Go to site settings
2. Click "Delete Site"
3. Confirm deletion (irreversible)
4. Stripe subscription decreases $100/month
5. Prorated credit applied

Enterprise Billing

For agencies and large teams (10+ sites):

• Volume Discounts: Reduced per-site cost at scale
• Per-Site Billing: Optional separate invoices per client
• White-Label Billing: Client sees your branding on invoices
• Custom Contracts: Annual agreements, custom terms

Contact sales for enterprise pricing.

Custom Domains

Setting Up Custom Domains

1. Go to Settings → Domain
2. Enter your domain (e.g., techblog.com)
3. Add DNS records at your registrar:

   Type: A
   Name: @
   Value: 76.76.21.21
   
   Type: CNAME  
   Name: www
   Value: cname.blackopscenter.com

4. Click "Verify Domain"
5. Wait 5-10 minutes for DNS propagation
6. SSL certificate auto-provisioned
7. Site live at custom domain

Subdomain Strategy

Use subdomains for multi-site organizations:

Company: example.com

Sites:
• example.com (corporate)
• blog.example.com (content hub)
• docs.example.com (documentation)
• product-a.example.com (Product A)
• product-b.example.com (Product B)

Single domain, multiple sites, unified brand

Security & Access Control

Row-Level Security (RLS)

BlackOps Center uses PostgreSQL RLS to enforce site isolation at the database level:

-- Every query automatically filtered by site_id
SELECT * FROM posts WHERE site_id = current_site_id();

-- Prevents:
• Cross-site data leaks
• Unauthorized access to other sites
• SQL injection across tenants

-- Enforced:
• At database level (not app level)
• Cannot be bypassed
• Audited and tested

API Security

All API routes validate site access:

// Example: Fetching posts
async function requireSiteAccess(request) {
  const user = await getUser(request)
  const siteId = request.headers.get('x-site-id')
  
  // Verify user has access to this site
  const access = await checkUserSiteAccess(user.id, siteId)
  
  if (!access) {
    throw new UnauthorizedError('No access to this site')
  }
  
  return { user, siteId }
}

Two-Factor Authentication (2FA)

Enable 2FA for account security:

1. Go to Account Settings → Security
2. Click "Enable 2FA"
3. Scan QR code with authenticator app (Authy, 1Password, etc.)
4. Enter 6-digit code to verify
5. Save backup codes

Protects all sites under your account.

Agency Features

White-Label Dashboard

Hide BlackOps Center branding for client-facing dashboards:

• Custom Logo: Replace BlackOps Center logo with yours
• Custom Domain: dashboard.youragency.com
• Branded Emails: Notifications from your domain
• Custom Support: Your support link instead of ours

Available on enterprise plans.

Client Reporting

Generate white-label reports for clients:

• Performance Dashboards: Traffic, engagement, conversions
• Content Inventory: What was published this month
• ROI Tracking: Content performance vs. goals
• Scheduled Delivery: Auto-email reports monthly

Client Portals

Give clients limited access without full dashboard access:

1. Invite client as Viewer
2. They see:
   • Published content
   • Analytics dashboard
   • Content calendar
3. They cannot see:
   • Drafts or WIP
   • Team settings
   • Billing information
   • Other clients' sites

Best Practices

Site Organization

• Consistent Naming: "Client Name - Site Type" (e.g., "Acme Corp - Blog")
• Use Folders: Group related sites (coming soon)
• Document Ownership: Keep track of who owns what in external docs

Team Management

• Least Privilege: Give minimum necessary access
• Regular Audits: Review team access quarterly
• Offboarding: Remove access immediately when team members leave

Content Sharing

• Share Strategically: Don't share everything across all sites
• Read-Only Default: Limit who can edit shared reservoirs
• Audit Trails: Monitor who accesses shared content

Troubleshooting

Cannot Access Site

Cause: You don't have permissions for this site

Fix:

• Check if you're invited to the site
• Verify invitation wasn't sent to different email
• Ask site owner to resend invitation

Custom Domain Not Working

Cause: DNS records not configured correctly

Fix:

• Verify DNS records at your registrar
• Wait 24-48 hours for full DNS propagation
• Check status in Settings → Domain
• Use dig yourdomain.com to verify DNS

Billing Issue After Adding Site

Cause: Stripe webhook delay or payment method issue

Fix:

• Check Settings → Billing for status
• Verify payment method is valid
• Contact support if charge didn't process

Next Steps

• Content Reservoirs: Build content libraries per site
• Campaign Management: Run campaigns across sites
• API Documentation: Programmatic site management

Scale doesn't have to mean chaos. With the right multi-tenant architecture, you can manage 50 sites as easily as 1.