Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Trying to get off on the right foot and decide if I just need Jetstream Teams, Team + Spatie or something else. I built a frontend/backend system (still using it) that handles everything my niche industry requires. It's integrated loosely with a CMS, I'd like to sever it from the CMS onto Laravel. I really like the functionality of Jetstream's teams, seamlessly switching between teams and allowing users to serve different roles on different teams is great; my system just assigns one role to a user and that role has defined privileges across the system.
What gives me pause is the complexity of my current setup, I'm not sure Jetstream's hard-coded roles will be able to handle the complexity. Here's the basics of it:
**ADMIN COMPANY**
Super Admin - God mode
Admins - create Companies and CRUD the Companies they create and any Company Clients/Projects
**COMPANIES**
Company Admins - create Clients, Account Executives, etc., Admin for the Company
Account Executives - work with Company Clients, create/oversee Client Projects
Accounting - typical accounting tasks (processing timesheets, paying contractors, etc.,)
**COMPANY CLIENTS**
Same hierarchy as a Company, but only within each particular Client boundaries
**CONTRACTORS**
Can apply to Project jobs, get paid, get rated, etc., lots of roles that can vary based on the role they are assigned on each Project
So, pretty complex, but also fairly repetitive across some levels. Hard-coding everything into Jetstream roles seems daunting. I add new features every so often, it's built into the system. The system stores roles in the database, similar to what I've seen with Spatie. I've read a few posts regarding combining Jetstream with Spatie to make roles more dynamic, but the sources didn't leave me with great confidence it was the right path to take.
Anybody created something similar? I'm not locked into using Jetstream Teams, it just seems like a good head-start down the road I'm thinking I'll be going down. Any advice would be greatly appreciated. Really kicking myself I didn't do this a decade ago, but no time like the present!
If this is going to be multitenant a helpful series is https://laracasts.com/series/multitenancy-in-practice
Otherwise I'd stick with normal authentication for logging in and authorization to determine what a logged in person can an cannot do.
But in your case, instead of just role can do it's role at a certain company can or cannot do.
Also (just my preference) I prefer not to use jetstream, rather regular authentication.
Finally going back down this particular rabbit-hole. Thanks for the comment @jlrdw; multitenancy isn't a requirement at this point, everything is coming from the same database.
I heard a podcast interview with the creator of Bouncer (https://github.com/JosephSilber/bouncer). It's similar to what I created, serializing permission set for a user and storing it to prevent hitting the database hard with every action. After a little inspection I think one of it's limitations is it can't handle multiple teams with different roles for a single user.
I just gave Laratrust (https://laratrust.santigarcor.me/) a quick look, it may be able to handle my needs. It has teams support, so I'm going to give it a try.
Hey, @lessthanjake, any update on this? I'd love to hear if you've gone with a particular solution, and how you've found it.
Please or to participate in this conversation.