PrimusSaaS.MultiTenancy 1.2.0

.NET 8.0

dotnet add package PrimusSaaS.MultiTenancy --version 1.2.0

NuGet\Install-Package PrimusSaaS.MultiTenancy -Version 1.2.0

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="PrimusSaaS.MultiTenancy" Version="1.2.0" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

<PackageVersion Include="PrimusSaaS.MultiTenancy" Version="1.2.0" />
 

 Directory.Packages.props

<PackageReference Include="PrimusSaaS.MultiTenancy" />
 

 Project file

For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.

paket add PrimusSaaS.MultiTenancy --version 1.2.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: PrimusSaaS.MultiTenancy, 1.2.0"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

#:package PrimusSaaS.MultiTenancy@1.2.0

#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.

#addin nuget:?package=PrimusSaaS.MultiTenancy&version=1.2.0
 

 Install as a Cake Addin

#tool nuget:?package=PrimusSaaS.MultiTenancy&version=1.2.0
 

 Install as a Cake Tool

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

PrimusSaaS.MultiTenancy

Release status: stable.

Core package for tenant context, resolution contracts, and multi-tenancy options.

The core runtime and package integrations are validated in the current workspace. Remaining work is ecosystem expansion and broader repo hygiene, not a current code-path release blocker.

Validation

Current workspace validation: 479/479 tests passed on net8.0, net9.0, and net10.0
Current workspace validation: coverage stayed above the configured threshold on all three frameworks (97.05% line / 87.77% branch on net8.0)
Scope boundary: core resolution/isolation/runtime only; tenant provisioning and platform workflows stay outside the core package

Telemetry

Emits ActivitySource spans for tenant resolution, isolation, propagation, diagnostics, and feature-flag bridge flows.
Consumers still need to wire their own exporter if they want those spans collected outside the process.
The package intentionally stays exporter-agnostic and does not force a telemetry backend.

For a verified new-app onboarding path that combines Identity Validator + Multi-Tenancy + RBAC in one ASP.NET Core host, use the Docusaurus guide at /docs/modules/combined-dotnet-integration.

Quick start

builder.Services.AddPrimusMultiTenancy(options =>
{
 options.TenantClaimType = "tid";
 options.TenantHeaderName = "X-Tenant-Id";
 options.TenantRouteKey = "tenantId";
 options.EnableSubdomainResolution = false;
 options.RequireTenantOnAuthenticatedRequests = true;
 options.EnableTenantRateLimiting = true;
 options.RateLimitMaxRequests = 100;
 options.RateLimitWindow = TimeSpan.FromMinutes(1);
});

Options reference

Option	Type	Default	Description
`TenantClaimType`	`string`	`"tid"`	Primary JWT claim name read by `ClaimsTenantResolutionStrategy`
`TenantClaimTypes`	`string[]`	`["tid","tenant_id","tenantId","org_id"]`	Ordered tenant claim fallbacks checked by `ClaimsTenantResolutionStrategy`
`TenantHeaderName`	`string`	`"X-Tenant-Id"`	HTTP header name read by `HeaderTenantResolutionStrategy`
`TenantRouteKey`	`string`	`"tenantId"`	Route parameter name read by `RouteTenantResolutionStrategy`
`EnableSubdomainResolution`	`bool`	`false`	Activates `SubdomainTenantResolutionStrategy` (reads HTTP `Host` header)
`RequireTenantOnAuthenticatedRequests`	`bool`	`true`	Isolation middleware returns `401` when an authenticated request has no tenant context
`EnableTenantRateLimiting`	`bool`	`true`	Activates per-tenant rate limiting in `TenantRateLimitMiddleware`
`RateLimitMaxRequests`	`int`	`100`	Maximum requests per tenant per window
`RateLimitWindow`	`TimeSpan`	`00:01:00`	Rate-limit sliding window duration
`SuperAdminClaimType`	`string`	`"primus:role"`	Claim type checked for tenant bypass
`SuperAdminClaimValue`	`string`	`"superadmin"`	Claim value required to activate bypass
`PerTenantRateLimits`	`Dictionary<string, TenantRateLimitPolicy>`	empty	Per-tenant override for max/window

