Skip to main content

Glossary

Plain definitions for the terms you'll see across GreekManage.

A

Active. A member currently enrolled in undergraduate study and recognized by the chapter as an active member. Distinct from "active alumni."

Active alumni. A member status for graduates who are still engaged with the org. One of three alumni statuses (alumni, active alumni, lifetime alumni). See also: Alumni, Lifetime alumni.

Advisor. A member or non-member with limited admin permissions for guidance roles.

Alumni. A member status for graduates. One of three alumni statuses; the others are active alumni and lifetime alumni. All three grant platform access and are eligible for alumni-only forums and the mentor directory.

Alumni-only forum. A forum flagged so only members with an alumni status (alumni, active alumni, or lifetime alumni) can read or post. Configured per-forum.

Approvals queue. The list of pending member changes (additions, status updates, etc.) awaiting officer or admin review.

APNs (Apple Push Notification Service). Apple's push delivery service. GreekManage stores APNs device tokens for iOS app users and uses them to send push notifications. See also: FCM, Push token.

Assessment. A graded component inside a Learning course — a quiz, exam, or knowledge check made up of questions.

Assignment Rule. A rule that auto-enrolls members in a Learning course when they match a condition (e.g., new pledges, officers in a specific position). Configured per-course.

Associated Domains. The iOS entitlement that ties the GreekManage native app to greekmanage.com and app.greekmanage.com so passkeys created in the browser also work in the native app (and vice versa). Android uses Digital Asset Links for the same purpose. See also: Passkey, RP ID.

Audit log. Append-only history of actions taken in the system.

B

Bandit. A Python static-analysis tool that scans backend code for security issues (hardcoded secrets, insecure crypto, shell injection). Runs in the pre-push security gate.

Bento layout. A dashboard grid style using mixed-size cells (featured stat, side widgets, full-width banners) so everything fits one viewport without scrolling. Used on chapter, org, and region dashboards.

Big / Little. The mentor-mentee relationship in many Greek organizations. Tracked in the family tree.

Big-Little Request. A pending big/little assignment that flows through the multi-tier approval cascade before it shows up in the family tree. See also: Multi-tier approval cascade.

Biometric unlock. An optional Face ID / Touch ID / fingerprint gate that locks the GreekManage mobile app on launch. The biometric only unlocks the already-authenticated session — it does not sign you in. Compare to: Passkey (which is the actual sign-in credential).

Bulletin. A pinned announcement that appears on member dashboards. Note: the Foundation module has its own bulletin type (donor-facing fundraising updates with recipient targeting) — these two share a name but are separate features.

BYOM (Bring Your Own Model). The pattern where an organization can plug in its own AI provider key (Anthropic, OpenAI, or Google) instead of using the platform default. Configured under Settings → AI Assistant.

C

Campaign. A foundation fundraising effort with a goal, timeline, and public donate page.

Capacitor. The cross-platform native wrapper used to ship the GreekManage app to iOS and Android from the same web codebase. See also: TestFlight, Google Play Internal Testing.

Career posting. An Alumni module job, internship, or referral listing posted by an alumni or officer; visible to all members. Members can express interest, which notifies the poster.

Certificate. A completion record issued when a member finishes a Learning course (or passes all required assessments). Includes the course name, completion date, and member identity.

Chapter. A local instance of a national org at a specific university.

Compliance. Recurring requirements chapters submit to the national org (reports, attestations, etc.).

Consent template. An org-defined consent text (e.g., FERPA disclosure, marketing opt-in, PNM data use) that members or PNMs accept. Used during onboarding, public PNM apply, and platform-wide privacy acceptance.

Cookie auth. The default browser authentication mode: JWTs live in httpOnly cookies scoped to /api/auth/, and withCredentials: true sends them with every request. Web clients never receive tokens in the response body. Compare to: Native auth.

