ADR-0005: Tenant and Organization Model
Status
Section titled “Status”Accepted for V1.
Context
Section titled “Context”Customers can have very different structures.
Examples include:
- Customer -> Store
- Customer -> Region -> Branch
- Customer -> Warehouse
- Customer -> Direct devices
A fixed hierarchy would not fit all customers.
Decision
Section titled “Decision”Use tenants as hard security boundaries.
Use flexible organization units inside tenants for nested customer structures.
Users may receive access to tenants, organization units, or multiple organization units.
Devices may be assigned to organization units according to business needs.
Consequences
Section titled “Consequences”Positive:
- Flexible model.
- Strong tenant isolation.
- Supports different customer structures.
- Avoids overusing tenants for every hierarchy level.
Negative:
- Authorization logic must handle organization tree access.
- Historical assignment behavior must be designed carefully.