Tenants

The Tenants view provides comprehensive management capabilities for multi-tenant DataStream deployments. This interface enables administrators to create, monitor, and manage separate tenant organizations with dedicated resource allocations and complete data isolation.

---

To access the Tenants view:

1. Go to the Home > Organization pane
2. Click Manage Tenants

-or-

1. Click the hamburger menu on the top left
2. Select Organization > Tenants

The view contains the following essential components:

• Search tenants - Filter tenants by company name or owner
• Status filter - Show tenants by status (All, Active, Inactive)
• Add new tenant - Create new tenant organizations
• Tenant table - Display tenant details and management options
• Items per page - Control pagination settings
• Action menu - Access tenant-specific operations

Tenant Table

The table displays all tenant organizations with their operational status and resource usage:

• Company Name - Tenant organization identifier
• Account Owner - Primary administrative contact
• Data Ingestion Limit - Allocated daily processing capacity (GB)
• Av. Daily Data Ingest - Current usage percentage of allocated limit
• Status - Tenant operational state (Enabled/Disabled)

Tenant Actions

The Action Menu (⋮) in the tenant table provides quick access operations:

• View company details - Access detailed tenant information and settings
• Log in to tenant - Switch context to manage tenant-specific configurations

Tenant Detail View

Selecting a tenant from the table opens the detailed tenant management interface with comprehensive operational controls organized into tabbed panels.

Navigation

The tenant detail view provides four primary management panels:

• Tenant Details - Company information, configuration settings, and resource limits
• Plan Usage - Resource consumption tracking and capacity monitoring
• Activity Logs - Tenant-specific audit trail and activity history
• Access Requests - Temporary access management and permission delegation

Actions

The Actions menu in the detail view provides tenant-specific operations that vary based on current tenant status:

Available for All Tenants:

• Log in to tenant - Switch context to the selected tenant organization

Active Tenant Operations:

• Disable tenant - Deactivate tenant access while preserving data

Inactive Tenant Operations:

• Enable tenant - Restore access to previously disabled tenant
• Delete tenant - Permanently remove tenant and all associated data

Multitenancy Management

VirtualMetric DataStream multitenancy enables enterprises to allocate licensed resources to other organizations, creating isolated tenant environments for independent telemetry processing. Each tenant operates with dedicated resource allocations, separate configurations, and complete data isolation while sharing the underlying DataStream infrastructure.

Create New Tenant

To access Tenant Management

1. Navigate to Organization > Tenants
2. Click the Create New Tenant button

Then, provide the following information:

Tenant Details:

• Tenant Name: Unique identifier for the organization
• Owner: Primary contact for the tenant
• Status: Set to Active to enable access
• Parent Tenant: Select parent for hierarchical structure (optional)

Resource Limits:

• Data Ingestion Limit: Daily data processing threshold
• User Limit: Maximum number of users allowed
• Storage Limit: Data retention capacity restrictions
• Pipeline Limit: Maximum concurrent processing pipelines

Subscription Details:

• Plan ID: Select appropriate service tier
• Edition ID: Choose feature set availability
• Subscription ID: Link to billing subscription

Tenant Limit Warnings

When creating a new tenant, the system validates resource availability against your organization's limits. If limits are reached, a warning modal appears:

Main Tenant at Maximum Limit:

• Displays when your organization's tenant allocation is fully utilized
• Provides option to adjust company limits via Adjust your company limit button
• Navigates to Company Settings where parent tenants can modify their daily data ingestion allocation

Subtenant Capacity Exceeded:

• Displays when the requested subtenant resources exceed available parent capacity
• Shows current allocation and remaining capacity
• Requires adjusting parent tenant limits or reducing subtenant resource requests

note

The Adjust your company limit option is only available to parent tenants. Sub-tenants must contact their parent tenant administrator to request limit increases.

Tenant Hierarchy Management

Parent-Child Relationships: Tenants can be organized hierarchically for enterprise management.

• Parent Tenant: Controls child tenant configurations and limits
• Child Tenant: Inherits parent restrictions and policies
• Data Isolation: Each tenant has completely isolated data processing and storage

Subtenant Management

To create subtenants for departmental or project-specific data isolation:

1. Navigate to tenant → Subtenants section
2. Click Add Subtenant

Here, you can configure name, owner, and resource allocations. Then, provide the following the subtenant properties:

• Owner Email: Administrative contact
• Usage Tracking: Monitor data ingestion against limits
• Independent Configuration: Separate devices, pipelines, and targets

Disable Tenant

To disable a tenant,

1. Navigate to Tenants management
2. Select target tenant
3. Change Status to Inactive

The tenant retains data but loses access.

