Live App →

Wealth Personas

Role-based access control, identity management, and persona-aware journeys for advisors, clients, operations, and platform administrators.

Wealth Personas

Scope — Identity, access control, and experience personalization for every stakeholder in the wealth management lifecycle, from relationship managers and clients to operations staff and platform admins.

Executive Summary

Wealth Personas defines who can do what on the Sentinel platform. It is implemented through the Studio Middleware RBAC system, user-scoped document isolation, and audience-aware UI adaptations in the Sentinel frontend. The capability ensures that a client sees only their data, an advisor sees only their book, and an admin sees platform-wide analytics — all with granular, auditable permissions.

The Problem

Wealth management platforms serve multiple stakeholders with conflicting needs:

  • Clients need simple, secure access to their own portfolios
  • Advisors need cross-client views but must not see other advisors’ books
  • Operations need troubleshooting access without seeing sensitive client data
  • Admins need platform governance without operational overhead
  • Partners (B2B/B2B2C) need white-label tenant isolation

Legacy systems often rely on coarse-grained roles (Admin/User) that create either security gaps or productivity friction.

Architecture

┌─────────────────────────────────────────────────────────────────┐
│                      Wealth Personas                             │
├─────────────────────────────────────────────────────────────────┤
│                                                                  │
│  ┌─────────────┐      ┌──────────────────┐      ┌────────────┐ │
│  │   Sentinel  │─────▶│  Studio Middleware│─────▶│  Identity  │ │
│  │   Frontend  │      │  (RBAC Gateway)   │      │  Store     │ │
│  │  ( persona) │      │                   │      │ (MongoDB)  │ │
│  └─────────────┘      │ • JWT validation  │      └────────────┘ │
│                       │ • Role checks     │                     │
│                       │ • Scope filters   │                     │
│                       │ • Rate limits     │                     │
│                       └─────────┬─────────┘                     │
│                                 │                               │
│                    ┌────────────┼────────────┐                  │
│                    ▼            ▼            ▼                  │
│             ┌──────────┐ ┌──────────┐ ┌──────────┐             │
│             │  Nexus   │ │   Zen    │ │ Agentic  │             │
│             │  (docs)  │ │  (chat)  │ │ (tools)  │             │
│             └──────────┘ └──────────┘ └──────────┘             │
└─────────────────────────────────────────────────────────────────┘

Role Hierarchy

Role Scope Typical Actions
Super Admin Platform-wide Tenant provisioning, SSO config, global rate limits, billing
Tenant Admin Single tenant User management, branding, data retention, audit export
Analyst Own data + assigned clients Document upload, chat sessions, report generation
Viewer Own data only Read documents, read chat history, download own reports
Guest Session-scoped Temporary chat access, no persistence
Support Ticket-scoped Read tickets, trigger WF4, no client data access

Persona-to-Capability Mapping

Persona Primary Capabilities Interface
Relationship Manager Digital Advisor, Wealth Understanding, Portfolio Intelligence, Document Intelligence Sentinel Frontend (full)
Client Wealth Understanding, Portfolio Intelligence (own data) White-labeled portal / chat
Operations Analyst Document Intelligence (review), Service Manager (support) Admin dashboard + Zen
Compliance Officer Portfolio Intelligence (aggregated), Service Manager (audit) Admin dashboard
Integration Partner Service Manager (API), Developers (webhooks) API keys + docs

Personas & Journeys

Relationship Manager (The Advisor)

  1. Logs in with MFA-enabled credentials
  2. Sees personalized dashboard: AUM, pending reviews, upcoming meetings
  3. Accesses client list — only assigned clients visible
  4. Uploads documents on behalf of clients
  5. Generates portfolio reports and shares via secure link
  6. Cannot access other advisors’ client data (enforced at middleware + DB layers)

Client (The Investor)

  1. Receives white-labeled portal login from advisor firm
  2. Views aggregated portfolio across all linked accounts
  3. Asks Digital Advisor questions about holdings
  4. Uploads documents for advisor review (e.g., tax statements)
  5. Sees only own data; no visibility into advisor’s other clients

Operations Support

  1. Accesses support dashboard via SSO
  2. Views pipeline health and failed extraction queue
  3. Opens review workflow for low-confidence extractions
  4. Triggers WF4 agent for common ticket resolution
  5. Cannot view client PII beyond masked identifiers

Platform Admin

  1. Provisions new tenant for onboarding private office
  2. Configures custom domain and branding
  3. Sets data residency and retention policies
  4. Exports audit logs for compliance review
  5. Monitors platform-wide cost and usage metrics

Key Features

Feature Detail
JWT-Based Auth Access/refresh tokens with Argon2id hashing and server-side rotation
Role-Based Access Control Granular roles enforced at API gateway and repository layers
User-Scoped Document Isolation Every document tagged to user + tenant; no cross-user queries possible
Session Scoping Chat sessions and uploaded documents isolated per session
Tenant Isolation Multi-tenant architecture with separate data boundaries
SSO Ready SAML 2.0 and OIDC support for enterprise identity providers
Audit Trail Every login, data access, and permission change logged
Rate Limiting by Persona Different API quotas for Admin vs Analyst vs Viewer

API Surface

Method Endpoint Purpose
POST /api/v1/auth/login Authenticate and receive JWT
POST /api/v1/auth/register User provisioning (admin only)
GET /api/v1/auth/me Current user profile and roles
GET /api/v1/dashboard Persona-aware metrics
GET /api/v1/documents/me User-scoped document list

Security, Compliance & Operations

  • Zero Trust — Every request validated at Studio Middleware; no direct backend access
  • Least Privilege — Default Viewer role; elevation requires admin approval
  • PII Segregation — Support staff see masked identifiers; full data only for assigned advisors
  • Session Security — Device fingerprinting, IP binding, automatic timeout
  • Compliance — SEBI IA data protection norms, GDPR-ready architecture (right to erasure, data portability)
  • Audit — Immutable audit log with user ID, action, timestamp, IP, and outcome