FEATURES
Tenants
Top-level account boundary for billing, RBAC, and API scoping.
Overview
Top-level account boundary for billing, RBAC, and API scoping.
Who should use this
Anyone building multi-customer SaaS on StartupCore.
Core concepts
Each user may belong to one tenant context per session (tenantId in JWT). Tenant types: customer, internal, agency, marketplace_seller.
Setup
Register via org portal → POST /tenants with name/slug → GET /tenants/current.
Required entitlement
Core — no separate feature flag.
Required permissions
tenant.view, tenant.update (Owner/Admin).
REST API
GET /me, GET /tenants/current, POST /tenants, GET/PATCH /tenants/{tenantId}.
SDK (@startupcore/api-client)
startupCore.tenants.getCurrent(), startupCore.tenants.create({ name, slug }).
Security notes
Never expose tenant secrets in the browser for server integrations.
Troubleshooting
UNAUTHORIZED — refresh Cognito access token via your portal BFF /api/auth/refresh or re-login.