Cloud Services

Service Provider

Customer tenant page management
Published On May 07, 2024 - 4:27 PM

Customer tenant page management

Learn how to create, update, or delete new tenants, and enable applications from one single place.
Service Provider is currently a
Tech Preview
to provide you with access to new features so that Kyndryl Modern Operations Applications hears your feedback and works on delivering features that meet your needs.
To access the customer tenants page, follow these steps:
  1. Click the
    Main menu
    on the left side of the page.
  2. Select the
  3. Click
    Manage Tenants
    . The
    Manage Customer Tenant
    page opens.
Manage customer tenant landing page, showing a list of all available customer tenants
Once in the Manage customer tenant page, you can perform a series of actions including the following:
  • Creating a customer tenant
  • Viewing all customer tenants
    • Using filters
  • See tenant details
  • Proxying into a customer tenant (with delegated access)
  • Force refresh tenant
  • Updating a customer tenant
  • Disabling a customer tenant
  • Enabling a customer tenant
  • Deleting a customer tenant
  • Managing customer tenant connections
  • Distributing customer tenant actions

Creating a customer tenant

To create a new customer tenant, go to the manage customer tenant page and follow these steps:
  1. Click
    Add New
  2. Select
    Add New Customer Tenant
    . The create customer tenant window opens.
  3. Fill out the new tenant's information:
    1. Customer name.
    2. Tenant hostname
      : The system automatically populates the tenant hostname field based on the
      Customer name
      that you input, and with the default domain. If needed, you can change the domain to be used in the customer tenant's URL.
      1. Examples:
        , or
      2. The Service Provider Administration portal supports multiple domains, so you can create a customer tenant using your preferred custom domain. You can set a unique URL domain for each of the customers onboarded into your platform. This is very valuable as Kyndryl understands the business need to white-label your customer tenants with your own branding and portal name. In this way, your customers can have a seamless experience using your cloud management platform. Currently, the Service Provider Administration portal supports multi-domains and multi-certifications that have been pre-configured by the Kyndryl administrator. To register your own domain and SSL certificates please contact your Kyndryl administrator.
    3. Customer email
      : Enter the email address that receives the invitation to join the tenant. The user accepting this invitation becomes the customer tenant administrator.
    4. Toggle on or off
      White labeling in Customer Tenant
      to allow or restrict your customer tenant white-labeling capabilities. To learn more about the capabilities that you have, see the Kyndryl Modern Operations Applications white-labeling page.
    5. Toggle on or off
      Connection Manager
      to allow or restrict your customer tenant the management of their own connections.
      1. When the toggle is
        , the connections page in the customer tenant displays the following message:
        'Connection is restricted. Capability to manage Connections is restricted in this platform by your Service Provider.'
        This will prevent your customer to add connections and delete existing ones.
    6. Cloud Provider
      : By default all cloud providers are selected. Deselect the ones that you do not want to make available for your customer.
    7. Identity provider
      : From the drop-down menu, select the primary IdP to be used for authenticating the customer tenant users. The list of IdPs depends on the available IdPs that you added to your platform. If it is not on the list, configure the required identity provider.
    8. Select the
      logging levels
      for each of the Services.
    9. Toggle on or off the
      Feature flags
      to enable or disable specific features or functionalities for your customer tenant.
    To learn more about what a logging level is and the categories of flags, see Feature Flags.
  4. Click
  5. In the next window (
    Select Applications
    ), select all the applications that you want to enable for your customer. Some applications have dependencies; hence, the system will automatically select the dependencies associated with the application that you selected.
    red warning icon
    is displayed next to an application that requires you to add some other values. Additionally, the
    Save and Close
    button to complete the tenant creation may appear grayed out if the minimal required apps and values are not selected. See more details in the following table.
  6. Toggle on or off the flags for the
    and select the logging levels for each.
  7. Toggle on or off the
    Feature flags
    to enable or disable specific features or functionalities for your customer tenant.
  8. To complete the customer tenant creation, click
    Save and Close
CorePlus  Insights
Enterprise Marketplace
You can exit the applications windows and then go back without losing the configurations and values previously selected. Also, all configurations can be changed later if you decide to make any updates.
After successful creation of the tenant, you are redirected to the tenant's list page. If your tenant is not displayed, refresh the page.
Additionally, if the operations returns a
status, you can click the failed tenant, highlighted in red font, to go to the
tenant details
screen to learn more details.

