Context and Problem Statement¶

The Cloud Agent in multi-tenancy is still a single agent running, however, some of the resources are now shared between the tenants of the agent. Each tenant has their own keys, with their own DIDs, connections. Transports and most of the settings are still shared between agents. All the API endpoints are same from outside

Multi-tenancy, message routing can be used to ensure that messages are delivered only to the intended recipient or tenants, and not to unauthorized tenants.

Backend services: Cloud Agent use PostgreSQL. Authentication and authorization

sequenceDiagram
autonumber
actor H as Holder(DidComm)
actor T as Tenant(Issuer)
participant A as CloudAgent
participant W as Wallet
participant DB as Database[did <- tenantId]
T->>A: Register Tenant
activate A
A->>W: Create wallet
        activate W
            note over W: Each Tenant has his own wallet where keys and dids are stored
            W-->>A: tenantId
        deactivate W
        note over T, A: Subsequent requests include JWT header
        activate DB
            note over DB: did -> tenantId or did -> walletId
            T->>A: Create PeerDID[JWT Header]
            A->>A: authorised token extract tenantID
            alt JWT validation
                A-->>T: 200 OK & JWT
            else No user
                A-->>T: 401 Unauthorized
            end
            T-->>A: If authorised Create PeerDID
            A-->>DB: Update [DID(PeerDID) -> tenantID]
            A->>H: send DIDCOMM message to holder did
        deactivate DB
deactivate A
activate H
    H->>A: DIDCOMMV2 message to Agent(did)
    A-->>DB:lookup to Agent DID identify tenantId
    A-->>A:decrypt message
deactivate H