EN | ES

Introduction

Multitenant is a principle of software architecture in which a single instance of the application is capable of serving multiple clients or organizations (tenant or instance).

...

You can find more details about Multitenant, its advantages, etc., in this entry: A Look at Multitenant: What it is and how it is supported on the Platform

Multitenant Support in Platform

The Multitenant Platform functionality is supported on 2 concepts:

...

In the following diagram, we can see an example of a case of use of the platform in multitenant mode:

...

Considerations on the Installation

New installation with version 1.6.0-Empire or higher

When a new installation is made, without data in the ConfigDB, the UPDATE_MODE_MULTITENANT environment variable must be set to false. If this variable is not set to false, warning messages will appear.

This variable is designed to upgrade environments that already have data, so that existing data is migrated to the master database (users, tokens...).

Upgrade to version 1.6.0-Empire or higher

If an environment is upgraded to this version, you do not need to specify anything.

Multitenant environment configuration

To use the environment in multitenant mode, simply indicate the environment variable MULTITENANCY_ENABLED as 'true' in the Controlpanel and OAuth Server modules:

...

Once enabled, there is a global platform user, with PLATFORM_ADMIN role, in charge of creating the verticals.

Basic Operation

Vertical creation

If you enter with the user platform_admin, you will see a screen with the list of platform verticals:

...

With this user, you can create clients or tenants for the vertical, as well as platform users and assign them to a client.

Creating Tenants of a Vertical

With the user-administrator of the vertical, you can create tenants. Go to the menu option ‘Tenant Management’, under the Administration level:

...

If you enter each client/tenant, you can see a list of its users:

...

Adding an existing Tenant to another vertical

For this example, the Carrefour client already exists in the Prosumers vertical, so that, if you want it to also be a Waste customer, you will need to re-use the platform_admin user, and go to the Waste vertical, then to the 'Tenants' tab .

...

Now Carrefour users will be able to access the Prosumers vertical and Waste.

User Creation for a Tenant

To create users and associate them with a tenant, with the administrator of the vertical, the process is the same as always, only this time you will see one more option when creating it: a combo with that vertical’s clients.

...

Considerations when a Client is associated with several verticals

For this example, as Carrefour is associated with Waste and Prosumers, when you access the platform either through the Control Panel or through Identity Manager OAuth2, you need to specify the vertical to which we want to access.

Control Panel

If you enter through the Control Panel, after entering your password you will be assigned a provisional role with authorization only to choose the vertical you want to access - so you will see a screen with a combo to choose the vertical. Select it and log in:

...

As you have noticed in previous captures, when the platform operates in multitenant mode, the vertical in which you are working is always specified in the upper right bar :

...

Identity Manager OAuth 2.0

For Oauth 2, you need to specify an additional “vertical” parameter, with the name of the vertical you want to access. If you do not specify it and your user is associated with several verticals, you will be given a token with a provisional role that will not have any authorization level to operate with.

...