multitenancy

[fmiu-imperosoftware]

Some thoughts regarding multitenancy. In our (Impero) implementation a tenant corresponds to an account (company).

At some point some accounts (tenants) need to be deleted (the customer give up, the account expires etc) so their related data from mps/rps should be also deleted. This involves deleting all mps/rps entities cira/domains/profiles/wifis/devices and related secrets.

So my understaning for this problem is:

• Rps cira/domains/profiles/wifis can be removed by specific delete api's.
• The devices need to be amt deactivated (this will remove the secrets too) first and then deleted (just delete them from MPS and then disconnect will leave the device provisioned and also the device secrets will not be removed).

However sometimes deactivating cannot be done (network cable unplugged etc). In this case deactivating api may be retried after a reasonable delay, hoping the connection will be restored. But this cannot happen forever, at some point if the device is still not available it can be deleted from MPS, but this will leave the secrets ... So for this case another api for completely delete the device (mps/cirasocket/secrets) would be useful (the device will remain amt activated but at least mps/rps will not remain with bogus data).

For administrative purposes some multitenancy api's would be useful also. Deleting tenants from mps/rps may fail in some cases (power failures, network problems) and retrying to remove there related data cannot be done forever.
One option would be to periodically query the mps/rps servers for tenant data and check it. If the tenant id is known, no problem, with a proper api call everything can be retrieved. But if the tenant is unknown (the correspondent account was deleted) there is no method to get tenant info from mps/rps and check that these tenants are still valid. This may happen if after deleting an account the process of deleting mps/rps correspondent data fails due to one of the reasons described above.
It may be useful to have some api's which retrieve cira/domains/profiles/wifis/devices unique tenants (like the one for device tags), to be able to check if the tenants accounts still exists. These apis should require some sort of admin access so not anyone with an access token may get all tenants id's.