alldigital/PSA
2
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
PSA/docs/api/tenant_provisioning_api.md
Hermes 284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Details
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Details
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
Details
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
Details
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Details
Integration Tests / Check for relevant changes (push) Waiting to run
Details
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Details
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Details
Mobile checks / Mobile unit tests (push) Waiting to run
Details
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Details
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Details
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Details
Temporal Readiness / fast-readiness (push) Waiting to run
Details
Temporal Readiness / docker-parity (push) Waiting to run
Details
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Details
Unit Tests / Skipped-test budget (push) Waiting to run
Details
Unit Tests / Nx affected unit tests (push) Waiting to run
Details
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Details
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Details
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
Details
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Details
Initial import of AlgaPSA codebase from PSA server 
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz

Source: /opt/alga-psa on psa.joliet.tech
2026-06-22 16:12:17 -05:00

125 lines
4.1 KiB
Markdown
Raw Blame History

# Tenant Provisioning API Documentation
## 1. Overview
The Tenant Provisioning API is an Enterprise Edition (EE) feature that enables partners to provision and manage tenant accounts. Located in `ee/server/src/api/provisioning/`, this API is only available in enterprise deployments and follows the architectural patterns described in [api_overview.md](api_overview.md).
## 2. Use Cases and Requirements
- **Tenant Provisioning:** Allow partners to create new tenant records
- **Validation:** Ensure all required tenant fields (e.g., company name, contact details) are provided
- **Security and Access Control:** Ensure only authorized partner integrations can access the API
- **Extensibility:** Support future operations (updating tenant details, deletion) through additional endpoints
## 3. Implementation Details
### File Structure
```
ee/
└── server/
└── src/
└── api/
└── provisioning/
├── tenant.controller.ts // Contains the provisioning business logic
├── tenant.routes.ts // Defines Next.js API route handlers
├── tenant.schema.ts // Contains Zod schema for request validation
└── index.ts // Aggregates and exports the router for integration
```
### API Endpoints
- **POST `/api/provisioning/tenants`:**
- **Description:** Create a new tenant
- **Request Body:** JSON payload including mandatory fields
- **Response:** JSON confirmation with the newly created tenant details
- **Required Role:** partner-admin
- **GET `/api/provisioning/tenants/:id`:**
- **Description:** Retrieve details for a specific tenant (future enhancement)
- **PATCH/PUT `/api/provisioning/tenants/:id`:**
- **Description:** Update tenant details (future enhancement)
- **DELETE `/api/provisioning/tenants/:id`:**
- **Description:** Delete a tenant (future enhancement)
### Data Models and Validation
#### Tenant Schema
```typescript
export const TenantSchema = z.object({
client_name: z.string().min(1, "Client name is required"),
email: z.string().email("Invalid email address"),
phone_number: z.string().optional(),
industry: z.string().optional(),
// additional fields as needed
});
```
### Authorization
The API enforces role-based access control through our RBAC system:
- Required role: "partner-admin"
- Permission: "tenant:create"
- JWT must include proper role claims
- Middleware validates permissions before processing requests
### Error Handling
- **400 Bad Request:** Invalid input data
- **401 Unauthorized:** Missing or invalid authentication
- **403 Forbidden:** Insufficient permissions
- **404 Not Found:** Tenant not found
- **409 Conflict:** Tenant already exists
- **500 Internal Server Error:** Server-side errors
## 4. Integration with Actions System
- Leverages existing tenant management actions
- Maintains data consistency through transactions
- Maps action errors to appropriate HTTP responses
## 5. Testing Strategy
- **Unit Tests:**
- Schema validation
- Controller logic
- Error handling
- **Integration Tests:**
- API endpoint behavior
- Authentication flows
- Authorization checks
- **Error Scenarios:**
- Invalid input handling
- Permission validation
- Duplicate detection
## 6. Future Enhancements
- Implement remaining CRUD operations
- Add bulk provisioning capabilities
- Support tenant configuration management
- Implement webhook notifications for tenant lifecycle events
## 7. Example Usage
### Create Tenant Request
```http
POST /api/provisioning/tenants
Authorization: Bearer <jwt_token>
Content-Type: application/json
{
"client_name": "Example Corp",
"email": "admin@example.com",
"phone_number": "+1234567890",
"industry": "Technology"
}
```
### Successful Response
```json
{
"tenant": "550e8400-e29b-41d4-a716-446655440000",
"client_name": "Example Corp",
"email": "admin@example.com",
"phone_number": "+1234567890",
"industry": "Technology",
"created_at": "2025-02-10T16:30:00.000Z",
"updated_at": "2025-02-10T16:30:00.000Z"
}
```
Reference in New Issue View Git Blame Copy Permalink