Tenants & brands
PlaylogiQ is multi-tenant and multi-brand. Understanding this hierarchy is key to understanding data isolation, RBAC, and the integration model.
The hierarchy
Platform
└── Tenant (operator) e.g. "Acme Gaming Ltd"
└── Brand (skin) e.g. "VivaFortuna", "LuckySpin"
└── Player scoped to exactly one brand- A tenant is an operator organization.
- A brand is a skin/site under a tenant. A tenant has one or more brands.
- A player belongs to exactly one brand (and therefore one tenant).
Almost every table carries both tenant_id and brand_id. Brand is the primary
isolation boundary for player-facing data.
Isolation is enforced in the database
Isolation is not left to application code. Every brand-scoped table has
Row-Level Security (RLS) policies that constrain what a signed-in user can
read/write, based on the brands they’re assigned. Helper functions
(auth_brand_ids(), auth_tenant_ids()) resolve a user’s visible scope, and
permission checks (auth_has_permission, auth_has_tenant_permission) gate
writes. See Database & RLS.
The active brand
The operator dashboard is scoped to one active brand at a time, chosen in the header switcher. Every data surface (players, KPIs, segments, analytics) reflects that brand. The Platform Owner (super_admin) is cross-tenant: they can switch to any brand across any tenant, or view an “All brands” aggregate.
Brand-scoped integration
Because a brand is the isolation boundary, the PAM integration is brand-scoped too: an ingestion API key is pinned to a brand, and the mapping that translates the PAM’s events is configured per brand. A key or mapping can never reach across the brand boundary. See PAM Integration → Authentication.
The Platform console
The Platform Owner (super_admin) also has a dedicated cross-tenant Platform
area (/platform, including tenant management at /platform/tenants) for
operating every tenant. Combined with the “All brands” aggregate in the brand
switcher, this is how the whole platform is administered from the normal app —
there is no separate admin application, and the same RLS rules apply.
Roles across the hierarchy
Roles range from super_admin (Platform Owner, cross-tenant) down through tenant_admin, campaign_manager, analyst, and viewer, with granular permissions that can be assigned per brand. See RBAC & permissions and the operator Settings & RBAC guide.