# MultiTenancy in Aritma ID

## What is a Tenant?

A **tenant** represents an isolated group of users, clients, and resources within Aritma ID. In a multi-tenant environment, different organizations or business units can use the same identity server while maintaining their own authentication, authorization, and policies.

### Key Characteristics of a Tenant:

- **Unique Identifier**: Each tenant has a distinct identifier.
- **Isolated Data**: User identities, claims, and security policies are scoped per tenant.
- **Independent Configuration**: Tenants can have separate authentication providers, token lifetimes, and authorization rules.


## How Tenants are Represented in Aritma ID

Tenancy in Aritma ID is implemented by Path-Based Tenancy, meaning
each tenant is specified in the URL path:


```http
GET https://id.aritma.io/{tenant}/connect/authorize HTTP/1.1
```

- Example: `https://id.aritma.io/{tenant}/connect/authorize`
- The tenant is extracted from the path and used for authentication.


If no tenant is present in the basepath, Aritma ID will use a default tenant for backwards compatibility.

All tokens are created in a tenanted scope and includes a `tid` claim with the tenant id.

## Find or create your own tenant

We do not provide self service to create or find tenants. Please contact [Support](mailto:support@aritma.com)
to resolve any issues related to tenants.