Where you start
- Default landing:
/console/owner/tenants. - Sidebar: tenants, plans, modules, audit, analytics.
Provision a new tenant
- /console/owner/tenants → Create Tenant.
- Fill name, slug (immutable!), tax ID, address, contacts, plan.
- Approve. Status → active.
- Set up Owner Login → email + auto-gen password.
- Send credentials securely (1Password share).
- Enable modules.
- Email customer: Foundations + relevant OS guides.
Tenant lifecycle
- Active ↔ Suspended — set status; communicate first unless security incident.
- Archived — when churned. 12-month retention before purge.
- Free Platform Access — toggle on; quarterly review.
Monthly run
- 1st of month: POST /api/owner/billing/subscriptions/run.
- Dry Run first; review counters.
- Real run if counters match.
- Investigate any payment_failed status next morning.
Critical do's and don'ts
- Slug is immutable — triple-check before saving.
- Impersonation is logged forever — only do it with permission, document in modal.
- Cross-tenant data leak = P0. Capture screenshots, escalate to engineering + legal immediately.
- Treat your owner credentials like nuclear codes — strong unique password, no sharing.
Top runbooks
- Provider outage (Resend/Stripe/AWB/Shopify).
- Webhook delivery backlog.
- API credential leak.
- Replay storm.
- Cross-tenant data leak (P0).
- See Platform Admin Manual for full step-by-step.
Trenvar Internal — info@trenvar.com · www.trenvar.com · Escalate per Platform Admin Manual Chapter 31.