Multi-tenancy
Isolated tenants with per-tenant configuration. Perfect for SaaS and managed services.
Complete isolation
Each tenant's data is fully isolated. No cross-tenant data leakage, guaranteed.
Per-tenant branding
Customize login pages, emails, and UI with each tenant's logo and colors.
Delegated admin
Tenant administrators manage their own users, groups, and settings independently.
Unlimited tenants
No limits on tenant count
Full data isolation
Complete tenant separation
Per-tenant configuration
Independent auth policies
noo id provides true multi-tenancy with complete data isolation, per-tenant configuration, and delegated administration. Each tenant operates in its own isolated environment with independent users, groups, authentication policies, and branding — all managed from a single control plane. Build secure, scalable SaaS applications without worrying about cross-tenant data leakage.
Multi-tenant architecture
Defense-in-depth isolation across every layer of the stack.
noo id implements tenant isolation at three distinct layers. The data layer scopes every database record by tenant ID with automatic query filtering at the ORM level. The application layer enforces tenant boundaries on every API request, admin action, and background job. The network layer adds dedicated subdomains, custom domains, and per-tenant rate limiting for complete separation.
Isolation model
Every component enforces strict tenant boundaries to prevent cross-tenant access.
- Database records scoped by tenant ID
- API authorization enforces tenant boundaries
- Session tokens valid only within issuing tenant
- Cache keys include tenant ID to prevent pollution
- Rate limits enforced per-tenant
Per-tenant configuration
Authentication policies
Independent password rules, MFA requirements, and allowed login methods for each tenant.
Branding & custom domains
Custom logos, colors, login pages, email templates, and fully white-labeled domains per tenant.
Session management
Configurable session timeouts, concurrent session limits, and persistent session policies.
Security controls
Per-tenant IP allowlisting, geofencing, device fingerprinting, and brute-force protection thresholds.
Delegated administration
Tenant Owner
Full control over tenant configuration, billing, and all administrative functions.
Tenant Admin
Manages users, groups, and authentication policies within the tenant.
User Manager
Creates and manages user accounts without access to tenant-wide settings.
Auditor
Read-only access to audit logs, authentication events, and configuration review.
Frequently asked questions
What is multi-tenancy and why is it important for SaaS? +
Multi-tenancy allows you to serve multiple customers (tenants) from a single noo id instance while keeping their data completely isolated. This is essential for SaaS applications because it provides the security and customization benefits of separate instances with the operational simplicity and cost efficiency of a shared platform.
How is tenant data isolated? +
noo id uses multiple layers of isolation. At the database level, every record is tagged with a tenant ID and queries are automatically scoped. At the API level, all operations are tenant-aware and enforce strict authorization. At the network level, tenants can optionally have dedicated subdomains. This defense-in-depth approach ensures no tenant can access another tenant's data.
Can I have different authentication policies for different tenants? +
Yes, absolutely. Each tenant can have completely independent configuration including password policies, MFA requirements, session timeouts, allowed authentication methods (email/password, social login, SSO), and security settings. One tenant might require MFA for all users while another makes it optional.