Multi-tenancy Concept
π Overviewβ
Multi-tenancy on the WKS Power Platform is designed to provide each tenant with a secure and isolated operational environment, akin to providing separate office suites within a single corporate building. This architecture allows service providers to manage multiple clients efficiently while ensuring that each client's data and operations remain private and secure.
ποΈ Architectural Overviewβ
Tenant URL Structure πβ
- Each tenant accesses their environment through a unique subdomain, following the format tenant_id.somedomain.com (e.g., saasCustomer1.wksplatform.com).
- This subdomain serves as the dedicated entry point to the tenantβs specific portion of the platform, ensuring direct and secure access.
Keycloak Realms πβ
- Each tenant has a separate Keycloak realm, providing a dedicated security domain that controls authentication and authorization. This setup ensures that user credentials and permissions are managed locally within each tenant's realm, enhancing security and privacy.
- Upon onboarding a new tenant, a realm is specifically created and configured with unique security settings and user management protocols tailored to meet the tenant's needs.
MongoDB Databases ποΈβ
- Each tenant has a separate database to store tenant-specific data securely and maintain complete data isolation between tenants.
- Creating a dedicated MongoDB database for each new tenant setup, ensuring that data from one tenant is completely inaccessible to another.