Tenant Endpoints
Multi-tenant configuration and management.
Get Configuration
GET /tenant/config
Get current tenant configuration.
bash
curl http://localhost:3000/tenant/config \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123"Response:
json
{
"routes": [...],
"credentials": {...},
"rateLimit": {...}
}Save Configuration
POST /tenant/config
Save tenant configuration.
bash
curl -X POST http://localhost:3000/tenant/config \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123" \
-H "Content-Type: application/json" \
-d '{
"routes": [
{
"path": "/custom",
"method": "get",
"description": "Custom endpoint"
}
],
"rateLimit": {
"enabled": true,
"default": { "max": 500 }
}
}'Response:
json
{
"success": true,
"message": "Configuration saved"
}Secrets
GET /tenant/secrets
List secret keys (values not returned).
bash
curl http://localhost:3000/tenant/secrets \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123"Response:
json
{
"secrets": [
"STRIPE_SECRET_KEY",
"JIRA_API_TOKEN"
]
}POST /tenant/secrets
Store a secret.
bash
curl -X POST http://localhost:3000/tenant/secrets \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123" \
-H "Content-Type: application/json" \
-d '{
"key": "STRIPE_SECRET_KEY",
"value": "sk_live_..."
}'Response:
json
{
"success": true,
"message": "Secret stored"
}DELETE /tenant/secrets/:key
Delete a secret.
bash
curl -X DELETE http://localhost:3000/tenant/secrets/STRIPE_SECRET_KEY \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123"Usage
GET /usage/summary
Get usage summary.
bash
curl http://localhost:3000/usage/summary \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123"Response:
json
{
"tenant_id": "tenant-123",
"period": "2024-01",
"api_calls": 15420,
"llm_tokens": 250000,
"storage_bytes": 1073741824,
"bandwidth_bytes": 5368709120
}GET /usage/history
Get usage history.
bash
curl "http://localhost:3000/usage/history?period=2024-01" \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123"Response:
json
{
"history": [
{ "date": "2024-01-01", "api_calls": 500, "llm_tokens": 8000 },
{ "date": "2024-01-02", "api_calls": 520, "llm_tokens": 9200 }
]
}Tenant Info
GET /tenant/info
Get tenant information.
bash
curl http://localhost:3000/tenant/info \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: tenant-123"Response:
json
{
"id": "tenant-123",
"name": "Acme Corp",
"plan": "pro",
"createdAt": "2024-01-01T00:00:00Z",
"limits": {
"apiCalls": 100000,
"llmTokens": 1000000,
"storage": 10737418240
}
}Configuration Schema
Tenant configs support:
typescript
interface TenantConfig {
routes?: RouteConfig[];
credentials?: CredentialsConfig;
rateLimit?: RateLimitConfig;
cache?: CacheConfig;
webhooks?: WebhookConfig[];
}RBAC
Manage custom roles for tenant end-users.
GET /tenant/rbac
Get RBAC configuration.
bash
curl http://localhost:3000/tenant/rbac \
-H "Authorization: Bearer <token>"Response:
json
{
"enabled": true,
"defaultRole": "viewer",
"roles": [
{ "name": "viewer", "permissions": ["read"] },
{ "name": "admin", "permissions": ["read", "write", "delete"] }
]
}POST /tenant/rbac/roles
Create a new role.
bash
curl -X POST http://localhost:3000/tenant/rbac/roles \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{
"name": "editor",
"description": "Can edit content",
"permissions": ["read", "write"]
}'PUT /tenant/rbac/roles/:name
Update a role.
bash
curl -X PUT http://localhost:3000/tenant/rbac/roles/editor \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{
"permissions": ["read", "write", "publish"]
}'DELETE /tenant/rbac/roles/:name
Delete a role.
bash
curl -X DELETE http://localhost:3000/tenant/rbac/roles/editor \
-H "Authorization: Bearer <token>"Resource Limits
Manage flexible resource limits for workflows, LLM, API calls, etc.
GET /tenant/limits/resources
Get resource limits configuration.
bash
curl http://localhost:3000/tenant/limits/resources \
-H "Authorization: Bearer <token>"Response:
json
[
{
"resource": "workflow",
"metric": "count",
"period": "day",
"limit": 100,
"tiers": { "free": 10, "pro": 100 }
}
]PUT /tenant/limits/resources
Update resource limits.
bash
curl -X PUT http://localhost:3000/tenant/limits/resources \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '[
{
"resource": "llm",
"metric": "tokens",
"period": "month",
"limit": 100000,
"gateAction": "block"
}
]'GET /tenant/limits/resources/usage
Get resource usage statistics.
bash
curl "http://localhost:3000/tenant/limits/resources/usage?userId=user-123" \
-H "Authorization: Bearer <token>"Response:
json
[
{
"resource": "workflow",
"metric": "count",
"period": "day",
"current": 45,
"limit": 100,
"percentage": 45,
"scope": "user"
}
]POST /tenant/limits/resources/check
Check if a resource action is allowed.
bash
curl -X POST http://localhost:3000/tenant/limits/resources/check \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{
"userId": "user-123",
"resource": "workflow",
"metric": "count",
"amount": 1
}'Response:
json
{
"allowed": true,
"gateAction": "block",
"usage": { "current": 45, "limit": 100 }
}POST /tenant/limits/resources/track
Track resource usage.
bash
curl -X POST http://localhost:3000/tenant/limits/resources/track \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{
"userId": "user-123",
"resource": "llm",
"metric": "tokens",
"amount": 1500
}'Security
- Secrets are encrypted at rest
- Tenant isolation enforced
- Config changes logged
- Rate limits per tenant