Managing Tenants
As a Host Administrator, one of your primary responsibilities is the lifecycle management of the Tenants within your DataCentral Instance.
This guide covers how to provision new tenants, configure their database architecture, and manage their active status.
1. Provisioning a New Tenant
Creating a new Tenant is the first step in onboarding a new customer or business unit to DataCentral.
- Log in to the Host Administration portal.
- Navigate to Tenants in the left-hand menu.
- Click the Add Tenant button.
- You will be prompted to provide the core configuration details:
- Tenant Name: A descriptive name for the organization (e.g., "Acme Corp").
- Subdomain: The unique URL prefix the tenant will use to access the platform (e.g.,
acme.datacentral.ai). See the Subdomain Management guide for more details. - Edition: Select the feature bundle that applies to this tenant (e.g., "Standard", "Enterprise"). See the Editions and Feature Flags guide.
- Initial Admin User: You must specify at least one user (usually via a User Pass email address) who will serve as the initial Tenant Administrator.
2. Database Isolation Options
During the provisioning process, you must make a critical architectural decision regarding where the Tenant's configuration and user data will be stored. DataCentral supports two models:
Shared Host Database (Default)
In this model, the new Tenant's data is stored in the same physical database as the Host Instance and other shared Tenants.
- Isolation: Data is logically separated using strict
TenantIDfiltering at the application layer. - Pros: Lower infrastructure cost, easier to manage backups and updates globally.
- Cons: No physical separation of data.
Dedicated Tenant Database
For enterprise customers with strict compliance or data residency requirements, you can provision a Tenant with its own dedicated physical database.
- Isolation: Complete physical separation of the Tenant's configuration, users, and audit logs.
- Pros: Maximum security and compliance, ability to host the database in a specific geographic region.
- Cons: Higher infrastructure overhead and cost.
Note: This setting cannot be easily changed after the Tenant has been created and populated with data.
3. Inheriting vs. Overriding Settings
DataCentral is designed to minimize configuration overhead for Host Administrators. When a new Tenant is created, it can inherit global settings from the Host Instance, or it can override them with Tenant-specific values.
Common settings that can be inherited or overridden include:
- Entra ID (Azure AD) Configuration: A Tenant can use the Host's Entra ID app registration, or provide their own Client ID and Secret to authenticate against their specific corporate directory.
- Power BI Service Principal: A Tenant can use the Host's Service Principal to embed reports, or they can configure their own dedicated Service Principal for stricter isolation of Power BI workspaces.
- Microsoft Graph Service Principal: Used for inviting external guest users and syncing security groups.
4. Managing Tenant Status
Host Administrators have full control over the lifecycle of a Tenant.
- Active: The Tenant is fully operational. Users can log in and view reports.
- Suspended / Deactivated: You can temporarily suspend a Tenant (e.g., due to non-payment or a security investigation). When suspended, all users within that Tenant will be immediately blocked from logging in, and active sessions will be terminated. The Tenant's data remains intact.
- Deletion: Deleting a Tenant is a permanent, destructive action that removes all users, roles, Organizational Units, and settings associated with that Tenant. This action cannot be undone.