Course. A Learning module unit of instruction made up of course modules, lessons, and assessments. Don't confuse a Learning "course module" with a licensable platform module — they share a name. See also: Module (licensable), Lesson, Assessment.

Cycle detection. The check that prevents a circular lineage when approving a big-little request (e.g., A → B → C → A). Cycles are rejected before the relationship lands in the family tree.

Custom field. An organization-specific profile field (e.g., "Big," "Pledge class").

D

Daphne. The ASGI server that runs the Django backend in LAN dev. It handles both HTTP and WebSocket traffic (used for the AI chatbot and live election results). Staging uses Gunicorn instead. See also: Gunicorn.

Designation. A short name for a chapter, often using Greek letters (e.g., "Alpha Sigma").

Digital Asset Links. Android's equivalent of Associated Domains — the manifest that binds the GreekManage Android app to greekmanage.com so passkeys work cross-surface. See also: Associated Domains.

Disaffiliated. A member status indicating departure from the organization. Disaffiliated members are blocked from platform access.

Donation. A one-time gift made to a campaign or fund, processed through the Foundation module's payment processor. Captured as a record on the Donor.

Donor. A Foundation module record for someone who has given (or pledged) money. A Donor can be linked to a Member account but doesn't have to be — guest donors who give once without an account are still tracked. Compare to: Member.

Dues. Required member contributions, billed on a cycle (annual, semester, monthly).

E

Engage. GreekManage's threaded forum platform.

Enrollment. A member's participation in a specific Learning course. Tracks progress through lessons, quiz attempts, and final completion / certificate state.

Eligibility (election). The rule for who can vote in a given election (status, region, chapter, custom criteria).

F

Family tree. The visualization of big-little lineage in a chapter.

FCM (Firebase Cloud Messaging). Google's push delivery service. GreekManage stores FCM device tokens for Android app users. See also: APNs, Push token.

Foundation. A tax-exempt fundraising entity associated with the org. Separate from dues.

Foundation Admin. A Foundation module role with full permissions: edit settings, manage campaigns, view all donor data, issue tax receipts. Compare to: Foundation Editor.

Foundation Editor. A Foundation module role that can author campaigns, funds, and bulletins but cannot change settings or access sensitive donor financial data. Compare to: Foundation Admin.

Fund. A Foundation accounting bucket (e.g., Scholarship Fund, Building Fund). Each campaign rolls up to one fund.

G

Gitleaks. A pre-commit secrets scanner that blocks commits containing API keys, tokens, or credentials. Allowlisted patterns live in .gitleaks.toml.

Good standing. A status indicating a member is current on dues, compliance, and any other org requirements.

Google Play Internal Testing. The distribution track GreekManage uses to ship Android builds to internal testers before promoting to production. Mirrors TestFlight on iOS.

GPA gate. A soft-validation threshold on the public PNM apply form. PNMs whose submitted GPA falls below the configured min_gpa are auto-flagged for admin attention — but not auto-rejected. The admin still makes the final call.

Gunicorn. The WSGI server that runs the Django backend in staging (production-like). Sits behind nginx. LAN dev uses Daphne instead. See also: Daphne.

I

Initiation. The transition from pledge to undergraduate (active) member.

In-app notification. A notification that appears in the bell dropdown and /notifications page inside GreekManage. Members can independently enable or disable in-app and email channels per notification type. Compare to: Email notification.

J

JWT (JSON Web Token). The signed token format used for authentication. GreekManage uses two flavors depending on client: web clients store JWTs in httpOnly cookies (Cookie auth), and native mobile clients receive them in the response body and send them via the Authorization header (Native auth). Access tokens expire after 30 minutes; refresh tokens rotate every 24 hours. See also: Cookie auth, Native auth, Refresh rotation.

L

Lesson. A unit of content inside a Learning course module — text, video, or markdown reading. Lessons combine with assessments to form a course module.

