Multitenant - Several Subdomains
Last updated
Was this helpful?
Last updated
Was this helpful?
The multi-tenant architecture enables a Service Provider to offer infrastructure that provides third parties with secure, independent access to their private networks. Each network operates within its own subdomain, allowing organizations to use their resources independently while benefiting from the security features of Thinfinity® Workspace. Additionally, the Service Provider manages network maintenance and administration, ensuring a seamless and secure environment for each tenant.
This architecture consists of a Primary Broker for each tenant, each with a unique Network ID mapped to a specific subdomain. The Primary Broker maintains a constant connection with the Gateway and grants users access to the end resources.
In this scenario, each tenant uses a Primary Broker to manage the access and the workload of the network, ensuring users are redirected to the correct resources based on their credentials and configurations.
The Gateway deploys a unique domain, owned by the Service Provider, with multiple subdomains—one for each tenant—each mapped to a unique Network ID. These subdomains serve as access points to private networks (tenants).
When an end-user accesses a URL, such as www.subdomain.domain.com
, the Gateway automatically redirects them to the corresponding tenant where a Primary Broker attends the authentication. Once authenticated, the user has access to the designated tenant, where the Primary Broker processes their requests and connects them to the corresponding end resources.
This architecture allows tenant owners to manage and take full responsibility for every aspect of authentication methods and user credentials through each Primary Broker. Tenant admins can define customized access and security policies, including role-based authorizations.
Multitenant network use cases are commonly adopted by Service Providers. These networks allow different types of users to access isolated environments, enabling each user to manage their own resources and utilize the services they need without having to handle network maintenance.
For example, a user can host an application or an intranet within a tenant that is only accessible to members of their subdomain.