Default resolver precedence

Claims (TenantClaimType)
Header (TenantHeaderName)
Route value (TenantRouteKey)
Subdomain — opt-in via EnableSubdomainResolution
Active membership via ITenantMembershipStore

Related packages

PrimusSaaS.MultiTenancy.AspNetCore — middleware pipeline extensions (UsePrimusTenantResolution, UsePrimusTenantIsolation, UsePrimusTenantRateLimiting)
PrimusSaaS.MultiTenancy.EFCore — write interceptor and ModelBuilder schema enforcement
PrimusSaaS.MultiTenancy.InMemory — in-memory ITenantMembershipStore for development and tests
PrimusSaaS.MultiTenancy.Dapper — Dapper + PostgreSQL / SQL Server tenant and membership stores
PrimusSaaS.MultiTenancy.MongoDB — MongoDB tenant and membership stores
PrimusSaaS.MultiTenancy.CosmosDB — Azure Cosmos DB tenant and membership stores
PrimusSaaS.MultiTenancy.Redis — Redis-backed ITenantStore and ITenantRateLimiter
PrimusSaaS.MultiTenancy.FeatureFlags — tenant-scoped feature flag bridge to PrimusSaaS.FeatureFlags

Security

These configuration defaults are safe for local development but must be reviewed before deploying to staging or production:

1. TrustedHeaderSourceIPs — header tenant injection risk

TrustedHeaderSourceIPs defaults to an empty set. When empty, the HeaderTenantResolutionStrategy accepts X-Tenant-Id from any client IP, allowing a malicious caller to inject an arbitrary tenant.

Required in staging/production: either configure a trusted IP list, or register AddPrimusMultiTenancyMembershipValidatedSelection() so header values are validated against the caller's actual memberships before acceptance. The production/staging startup validator (MultiTenancyProductionValidationHostedService) will throw at startup if HeaderTenantResolutionStrategy is active without MembershipValidatedTenantResolutionStrategy.

options.TrustedHeaderSourceIPs = new HashSet<string> { "10.0.0.1", "10.0.0.2" }; // internal proxies only

2. AllowedPropagationHosts — tenant ID leakage to third-party APIs

AllowedPropagationHosts defaults to an empty set. When empty, the TenantPropagationDelegatingHandler forwards the X-Tenant-Id header to every outbound HttpClient call, including calls to third-party payment providers, analytics services, and external APIs.

Required in staging/production: configure the set of internal hosts to limit propagation:

options.AllowedPropagationHosts = new HashSet<string>
{
 "api.internal.example.com",
 "payments.internal.example.com"
};

3. MapPrimusTenantManagementEndpoints — admin endpoints unsecured by default

MapPrimusTenantManagementEndpoints() with no authorizationPolicy parameter maps full tenant CRUD (create, update, suspend, hard-delete, offboard) with no authentication.

Always pass a policy in staging/production:

app.MapPrimusTenantManagementEndpoints(
 pattern: "/admin/tenants",
 authorizationPolicy: "PrimusPlatformAdmin");

A warning is logged at startup when endpoints are mapped without a policy.

New extension points

TenantContextSnapshot — preferred unified snapshot API for capturing, transporting, and restoring tenant state across request and background execution scopes.
ITenantRateLimiter — plug in a distributed limiter implementation (for example Redis-backed) to enforce tenant limits across instances.
ITenantStore helper extensions: SuspendTenantAsync(...), ActivateTenantAsync(...), SoftDeleteTenantAsync(...)
ITenantMembershipStore helper extension: GetAccessibleTenantsAsync(...) for tenant switcher scenarios
AddPrimusMultiTenancyMembershipCaching(...) — wraps the registered membership store with IMemoryCache.
ITenantDataRetentionService — contract for deleting all tenant-owned data during offboarding.
ITenantFeatureFlagBridge — default bridge to PrimusSaaS.FeatureFlags that fail-closes when no flag service is registered.

