I have two tenants, “A” and “B”, and four users; Joe, Bill, Suzy and Steve.
When signing in, Joe and Bill should only be able to see stuff that is in Tenant A, and Suzy and Steve should only be able to see stuff in Tenant B.
The would normally have the “Automation User” role, but how do I make sure that I limit their access to only their respective tenants. I don’t even want them to be able to see that other tenants exist, for example in the dropdown in the top right corner.
Anyone?
-Jeppe
Hi @jjes
As per my knowledge,
Assign them the “Automation User” role only within their designated tenant. Because users are scoped per tenant, when they sign in, they will see and access only their assigned tenant, and other tenants won’t appear in the tenant dropdown or be accessible to them. This setup enforces strict tenant-level isolation so users cannot view or switch to tenants they don’t belong to.
For more:
Happy Automation
Hi @jjes,
When you have two tenants, Users of tenant A cannot access tenant B and vice-versa. You should create the user accounts of Joe and Bill in Tenant A with Automation User Role, and do the same for Suzy and Steve in Tenant B.
Regards
Hallo Jeppe,
Main thing you need to do is remove the ‘Everyone’ group and any other relevant generic ones that people are automatically added to in your tenants.
After that, it should be as straight forward as only the users you directly add to a tenant, or inherit via a group, will be able to access it, I think that also limits what you see in the corner too, but if they can view the admin tab at all they can see all the tenants.
I think I know what you are thinking of doing here, we are considering the same, so can share notes privately if you like?
On the advice of counsel, I take the 5th. 