Skip to content

Multi-Tenant Isolation

ai.TokenHub provides enterprise-grade multi-tenant isolation to ensure data security and resource independence.

Core Features

Tenant Isolation

  • Data Isolation: Complete data isolation between tenants
  • Resource Isolation: Independent quotas and model access permissions
  • Network Isolation: Dedicated network channels and API endpoints

Sub-Account System

Create multiple sub-accounts with fine-grained permission and quota allocation.

json
{
  "sub_accounts": [
    {
      "id": "sub_001",
      "name": "Development Team",
      "role": "developer",
      "quota_limit": 1000000,
      "permissions": ["chat", "embeddings"]
    },
    {
      "id": "sub_002",
      "name": "Product Team",
      "role": "product",
      "quota_limit": 500000,
      "permissions": ["chat"]
    }
  ]
}

API Key Management

Create multiple API Keys with individual quotas and expiration settings.

json
{
  "api_keys": [
    {
      "id": "key_001",
      "name": "Production Key",
      "status": "active",
      "quota_limit": 1000000,
      "expires_at": "2025-12-31T23:59:59Z",
      "allowed_ips": ["203.0.113.0/24"],
      "allowed_models": ["gpt-4o", "gpt-4o-mini"]
    }
  ]
}

Permission Hierarchy

Super Admin

    ├── Tenant Admin
    │       │
    │       ├── Sub-account (Dev)
    │       │       ├── API Key 1
    │       │       └── API Key 2
    │       │
    │       └── Sub-account (Product)
    │               └── API Key 3

    └── Finance Admin
            └── Billing Access

Use Cases

ScenarioDescription
Department IsolationSeparate quotas and permissions per department
Environment IsolationSeparate prod/test/dev environments
Project IsolationIndependent management and billing per project
Customer IsolationSaaS service for different customers

Best Practices

  1. Least Privilege: Grant permissions as needed
  2. Regular Rotation: Rotate API Keys periodically
  3. Quota Control: Set reasonable quota limits per Key
  4. IP Whitelist: Enable IP restrictions for production
  5. Usage Analytics: Regularly review Key usage