Tenancy in Tenantx

Plain English

Tenantx separates who runs the platform from who uses each customer account. A customer account is an organization. Inside it, workspaces subdivide operations (branches, sites, or teams). Users belong to an organization and usually work in one default workspace, while some users may access all workspaces in the org.

Diagram

Platform Admin (global)
        |
        +-- Organization A
        |       +-- Workspace A1
        |       +-- Workspace A2
        |       +-- Users (default workspace + roles)
        |
        +-- Organization B
                +-- Workspace B1
                +-- Users

organization_id vs workspace_id

• organization_id: Required on tenant data. Defines billing, permission team context, and row ownership.
• workspace_id: Present on workspace-scoped tables (stored as workspace_id in new docs; legacy DB column may still be workspace_id on some tables). Rows are visible only when the request’s current workspace matches.

workspaces_access_all (org-level users)

On profiles, workspaces_access_all (legacy name) means access all workspaces in the organization. Those users may switch the active workspace in the UI; workspace-scoped APIs still require a resolved current workspace from middleware.

getCurrentWorkspaceId() (base Controller)

In App\Http\Controllers\Controller, getCurrentWorkspaceId(Request $request) returns $request->get('current_workspace_id') (injected by workspace context middleware). If missing, it aborts 403. Use it on workspace-scoped routes; still validate the user may access that workspace (org membership, workspaces_access_all, etc.)—do not trust client-supplied ids alone.