Multi-Tenant Architecture

Mesachat's multi-tenant system provides complete isolation between organizations while sharing infrastructure efficiently.

Tenant Hierarchy

Tenant
├── Bots
│   ├── Integrations (Telegram, Email, etc.)
│   ├── AI Configuration (model, temperature, etc.)
│   └── Capabilities (agents, tools)
├── API Keys (BYOK + platform-provided)
├── Authorized Channels
├── Users
└── Configuration

Tenant Types

Type	Description	Use Case
Personal	1:1 with a user	Individual users
Organization	Shared workspace	Teams, companies

Isolation Guarantees

Data Isolation

All data is scoped to a tenant:

Conversation history
Bot configurations
API keys
Authorized channels

Configuration Isolation

Each tenant can independently configure:

LLM providers and models
Agent behavior and capabilities
Context window settings
Archival policies

Encryption Isolation

Per-tenant encryption keys enable:

Crypto-shredding — Delete all tenant data by destroying the key
Independent key rotation — Each tenant manages their own schedule
Compliance — Meet per-customer encryption requirements

Creating a Tenant

Tenants are managed through the Admin Console at Tenants in the sidebar. See the Admin Console guide for details.

Tenant Hierarchy​

Tenant Types​

Isolation Guarantees​

Data Isolation​

Configuration Isolation​

Encryption Isolation​

Creating a Tenant​