Lifetime alumni. A member status for graduates who have committed to lifelong financial or volunteer engagement. One of three alumni statuses. See also: Alumni, Active alumni.

Light/dark mode. The user-selectable theme toggle in the header. Both modes use the same brand palette (charcoal indigo primary, pearl accent); only surface and text contrasts swap.

LMS (Learning Management System). The Learning module — courses, quizzes, certificates.

M

Magic link. A single-use, time-limited URL emailed to a recipient. GreekManage uses magic links in two narrow places: PNM email verification on the public apply form, and PNM reference letter requests. Magic-link sign-in is not supported in v0.62.1 — members sign in with email + password, passkey, or SSO.

Membership. A user's belonging to a specific chapter. A user can have multiple memberships.

Mentor profile. An Alumni module record where an alumni member offers mentorship (industry, expertise areas, capacity, preferred contact). Surfaced in the alumni directory and chatbot mentorship matching.

Minipc. The on-prem dev/staging server (LAN: 192.168.0.100) that hosts both the LAN dev stack (Vite + Daphne, hot reload) and the staging stack (nginx + Gunicorn behind Cloudflare tunnel at dev.greekmanage.com). Both run simultaneously from separate Docker Compose stacks.

Module. (Two meanings — context matters.)

  • Licensable module. One of the optional GreekManage feature sets toggled per-org by platform admins. Current licensable modules (matching the Modules Reference sidebar): Operations (bundles compliance + elections + finances + retain), Community (bundles engage + bulletins + photos + events + recognition), Documents, Learning, Foundation, Alumni, Messaging, AI Services, Data Export. The always-on core (chapters, regions, members, settings) is not licensable. Also called module-key in code.
  • Course module. A subdivision of a Learning course, containing lessons and assessments.

ModuleAccessMiddleware. The Django middleware that returns HTTP 403 when a request hits an endpoint belonging to a disabled module. Backs up the frontend's ModuleGuard so disabled modules are blocked at the API layer too.

Module-gated. A feature that's only available when its module is enabled.

Module-key. The short string identifier for a licensable module (e.g., engage, foundation, learning). Used in sidebar nav config, route guards, and the ModuleAccessMiddleware lookup table.

Multi-tier approval cascade. The progression a request walks through before final approval, with status values shaped like pending_chapter → pending_regional → pending_org → approved. Used by big-little requests, compliance reviews, and member add requests. The starting tier depends on the requester's role (e.g., a chapter officer's request starts at pending_regional, skipping chapter review).

N

National. The top-level organization that owns regions and chapters.

Native auth. The authentication mode used by the Capacitor mobile app. The client sends an X-Client-Type: native header on login, gets JWTs back in the response body (instead of cookies), and attaches them via the Authorization: Bearer header on subsequent requests. Compare to: Cookie auth.

O

OAuth 2.0. An authorization protocol used by GreekManage for some SSO sign-ins (e.g., Google Workspace, Microsoft 365 via OIDC). The user authenticates with the IdP, which returns an authorization code that GreekManage exchanges for identity. See also: OIDC, SSO, SAML 2.0.

Officer. A chapter member with elevated permissions (President, Treasurer, Recruitment Chair, etc.).

OIDC (OpenID Connect). An identity layer built on top of OAuth 2.0. GreekManage's Google and LinkedIn integrations use OIDC to get a verified email plus profile claims in one round-trip. See also: OAuth 2.0.

Org / Organization. The national-level tenant in GreekManage. Each customer is an org.

Override (compliance). A per-chapter substitution of a national compliance requirement's target number (e.g., national says "5 service hours," but a chapter is approved for 3). The override row records the new target plus reviewer notes; the original requirement is unchanged.

P

Passkey. A WebAuthn credential bound to a device or platform account (Face ID, Touch ID, Windows Hello, Android biometrics, iCloud Keychain, 1Password). Members can register one or more passkeys and sign in with no password. Cross-surface sign-in works on the native app because of Associated Domains (iOS) and Digital Asset Links (Android). Compare to: Biometric unlock (which only locks an existing session, doesn't sign you in). See also: WebAuthn, RP ID.

