Tenants
Definition
Soffid is multi tenant. This means that one can configure many differente tenants to manage disjoints groups of identities and applications.
Each Soffid object, including applications, systems, roles, users, and accounts are bound to a single tenant.
Of course, there is a special tenant named master. Master tenant administrators can jump to any other tenant with administration privileges.
Soffid recommends connecting directly to the specific tenant to configure it correctly. You have more information about this topic in the Tenant access section.
Screen overview
Related objects
Standard attributes
- Name: Set a short name for the tenant.
- Description: Enter a long description for the tenant
- Enabled: Usually set to yes. If it's set to NO, no user will be able to log in to that tenant, and no provisioning or automated task will be ran on that tenant.
- Disabled permissions: By default, tenant administrator permissions are restricted, so they are not able to bypass tenant borders and access to other tenant information. To achive this, the following permissions are disabled by default, but some others can be added:
- Open the tenants management page
- Use the tenant micro-service
- Manage sync servers
- Assigned servers: By default, the new tenant will not be able to use any sync server unless it is authorized to. So, one can create a sync server for a specific tenant that cannot be used by any other tenant.
Actions
Table actions
| Add new |
Allows you to create a new Tenant. |
| Download CSV file | Allows you to download a CSV file with the tenant information displayed in the table. |
Tenant actions
|
Apply changes |
Allows you to save the data of a new tenant or to update the data of a specific tenant. To save the data it will be mandatory to fill in the required fields. |
|
Export |
The process will generate a compressed file with all the information contained in the Tenant. It includes even the connectors configurations, mappings and global settings. |
|
Delete Tenant |
Allows you to delete the tenant. To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation. Remember that this action will delete all data from the tentant. We recommend saving a backup using the Export option beforehand. |
|
Login |
If you have permission to log into a different tenant, you can use this option to access to it. This option is not intended for normal usage, but for administrative purposes |
|
Import |
The user can upload the previously exported tenant. The process will restore all the information contained in the Tenant, including connectors configurations, mappings and global settings.If the Tenant already exists, the process will not replace it. A new tenant will be created with a new name. If you want to replace the existing tenant, remove it before uploading the tenant export file. |
|
Undo |
Allows you to quit without applying any changes. |
Others
Tenant access
Option 1: direct access to the tenant
When users are connecting to Soffid console, the master tenant is displayed by default. In order to directly connect to any tenant, a DNS entry with the tenant name must be added to your DNS server.
For instance, if you have deployed a Soffid console with the DNS name console.soffid4.local, the DNS name test.console.soffid4.local will be used to access to the test tenant.
Note that you must configure the hostName Soffid parameter in the master with your DNS name
Option 2: access through the master
You can also configure the login page using the soffid.auth.showTenant Soffid parameter. If the parameter value is true, Soffid will display a new box in the login page to write the tenant name to login.
