Skip to content

How do I create a tenant?

Requires Pro

Open Administration → Tenant Management, click “Create tenant”, and provide a name, slug, license tier — as well as the owner’s details (email, username, name, password). A tenant is never created empty: the owner is its first administrator. Once saved, the tenant is active immediately and the owner can sign in.

Check beforehand under Administration → License how many tenants your license allows (max_tenants; Community: 1, Enterprise: unlimited). The chosen tenant plan must not be higher than the installation’s plan.

  1. Open Tenant Management. Administration → Tenant Management. You’ll see all tenants with their slug, license tier, and owner. Click “Create tenant”.

    Tenant management, with the 'Create tenant' button.
  2. Fill in the tenant and owner. Required fields:

    • Name — the tenant’s display name (e.g. “ACME GmbH”).
    • Slug — a technical short name, lowercase letters, digits and - only (e.g. acme-gmbh). Must be unique.
    • License tier — the tenant’s plan (Community, Basic, Professional, Elite, Enterprise).
    • Owner — the email, username, full name, and password of the first administrator. The same rules apply to this account as when creating a user.

    Optional: logo URL, primary/secondary color (branding), and max. assets.

    A tenant is always created together with its owner (first administrator).
  3. Save. The tenant appears in the list — including the owner’s e-mail. The owner signs in with the credentials you set and configures their tenant (users, branding, optionally SSO).

  • Capacity check first. Before creating the tenant, Notory checks the product license’s tenant limit (max_tenants). If it’s reached, the call ends with 403 — including an upgrade hint.
  • Plan validation. An unknown license tier is rejected with 422; a tier above the installation’s license with 403 (“does not permit creating a tenant on the higher ’…’ plan”). Either way, the effective plan is always the intersection.
  • Owner account included. Along with the tenant, its first administrator is created (role admin, within the new tenant). Password rules and Argon2id hashing follow the normal user creation process; the email/username must be free system-wide.
  • Isolated immediately. From the very first second, tenant isolation applies: the new tenant sees exclusively its own data.
  • Deletion is drastic. DELETE /api/v1/tenants/{id} irrevocably removes the tenant and all of its data (which is why the GUI requires typing the slug to confirm). Only audit log entries are retained. You cannot delete your own tenant.