Period (PNM). A semester-bounded application cycle for PNM intake — has a year, a semester (fall/spring/summer), and a status (draft/active/closed). All chapters under an org share the same PNM period (org-wide). Distinct from a generic "recruitment period" in Greek terminology.

pgvector. The PostgreSQL extension that stores AI embedding vectors used for chatbot search. Different AI providers produce different-dimension vectors, so the ContentEmbedding column is variable-dim and the chatbot picks one provider per org.

Pinboard. A sidebar zone where members can pin frequently-used pages for one-click access. Ships in v0.63.0 — not present in v0.62.1.

pip-audit. A Python dependency vulnerability scanner. Runs in the pre-push gate and fails the build on HIGH/CRITICAL CVEs.

Platform admin. A super-admin role above any single org. Platform admins can create orgs, toggle modules, manage AI defaults, and read the feedback queue. Bypasses normal org/regional/chapter permission checks.

Pledge. A member who has accepted a bid and is in the pre-initiation phase. Note: GreekManage does not ship a dedicated "bid management" module in v0.62.1 — bids are handled informally during PNM intake and via membership status changes.

Pledge (recurring). See: Recurring pledge. (The Foundation module's recurring pledge is unrelated to the pre-initiation "pledge" status above.)

PNM (Prospective New Member). Someone who has applied to join the org but hasn't yet been bid or pledged. Sometimes spelled "Potential New Member" — same thing.

Position. An office being voted on in an election.

President. The senior chapter officer; a specialized role above standard Officer.

Privacy visibility. The per-field visibility setting on Alumni privacy settings. Four levels: all (anyone in the directory can see), alumni_only, officers_only, or hidden. Each field (email, phone, work history, location) can be set independently.

Pull-to-refresh. The native mobile gesture (drag down on a scrollable list to refresh). Only active in the Capacitor mobile app — disabled on web to avoid hijacking page scroll.

Push token. A device-specific identifier provided by APNs (iOS) or FCM (Android) that lets GreekManage's backend deliver a push notification to that exact device. Re-issued by the OS on app install, reinstall, or token refresh.

Q

Question types. Learning assessment question shapes: multiple choice (one correct answer), true/false, multi-select (one or more correct answers), short answer (auto-graded against an expected string), and free-form (manually graded by a course author).

Quiet hours. Not supported in v0.62.1. Members can disable notification types entirely, but there's no time-window suppression feature.

R

Recurring pledge. A Foundation-module ongoing donation backed by a Stripe Subscription. Each successful charge produces a Donation record linked back to the pledge. Distinct from a "pledge" in the Greek-life sense (pre-initiation status).

Reference letter. A PNM-apply v2 feature: when a chapter requires reference letters, the PNM lists referrer emails on the public apply form, and the system mails each referrer a one-time-token link to submit a letter. Letters expire 7 days after creation.

Refresh rotation. GreekManage rotates refresh tokens on every use — when the client trades a refresh token for a new access token, it gets a fresh refresh token too, and the old one is blacklisted. Combined with the 24-hour refresh token lifetime, this limits the blast radius of a stolen token.

Region. An optional grouping of chapters within an org (geographic or governance).

Regional admin. An admin with permissions across all chapters in a region.

Requirement. A specific compliance obligation a chapter must fulfill within a compliance period (e.g., "submit Q3 risk report"). Has a target, a tier, and a submission type. Compare to: Template (a reusable blueprint that generates requirements when applied to a period).

Retain. GreekManage's retention analytics surface.

RLS (Row-Level Security). The PostgreSQL feature GreekManage uses for tenant isolation. Every org-scoped table has a policy that filters rows against current_setting('app.current_org_id', true). The middleware sets this session variable at the start of each request based on the authenticated user's role context.

