Skip to main content

Tenant Management

Tenant management allows you to create, retrieve, manage, and delete tenants across multiple ecosystems (OpenID, Privado ID, Indicio, Cheqd). Tenants serve as isolated environments for self sovereign identity identity operations within each ecosystem. This section covers methods to handle tenant lifecycle and configuration, including webhooks and key rotation.

Create Tenant

Creates a new tenant in the specified ecosystem.

import { OpenIDEcosystem } from '@openid/core-sdk';

const openid = new OpenIDEcosystem({
  apiKey: 'your-ecosystem-api-key',
});

const tenant = await openid.createTenant({
  tenantName: 'your-tenant-name',
  tenantLabel: 'Your Tenant Label',
  tenantSecret: 'secret1243',
  imageUrl: 'https://example.com/logo.png',
});

Params

ParameterTypeDescription
tenantNamestring (Required)A unique name for the tenant.
tenantLabelstring (Required)A human-readable label for the tenant.
tenantSecretstring (Required)A secret key for tenant access (keep secure).
imageUrlstring (Required)A URL pointing to the tenant's logo or image.
webhooksstring[] (Optional)An array of webhook URLs for tenant notifications.
note
  • Ensure the tenantName is unique within the respective ecosystem.
  • Store tenantSecret securely (e.g., in environment variables) to prevent exposure.

Get All Tenants

Retrieves a list of all tenants associated with the authenticated API key in the specified ecosystem.

import { OpenIDEcosystem } from '@openid/core-sdk';

const openid = new OpenIDEcosystem({
  apiKey: 'your-ecosystem-api-key',
});

const tenants = await openid.getAllTenants({});

Params

ParameterTypeDescription
tenantIdstring (Optional)Filter by a specific tenant ID (if omitted, returns all tenants).
note
  • Use the tenantId filter for pagination or specific tenant queries if managing multiple tenants.
  • Response size may vary; consider limiting with additional query parameters (if supported in future updates).

Get Tenant Public DID

Retrieves the public DID (Decentralized Identifier) for a specified tenant in the respective ecosystem.

import { OpenIDEcosystem } from '@openid/core-sdk';

const openid = new OpenIDEcosystem({
  apiKey: 'your-ecosystem-api-key',
});

const did = await openid.getTenantPublicDid({
  tenantId: 'your-tenant-id',
});

Params

ParameterTypeDescription
tenantIdstring (Required)The ID of the tenant to query.
note
  • The public DID is used for identity verification and should be shared only with trusted parties.
  • Ensure the tenantId exists, or the method will return an error.

Rotate Tenant Key

Rotates the access token for a tenant in the specified ecosystem, enhancing security by generating a new key.

import { OpenIDEcosystem } from '@openid/core-sdk';

const openid = new OpenIDEcosystem({
  apiKey: 'your-ecosystem-api-key',
});

const newToken = await openid.rotateTenantKey({
  tenantId: 'your-tenant-id',
  accessToken: 'current-token-xyz',
  tenantSecret: 'your-tenant-secret',
});

Params

ParameterTypeDescription
tenantIdstring (Required)The ID of the tenant to rotate.
accessTokenstring (Required)The current access token for authentication.
tenantSecretstring (Required)The tenant's secret key for validation.
note
  • Rotate keys periodically or after a security breach.
  • The old accessToken becomes invalid immediately after a successful rotation.

Delete Tenant

Deletes a tenant and all associated data from the specified ecosystem.

import { OpenIDEcosystem } from '@openid/core-sdk';

const openid = new OpenIDEcosystem({
  apiKey: 'your-ecosystem-api-key',
});

const result = await openid.deleteTenant({
  tenantId: 'your-tenant-id',
  tenantSecret: 'your-tenant-secret',
});

Params

ParameterTypeDescription
tenantIdstring (Required)The ID of the tenant to delete.
tenantSecretstring (Required)The tenant's secret key for validation.
note
  • This action is irreversible and deletes all tenant data (credentials, connections, etc.).
  • Verify the tenantId and tenantSecret before proceeding to avoid accidental deletion.

Contents