Knogin
[Management]

Tenant and Organization Management

A state police agency shares a platform with thirty county sheriffs and two federal task forces.

Module metadata

A state police agency shares a platform with thirty county sheriffs and two federal task forces.

Back to All Modules

Source reference

content/modules/tenant-organization-management.md

Last Updated

Feb 23, 2026

Category

Management

Content checksum

de294e79f0734008

Tags

managementaireal-timecomplianceblockchain

Overview#

A state police agency shares a platform with thirty county sheriffs and two federal task forces. Each agency has its own data, its own users, and its own compliance obligations. Some share specific case files; none should see each other's unshared records. At the same time, the platform administrator needs to provision a new county sheriff's office in under an hour, not a week of manual database configuration.

Tenant and Organization Management handles all of this through strict multi-tenant isolation, hierarchical organisation structures, and dynamic resource allocation. Multi-agency law enforcement platforms, SaaS providers, and government shared services depend on these controls to maintain complete data sovereignty while enabling cross-tenant collaboration when explicitly authorised. All data is stored in PostgreSQL with 

organization_id
enforced on every query, and encryption keys are unique per tenant.

Mermaid diagram
flowchart TD
    subgraph Platform [Argus Platform]
        A[Platform Admin\nTenant Provisioning]
        A --> T1[Tenant: State Police]
        A --> T2[Tenant: County Sheriff A]
        A --> T3[Tenant: Federal Task Force]
        T1 --> O1[Org: HQ]
        T1 --> O2[Org: Region North]
        T1 --> O3[Org: Region South]
        T2 --> O4[Org: Sheriff Main]
        T3 --> O5[Org: Task Force Unit]
    end
    subgraph Isolation [Data Isolation]
        I1[Unique Encryption Keys\nper Tenant]
        I2[organization_id\non All Queries]
        I3[COI Channels\nfor Controlled Sharing]
    end
    T1 & T2 & T3 --> I1 & I2
    O2 & O4 --> I3

Key Features#

Multi-Tenant Isolation#

Complete logical and cryptographic separation between tenants ensures data security and regulatory compliance. Each tenant has unique encryption keys, so data at rest is inaccessible across tenant boundaries. Optional dedicated infrastructure is available for regulated environments that require physical isolation in addition to logical separation.

Hierarchical Organisation Structure#

Build complex organisational hierarchies that mirror real-world structures, from global enterprises to local field offices. Parent-child relationships support unlimited depth with automatic permission inheritance from parent to child organisations, reducing administrative overhead when managing large agency networks.

Resource Quotas and Allocation#

Dynamically allocate and manage resources across organisations with real-time monitoring and automated enforcement. User licence counts, compute allocation for AI workloads, and API call budgets are all configurable per tenant with alerting when usage approaches defined limits.

Cross-Tenant Collaboration#

Securely share data and collaborate across tenant boundaries through explicit COI channels and sharing agreements. Joint investigations allow multiple agencies to collaborate on shared cases while each agency's unshared data remains invisible to the other. Every cross-tenant access event is logged to the audit trail.

Tenant Analytics and Reporting#

Visibility into tenant health, usage patterns, and operational metrics gives platform administrators an accurate picture of the estate. Daily and monthly active user counts, feature adoption rates, and resource utilisation inform capacity planning and support billing accuracy.

Tenant Lifecycle Management#

Automated onboarding with approval workflows reduces time-to-productive from days to hours. Configuration templates for common deployment scenarios (law enforcement, intelligence, government services) ensure new tenants start with appropriate defaults rather than blank slates. Decommissioning workflows handle data retention obligations before accounts are closed.

Deployment Models#

Cloud-Hosted (Recommended): Fully managed on global infrastructure with automatic updates and security patches. Zero maintenance required from the customer organisation.

Dedicated Infrastructure: Isolated worker instances with a custom subdomain (for example, 

agency.argus.knogin.com
). Suitable for organisations with strict data residency or network isolation requirements.

Use Cases#

  • Multi-agency law enforcement platforms with strict inter-agency data boundaries
  • State and regional intelligence fusion centres requiring controlled cross-tenant sharing
  • Federal shared services across departments with independent billing and quota management
  • International coalition operations using COI channels for classified information exchange
  • County-level government with multiple departments each requiring separate data isolation

Integration#

  • Automated monthly invoice generation per organisation with government-compatible procurement workflows
  • Budget management with alerting on overruns and shared-services cost recovery models
  • Compute auto-scaling for AI and ML workloads tied to tenant resource quotas
  • PostgreSQL as the primary data store with 
    organization_id
    scoped on all queries across all 153 platform integrations

Last Reviewed: 2026-02-23 Last Updated: 2026-04-14