Role. What a user can do (Member, Officer, Admin, etc.). Distinct from status.

RP ID (Relying Party ID). The domain that "owns" a passkey. GreekManage uses greekmanage.com as the RP ID, which means a single passkey works across app.greekmanage.com, dev.greekmanage.com, and the iOS/Android apps (the latter via Associated Domains / Digital Asset Links). See also: Passkey, WebAuthn.

Runoff. A second vote between top contenders when no candidate gets a majority in the initial round.

S

SAML 2.0. An XML-based SSO protocol used by enterprise IdPs like Okta, ADFS, and OneLogin. GreekManage supports SAML 2.0 alongside OAuth/OIDC for orgs that require it. See also: SSO, OAuth 2.0.

Saved view. A reusable filter on the member directory or other lists.

Semester. The compliance period dimension — Fall, Spring, or Summer of a given academic year. Each PNM period and compliance period is bounded by exactly one semester.

Semgrep. A pattern-based static-analysis tool that scans TypeScript/React for security and quality issues. GreekManage ships seven custom rules on top of the community ruleset. Runs in the pre-push gate.

SRI (Subresource Integrity). The integrity="sha384-..." attribute on <script> tags that lets the browser refuse a tampered bundle. Enabled on web builds; disabled on Capacitor builds (the WebView origin https://localhost doesn't satisfy SRI's CORS requirements).

SSO (Single Sign-On). Sign-in via an external identity provider (Microsoft 365, Google, Okta).

Status. A member's standing (Undergrad, Alumni, Inactive, etc.). Distinct from role.

Stripe Webhook Event. The idempotency ledger that records every webhook payload Stripe sends. If the same event ID arrives twice (network retry), only the first is processed. Not org-scoped.

Submission types. The shape of a compliance submission. Six choices: event (date + attendees), document (file upload), link (external URL), text (free-form note), attestation (signed acknowledgement), and form (structured form schema defined by the requirement).

T

Tax receipt. A PDF receipt issued by the Foundation module for a donation, formatted for U.S. tax-deduction substantiation. Generated on demand for one-off donations and annually (January 15) for batched annual receipts.

Template (compliance). A reusable requirement blueprint. Applying a template to a compliance period generates concrete requirements for each chapter, which are then tracked individually. Compare to: Requirement.

Tenant. A single org's isolated data environment.

TestFlight. Apple's beta-distribution channel. GreekManage publishes iOS builds to TestFlight via Fastlane before promoting to App Store production.

Tier. (Two meanings.)

  • Role tier. A level in the role hierarchy (Platform → Org → Region → Chapter).
  • Compliance tier. The reviewer level a submission must pass — chapter, regional, or org. Each tier records its own reviewer, timestamp, and notes.

Trivy. A container-image and filesystem vulnerability scanner. GreekManage runs it twice (image scan + filesystem scan) in the pre-push gate; suppressions live in .trivyignore with an expiry date.

U

Undergraduate. A common active-member status for current college students.

V

Voter eligibility. Same as election eligibility — who can vote in a given election.

W

WebAuthn. The W3C standard underlying passkeys. GreekManage uses the webauthn Python package on the server and the browser's native navigator.credentials API on the client. Supports both platform authenticators (Face ID, Touch ID, Windows Hello) and roaming authenticators (YubiKey). See also: Passkey, RP ID.

Worktree. A separate working copy of the repo tied to a different branch. Used during parallel development to keep multiple branches checked out at once without stashing. See git worktree add in the developer guide.

Z

ZAP (OWASP Zed Attack Proxy). The dynamic application security testing tool GreekManage runs against the live stack. Three modes: API scan and passive baseline (pre-push, fast), and a full active scan (pre-PR, 15-45 min) that probes for live vulnerabilities with credentialed auth.

See also

Last verified against v0.62.1 (2026-05-10).