Skip to content

Tenant-aware configuration

Each tenant can override a fixed set of configuration properties. Overrides are stored per tenant and resolved on every request, so different tenants see different values for the same key without separate deployments.

Multi-tenancy itself is covered in /help/operate/tenants and /help/concepts/multi-tenancy.

Resolution precedence

A configuration value is resolved in this order (first match wins):

  1. Runtime value set programmatically in the instance.
  2. Tenant override (the current tenant's stored value).
  3. Environment variable or system property.
  4. Deployment .properties.
  5. Module defaults.

So a tenant override takes precedence over environment variables and property files, but never over a value set programmatically at runtime. Overrides apply only within the scope of a request that belongs to that tenant.

What can be overridden

Only an explicit allow-list of full keys is overridable - there are no wildcards, and infrastructure keys (database, repository, security, multi-tenancy) can never be overridden. For now the allow-list is the branding properties:

KeyPurpose
DIRIGIBLE_BRANDING_NAMEProduct name.
DIRIGIBLE_BRANDING_SUBTITLESubtitle.
DIRIGIBLE_BRANDING_BRANDBrand label.
DIRIGIBLE_BRANDING_BRAND_URLBrand link.
DIRIGIBLE_BRANDING_FAVICONFavicon path.
DIRIGIBLE_BRANDING_THEMEDefault theme.
DIRIGIBLE_BRANDING_PREFIXStorage/key prefix.
DIRIGIBLE_BRANDING_ANALYTICSAnalytics snippet.

Leaving a value empty removes the override, so the property falls back to the platform default.

TIP

A key that is not on the allow-list can still be stored, but it stays inert - it is never injected into the running configuration.

Managing overrides in the UI

In the application shell, open Settings and select Tenant Configuration. Each predefined property is shown with its current value for the tenant; edit the values and choose Save. Reload re-reads the stored values.

The view requires the ADMINISTRATOR or OPERATOR role.

REST API

All endpoints operate on the current tenant and require ADMINISTRATOR or OPERATOR.

MethodPathPurpose
GET/services/core/configurations/tenantList the tenant's stored entries.
GET/services/core/configurations/tenant/predefinedList every overridable key with the tenant's value (null if unset).
PUT/services/core/configurations/tenantStore an entry: body { "key": "...", "value": "..." }.
DELETE/services/core/configurations/tenant?key=<KEY>Remove an override.

Storage

Overrides live in a DIRIGIBLE_CONFIGURATIONS table inside each tenant's own database schema (created on first use). Values are cached in memory per tenant and refreshed when changed through this instance.

Extending the allow-list

The set of overridable keys is defined in the platform (the tenant configuration key policy). Adding a new key is a platform change, not a runtime setting - the consuming code must also read the value per request (values cached at startup will not reflect per-tenant overrides). See the platform repository guidance for the exact steps.

Released under the EPL-2.0 License.