Tenant Management
A tenant represents a single organization’s workspace in SecureHive. Tenant management covers creating workspaces, managing tenant-level configuration, and understanding how data isolation works across the platform.
Tenant architecture
SecureHive uses a multi-tenant architecture where each organization operates in a fully isolated environment. Tenant isolation ensures that data, configurations, users, and integrations are completely separated between organizations.
| Concept | Description |
|---|---|
| Tenant | A single organization’s workspace, identified by a unique subdomain and internal tenant ID |
| Tenant ID | A system-generated unique identifier used in API calls, webhooks, and SCIM configuration |
| Subdomain | The URL prefix for the workspace (https://[subdomain].securehive.ai) |
| Data isolation | All data — users, risks, policies, assessments, documents — is scoped to the tenant |
Creating a tenant
Tenants are created through the Company Onboarding flow or by an account representative. During creation, the organization provides a company name, selects a subdomain, verifies an admin email address, and chooses an industry vertical and company size.
Self-service tenant creation is available via the SecureHive homepage. For enterprise provisioning with custom configurations, contact your account representative.
Tenant configuration
After creation, admins can configure the following tenant-level settings:
Organization profile
Update your company name, industry, size, and primary contact information under Settings → Platform Settings. These details appear in compliance reports and the Trust Portal.
Identity and access
Configure SSO providers, SCIM provisioning, and authentication policies. See Identity Provider Authentication for detailed setup instructions.
Team management
Invite users, assign roles, and manage permissions under Settings → Team. SecureHive supports predefined roles (Admin, Manager, Analyst, Viewer) and custom role definitions. See Roles & Permissions for details.
Integration connections
Connect external tools — JIRA, Microsoft 365, SIEM platforms — at the tenant level. Each integration is scoped to the tenant and uses tenant-specific credentials. See Integrations for available connectors.
User management
Users belong to exactly one tenant. User management includes inviting new users (via email invitation or SCIM provisioning), assigning roles that control access to features and data, deactivating users who leave the organization (deactivation preserves audit history), and managing API keys for service accounts.
Deactivating a user does not delete their data or audit trail. All actions taken by that user remain in the system for compliance and audit purposes.
Data residency
SecureHive processes and stores all tenant data in AWS infrastructure. Data residency details are available on request for organizations with specific regulatory requirements around data location.
Tenant limits
Default tenant limits ensure fair resource usage across the platform:
| Resource | Default limit |
|---|---|
| Users | Determined by subscription tier |
| Vendors | Unlimited |
| Risk register items | Unlimited |
| Policies | Unlimited |
| Document storage | Determined by subscription tier |
| API requests | Rate-limited per tenant (see API Reference) |
Limits can be adjusted based on your subscription. Contact your account representative for enterprise-tier configurations.
Best practices
Complete your organization profile before inviting team members — it sets the context for the entire workspace. Configure SSO and SCIM early to automate user provisioning and reduce manual onboarding. Use role-based access control to enforce least privilege across your team. Review active users quarterly and deactivate accounts that are no longer needed.