Delete Tenant

To delete a tenant,

1. Navigate to tenant settings
2. Click Delete Tenant (requires confirmation)

note

To be able to delete a tenant, make sure that it is inactive, and that its data has been exported.

warning

Deleting a tenant permanently removes all its data and configurations.

Tenant Access Control

Each tenant maintains independent:

• User accounts and roles
• Device configurations
• Processing pipelines
• Target destinations
• Audit logs and monitoring

Users cannot access data or configurations from other tenants, ensuring complete isolation.

Resource Monitoring

Track tenant usage through:

• Daily data ingestion volume
• Active user count
• Storage consumption
• Pipeline execution statistics

note

Alerts trigger when tenants approach configured limits.

Access Requests

The Access Requests system enables time-limited permission delegation for tenant access, allowing administrators to grant temporary access to users with specific permissions and automatic expiration. This feature supports controlled collaboration and audit compliance for sensitive tenant operations.

Overview

Navigate to the Access Requests tab within a tenant detail view to manage temporary access permissions.

The access requests table displays:

• User - Email address of the user requesting access
• Status - Current request state (Active, Pending, Expired, Revoked, Rejected)
• Expiration - Access expiration date and time with relative countdown
• Permissions - Count of granted permissions with detailed breakdown
• Actions - Request-specific operations menu

Access Request Status

Access requests progress through defined lifecycle states:

• Pending - Request created but not yet active
• Active - Currently valid access with permissions applied
• Expired - Access period ended, permissions automatically revoked
• Revoked - Manually cancelled before expiration
• Rejected - Request denied by administrator

Create Access Request

To create an Access Request,

1. Navigate to Access Requests and

2. Open Tenant details view

3. Select Access Requests tab

4. Click Create new access request

5. Select User and Duration:

   • User - Choose target user from dropdown
   • Request Note - Document justification for access
   • Expiration - Set access end date/time or select preset duration

6. Configure Permissions: Access requests support two configuration methods:

   • Basic Configuration - Select from predefined custom roles. Single role selection grants complete permission set. Simplified workflow for standard access patterns.
   • Advanced Configuration - Granular permission selection by access group. Select specific permissions from categorized groups. Search and filter available permissions. Select all or remove all permissions per group. Save custom selections as reusable custom role

7. Review and Submit - Review selected permissions in summary panel. Verify user, expiration, and permission details. Submit request for activation.

Access Request Actions

The Actions menu (⋮) for each access request provides status-appropriate operations:

All Requests:

• See details - View complete request information including full permission list
• Clone access request - Duplicate configuration for similar access needs

Active Requests:

• Extend access time - Modify expiration date to extend access period

Active and Pending Requests:

• Revoke access - Immediately cancel access and remove permissions

Managing Pending Access Requests

When access requests are submitted, administrators can review and respond to pending requests through the Access Requests interface.

Pending Request Actions

The Actions menu (⋮) for pending requests provides:

• Manage request - Open detailed request view with approval options

Request Detail Drawer

When managing a pending request, a side panel displays comprehensive request information:

Request Information

• Requesting User - Full name of the user requesting access
• Request Send For - Email address of the requesting user
• Request Time Limit - Duration of requested access period
• Request Note - Justification provided by the requesting user
• Permission Status - Current request state (Pending)
• Permissions Expires At - Scheduled expiration date and time
• Full Permission List - Complete breakdown of all requested permissions organized by access group

Approval Actions

The drawer provides two response options:

• Approve Request - Grants all requested permissions to the user. Activates access immediately. Changes request status from Pending to Active. Records approving administrator and timestamp in audit trail

• Reject Request - Denies access request without granting permissions. Changes request status from Pending to Rejected. Records rejecting administrator and timestamp in audit trail. User must submit new request if access is still needed

Response Tracking

After approval or rejection, the access request table displays:

• Action Taken By - Administrator who approved or rejected the request
• Action Taken At - Timestamp when the response was recorded

Notification Workflow

• Success notifications confirm approval or rejection actions
• Failed actions display error messages requiring retry
• All actions are logged in tenant activity history

Permission Management

Custom Role Creation: When using Advanced Configuration, administrators can save permission selections as reusable custom roles:

1. Select desired permissions from access groups
2. Click Save as custom role
3. Provide role name and description
4. Custom role becomes available for future Basic Configuration selections

Configuration Method Switching: Administrators can switch between Basic and Advanced configuration methods during request creation. Switching between methods clears current selections.

Access Request Monitoring

Access requests can be monitored using the following:

• Expiration Tracking - The system displays expiration dates with relative time indicators:

  • Hover over expiration date to view countdown (e.g., "expires in 3 days")
  • Expired requests show "expired at" with timestamp
  • Visual status tags indicate current state

• Search and Filtering

  • Search access requests by user email
  • Filter requests by status
  • Paginate through request history