Platform OverviewTenants & brands

Tenants & brands

PlaylogiQ is multi-tenant and multi-brand. Understanding this hierarchy is key to understanding data isolation, RBAC, and the integration model.

The hierarchy

Platform
└── Tenant (operator)         e.g. "Acme Gaming Ltd"
    └── Brand (skin)          e.g. "VivaFortuna", "LuckySpin"
        └── Player            scoped to exactly one brand
  • A tenant is an operator organization.
  • A brand is a skin/site under a tenant. A tenant has one or more brands.
  • A player belongs to exactly one brand (and therefore one tenant).

Almost every table carries both tenant_id and brand_id. Brand is the primary isolation boundary for player-facing data.

Isolation is enforced in the database

Isolation is not left to application code. Every brand-scoped table has Row-Level Security (RLS) policies that constrain what a signed-in user can read/write, based on the brands they’re assigned. Helper functions (auth_brand_ids(), auth_tenant_ids()) resolve a user’s visible scope, and permission checks (auth_has_permission, auth_has_tenant_permission) gate writes. See Database & RLS.

The active brand

The operator dashboard is scoped to one active brand at a time, chosen in the header switcher. Every data surface (players, KPIs, segments, analytics) reflects that brand. The Platform Owner (super_admin) is cross-tenant: they can switch to any brand across any tenant, or view an “All brands” aggregate.

Brand-scoped integration

Because a brand is the isolation boundary, the PAM integration is brand-scoped too: an ingestion API key is pinned to a brand, and the mapping that translates the PAM’s events is configured per brand. A key or mapping can never reach across the brand boundary. See PAM Integration → Authentication.

The Platform console

The Platform Owner (super_admin) also has a dedicated cross-tenant Platform area (/platform, including tenant management at /platform/tenants) for operating every tenant. Combined with the “All brands” aggregate in the brand switcher, this is how the whole platform is administered from the normal app — there is no separate admin application, and the same RLS rules apply.

Roles across the hierarchy

Roles range from super_admin (Platform Owner, cross-tenant) down through tenant_admin, campaign_manager, analyst, and viewer, with granular permissions that can be assigned per brand. See RBAC & permissions and the operator Settings & RBAC guide.