Tenant Management Service Overview

In a multi-tenant environment, a tenant is an application or a group of users that share resources such as data, configuration, and user management. The tenants are logically isolated but physically integrated. That means even if the tenants use the same underlying resources, their data is isolated from each other. All users of a tenant have specific privileges to access the resources associated with that tenant. Each tenant can potentially use multiple service instances. The service instances are specific to the tenant. The Predix platform provides the Tenant Management service as a mechanism to provision service instances for a tenant.

The Tenant Management service offers the following benefits:

• Provisioning of multiple service instances for a tenant. For example, if a tenant requires instances of the Access Control service, Asset service and Time Series service, you can use the Tenant Management service to provision these instances at the same time.

• Cleanup of instances if the tenant is deleted. If a tenant is no longer required, deleting the tenant also deletes the service instances related to the tenant.

  Note: The service instances are deleted only if they were created using the Tenant Management service for that tenant.
• Resolution of service instance credentials at runtime.
• The ability to store client credentials created by one tenant UAA, which clients can use to retrieve credentials (client ID and client secret) to access Predix services.

The following figure shows the architecture of Tenant Management service:

When a tenant registers for an account on Predix.io, the registration process creates a UAA instance and an instance of Tenant Management service for the tenant. The tenant can then use the Tenant Management service to create other service instances.