citesvue
Product · Team Workspaces

Evidence is only useful if the right people can see it.

Team workspaces turn Citesvue from a personal tool into an auditable organisational layer. Hierarchy, roles, project scoping, comments, review queues, and a tamper-evident audit trail.

Book a workspace walkthroughRead the security overview
Workspace · roles & capabilitiesRBAC enforced per query
CapabilityOwnerAdminMemberReviewerViewerGuest
Manage billing & SSO
Configure integrations
Upload recording
Approve / push artifact
Comment on timeline
Read project artifacts
Export evidence
allowed conditional denied
Hierarchy

Account → Teams → Projects → Recordings → Artifacts.

Every permission and every audit entry is scoped to exactly one level of that hierarchy. There’s no global access — there’s only access within scope.

Account
Team
Project
Recording
Artifact
The role model

Six roles, scoped per project.

Role · 01
Owner
Billing, SSO, account-wide deletion, role assignment.
Role · 02
Admin
Workspace-level configuration, integrations, push policies.
Role · 03
Member
Upload recordings, view extracted artifacts, push within scope.
Role · 04
Reviewer
Approve / reject artifacts in the queue. Cannot push.
Role · 05
Viewer
Read-only access to recordings and artifacts in assigned projects.
Role · 06
Guest
Single project or recording, time-boxed — typically client or auditor.
Project scope

Projects are how teams separate one piece of work from another.

A consulting firm separates Client A from Client B. A product org separates payments from identity. A research team separates Q2 from Q3. Permissions, integrations, and retention policies all attach at the project level.

Collaboration mechanics

Three ways teammates work in a recording.

Timeline comments

Thread discussion on a specific second of the recording.

Artifact review workflow

Approve · reject · revise · reassign · merge — per artifact, per reviewer.

Mentions & notifications

@-mention a teammate; they get a Slack or email ping with a deep link.

Audit trail

Every data-affecting action is logged.

Recording uploaded · artifact approved · integration push executed · export generated · role changed · SSO mapping updated · workspace deleted. Each entry carries actor, timestamp, IP, and target. Tamper-evident, exportable, retained per workspace policy.

Audit log · livetamper-evident · append-only
  • Maya Chen pushed 3 artifacts to Jira · 2m ago · 10.0.0.4
  • Reviewer rejected 1 artifact · 14m ago · 10.0.0.7
  • David Park exported findings pack · 47m ago · 10.0.0.4
  • SSO mapping updated by Owner · 1h 12m ago · 10.0.0.1
  • Project “Acme Q3 UAT” created · 3h 04m ago · 10.0.0.7
Identity & access

From email + password to SAML, SCIM, and IP allow-lists.

Email + password at Free and Pro. SAML 2.0 and OIDC SSO on the Enterprise track. SCIM provisioning for automatic role assignment from identity-provider groups. Session policies, device enforcement, and IP allow-lists available for Enterprise workspaces.

Retention & deletion

Default-private. Right-to-erasure, end-to-end.

Per-workspace retention rules — raw media is already deleted after processing by default; structured artifacts can be set to age out on a schedule. Account-level deletion honours GDPR right-to-erasure: every transcript, frame index, artifact, and audit entry bound to the account is purged end-to-end with a signed deletion receipt.

In practice

How four shapes of team use this.

5-person product squad

One team, projects per sprint, everyone’s a Member, PM is the Reviewer.

20-person agency

One team per client, Guests scoped per engagement, branded exports per project.

200-person product org

Teams per product line, projects per workstream, SSO-backed role mapping.

Regulated enterprise

SSO + SCIM + IP allow-lists + retention policies + exportable audit log.

Trust posture

Row-level access enforced on every query.

An answer from the Q&A copilot will never cite evidence the asker is not permitted to see. Integration pushes respect both sides of the permission check. Audit entries cannot be deleted by any role, including Owner — they can only be exported and aged out per retention policy.

Common questions

What enterprise buyers ask about workspaces.

  • Yes, on the Enterprise track. SCIM provisioning is included for automatic role mapping from your identity provider.
  • Region selection (EU, US) is available on the Enterprise track. Default region is determined by account origin; SCCs are in place for cross-border flows.
  • Yes — single-tenant cloud and on-premise on your VPC are available on the Enterprise track for regulated workloads.
  • Yes. The Guest role is project-scoped with expiry. Audit logs capture every Guest action.
  • Append-only storage with cryptographic chaining; export-only mutation. No role can delete audit entries — they age out only per retention policy.
  • Roles, projects, review workflow, audit log, and comments are available from Team. SSO, SCIM, region selection, on-prem, and custom retention are Enterprise.
Continue exploring

The pages most often opened next.

Closing argument

Your next recording could be
your most valuable asset.

Or it could sit in a Drive folder nobody opens again. The difference is whether it has citations attached.

Start free — no credit cardBook a 20-minute walkthrough
  • SetupOne drag-and-drop. No bots, no plugins.
  • First insightCited Q&A on a 60-min recording in under 6 minutes.
  • Cancel anytimeFull data export, full right to erasure.