Product	Versions Compatible and additional computed target framework versions.
.NET	net8.0 net8.0 is compatible. net8.0-android net8.0-android was computed. net8.0-browser net8.0-browser was computed. net8.0-ios net8.0-ios was computed. net8.0-maccatalyst net8.0-maccatalyst was computed. net8.0-macos net8.0-macos was computed. net8.0-tvos net8.0-tvos was computed. net8.0-windows net8.0-windows was computed. net9.0 net9.0 is compatible. net9.0-android net9.0-android was computed. net9.0-browser net9.0-browser was computed. net9.0-ios net9.0-ios was computed. net9.0-maccatalyst net9.0-maccatalyst was computed. net9.0-macos net9.0-macos was computed. net9.0-tvos net9.0-tvos was computed. net9.0-windows net9.0-windows was computed. net10.0 net10.0 is compatible. net10.0-android net10.0-android was computed. net10.0-browser net10.0-browser was computed. net10.0-ios net10.0-ios was computed. net10.0-maccatalyst net10.0-maccatalyst was computed. net10.0-macos net10.0-macos was computed. net10.0-tvos net10.0-tvos was computed. net10.0-windows net10.0-windows was computed.

Product

Versions Compatible and additional computed target framework versions.

.NET

net8.0 net8.0 is compatible. net8.0-android net8.0-android was computed. net8.0-browser net8.0-browser was computed. net8.0-ios net8.0-ios was computed. net8.0-maccatalyst net8.0-maccatalyst was computed. net8.0-macos net8.0-macos was computed. net8.0-tvos net8.0-tvos was computed. net8.0-windows net8.0-windows was computed. net9.0 net9.0 is compatible. net9.0-android net9.0-android was computed. net9.0-browser net9.0-browser was computed. net9.0-ios net9.0-ios was computed. net9.0-maccatalyst net9.0-maccatalyst was computed. net9.0-macos net9.0-macos was computed. net9.0-tvos net9.0-tvos was computed. net9.0-windows net9.0-windows was computed. net10.0 net10.0 is compatible. net10.0-android net10.0-android was computed. net10.0-browser net10.0-browser was computed. net10.0-ios net10.0-ios was computed. net10.0-maccatalyst net10.0-maccatalyst was computed. net10.0-macos net10.0-macos was computed. net10.0-tvos net10.0-tvos was computed. net10.0-windows net10.0-windows was computed.

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

net10.0
- Microsoft.Extensions.Caching.Memory (>= 10.0.5)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 10.0.5)
- Microsoft.Extensions.Options (>= 10.0.5)
- PrimusSaaS.Rbac (>= 2.0.1)
net8.0
- Microsoft.Extensions.Caching.Memory (>= 10.0.5)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 10.0.5)
- Microsoft.Extensions.Options (>= 10.0.5)
- PrimusSaaS.Rbac (>= 2.0.1)
net9.0
- Microsoft.Extensions.Caching.Memory (>= 10.0.5)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 10.0.5)
- Microsoft.Extensions.Options (>= 10.0.5)
- PrimusSaaS.Rbac (>= 2.0.1)

NuGet packages (11)

Showing the top 5 NuGet packages that depend on PrimusSaaS.MultiTenancy:

Package	Downloads
PrimusSaaS.MultiTenancy.AspNetCore ASP.NET Core middleware and helpers for PrimusSaaS.MultiTenancy.
PrimusSaaS.MultiTenancy.InMemory In-memory storage and resolver adapters for PrimusSaaS.MultiTenancy.
PrimusSaaS.Memberships.InMemory In-memory stores and bridge adapters for PrimusSaaS.Memberships development and test scenarios.
PrimusSaaS.Identity.Broker.Routing Optional tenant-aware routing composition add-on for PrimusSaaS.Identity.Broker. Adds generic host-resolution abstractions and middleware without imposing app-specific domain, slug, or provider rules.
PrimusSaaS.MultiTenancy.EFCore Entity Framework Core integration for PrimusSaaS.MultiTenancy.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last Updated
1.2.0	106	5/17/2026
1.1.1	192	4/19/2026
1.1.0	224	4/3/2026
1.0.0	311	3/31/2026

URL: https://www.nuget.org/packages/PrimusSaaS.MultiTenancy/

⇱ NuGet Gallery | PrimusSaaS.MultiTenancy 1.2.0