One other note: dotCMS Roles can control both access permissions (Which sites, folders, and pages/files a user has access to) and tool permissions (which tools a user has access to, such as the Site Browser, Content search, admin and maintenance tools, etc.). And you can also separate the access permissions and tool permissions into separate Roles if you want to, which may make it easier to assign tool permissions to users from different clients.
For example, if you know that all 3 of your clients will have some users who are developers, some who are content creators, and some who are administrators, you could create 3 roles which assign the appropriate tools for each of these users, something like this:
- Developer: Site Browser, Templates, Containers, Content Types, Relationships, Query Tool (etc.)
- Content Creator: Site Browser, Content Search, Links
- Administrator: Site Browser, Configuration, Maintenance, Sites, Permissions
Then when you add a client user account, you can just assign one or more of these roles, rather than having to add the tool permissions to the client-specific Roles. For example, if you were adding a marketing user for client A, you would add the following Roles:
- Client A
- Client A Marketing
- Content Creator
These kinds of Roles may not make sense if you only have 3 clients. But they may make it easier to manage client accounts if you plan to expand the number of clients in the future.