Tenants

TL;DR

Tenants separate resources, bundles, and users for multi-team or multi-customer setups. Use tenants when you need logical isolation between groups.

Why tenants matter

• Isolate bundles and users between teams or customers.
• Simplify billing, auditing, and access control per group.
• Reduce risk of accidental cross-team access.

When to use tenants

• Multiple product teams sharing one EnvCat instance
• Service providers who host multiple customers on the same instance (with tenant isolation)
• Large organizations that require org-level separation

How tenants work

• Each tenant owns bundles, keys, and users. API calls and UI actions are scoped to the current tenant.
• Admins can create tenants and invite users into them.

Example

# Create tenant (Admin)
curl -X POST http://localhost:8888/api/v1/tenants -H "Content-Type: application/json" \
  -d '{"name":"acme-corp","description":"ACME Corp tenant"}'

# Invite user into tenant
curl -X POST http://localhost:8888/api/v1/tenants/acme-corp/invite \
  -H "Content-Type: application/json" -d '{"email":"designer@acme.com","role":"Designer"}'

Best practices

• Use tenants only when you require strict separation. For small teams, organize with bundles and roles instead of tenants.
• Limit tenant admins and review membership regularly.

Next steps

• See Onboarding recipe for tenant-based onboarding: ../recipes/onboard-new-dev.md