Feature flags

Feature flags are a simple mechanism that allows the Service Provider Administration portal to enable or disable a function at runtime in the customer tenant level without having to deploy the code. Feature flags provide the ability for the service provider administrator to release new features to target customer tenants, without making them visible to all customers.
There are two broad categories of feature flags:
Service flags
Feature flags
Services are micro services needed for the platform to perform the base functionalities in the system. This coarse-grained support makes it very easy to add a new micro service and immediately have it available in the environment. Service flags allows you to enable or disable a micro service.
Service logging settings
Logging levels provide control to enable each micros service within an application to have a unique logging level set on a per tenant basis. In a multi-tenant world, there is a high potential for logging overload. This is exacerbated greatly when there are hundreds of tenants all being processed by the same pod or micro service. Support is given within the platform to enable control of individual logging levels for each micro service and customer tenant. It is highly recommended that you only log
at the default (lowest) logging level. Otherwise, much data will be present in your logs, which makes it difficult to isolate a problem.
Logging levels and their values
  • 0 -
    (only errors)
  • 1 -
    (execution of scheduled task or jobs and details on any API call that you return 400+ on)
  • 2 -
    (mostly everything to solve 95% of problems)
  • 3 -
    (you may include heap, thread-IDs, and more
Feature flags
These are fine-grained flags that should be used to release or expose a particular feature or functionality within a micro service of the platform. They are also called
experimental flags
because they serve to expose a particular feature in a customer tenant user interface so that your customers can opt-in and try that particular feature.

Viewing all customer tenants

The Manage Customer Tenant page displays a list of all the existing customer tenants that you have created, with their more relevant details.
If you do not have any customer tenants created yet and need to get started, see Creating a customer tenant.

Using filters

manage customer tenant
page offers a dropdown menu filter that you can select to visualize only the category of your interest, including the following:
  • Tenant Status
    : You can filter by status, based on the stage where the customer tenant is at.
  • Broker
    : You can filter by application, based on what has been made available to your customer tenants.
  • Broker Status
    : You can filter by status of the application.
Another way to search for your tenants is by typing the
tenant name
, or
in the
Search bar
Also, you can sort the list of tenants by clicking the heading columns, which includes sorting by name, URL, last login, and users.
See more details about the meaning of the statuses in the following table:
In Progress
The provisioning, deprovisioning, or updating operation is taking place. The system is working on the operation.
The provisioning, deprovisioning, or updating operation has failed.
The provisioning, deprovisioning, or updating operation has succeeded.
The application is taking whatever action necessary to create a new resource.
The application has created the new resource.
The application is deleting any resources it previously created. Usually, this means that all resources are immediately reclaimed.
The application has deleted the resources it previously created.
The application is requesting the generation of a service binding. Not all services need to be bindable, some deliver value just from being provisioned.
The application has created a service binding.
The application is deleting the service binding. In the case where credentials were generated, this might result in requests to the Service Instance failing to authenticate.
The application has deleted the service binding.
The application is modifying the previously created resource.
The application has modified the resource.
Kyndryl Open Service Broker API is based on the Open Service Broker (OSB) API specification.

Tenant details

As a Service Provider Administrator, you have the ability to see all details of a tenant. This is particularly helpful when an error or failed status is returned while creating, disabling, enabling or deleting a customer tenant. The tenant details page includes the following data:
  • Tenant details section
    • Tenant name
    • Status
    • Host name
    • API URL
    • IdP
    • Customer email
    • Creation date and time
    • Update date and time
  • Applications section
    • Service name
    • Application name
    • Status
    • Creation date and time
    • Update date and time
    • Error
    • Description
  • Logs section
    : You can see and copy the logs to take further actions.

Proxying into a customer tenant (with delegated access)

From the
Manage customer tenants
page, simply select the
Tenant URL
that you want to access. This will log you to your customer tenant in a separate tab, where you can interact and perform a set of actions to provide the needed support. The following is a list of actions that you can perform on your customer tenant:
  • White-labelling capabilities
Whenever a service provider logs into a customer tenant or executes any action, audit records register the action as a specific service provider tenant user ID, and not as an individual member of the customer tenant or the individual proxying into the customer tenant from the service provider tenant manager.
The delegated access permission displayed on the tenant banner, confirming you have logged in from a service provider tenant.

Force refresh tenants

Often, you may need to force refresh a customer tenant in case the resource failed to complete its action. This allows you to quickly refresh the applications actions, instead of going into the tenant to re-do the updates.
To apply a force refresh, follow these steps:
  1. Go to the manage customer tenants page.
  2. From the list of customer tenants, click the
    menu next to the name of the tenant that you want to refresh.
  3. Select
    Force Refresh Tenant
  4. Confirm the force refresh.

Updating a customer tenant

To update an existing customer tenant, go to the manage customer tenant page and follow these steps:
  1. From the list of customer tenants, click the
    overflow menu
    next to the name of the tenant that you want to update.
  2. Select
    Edit Tenant
  3. Make the necessary updates to the tenant details and click
  4. Make the necessary updates to tenant's applications and click
    Save & Close
    to save your changes. Take into consideration the application's dependencies and make sure they are selected.
In the
Edit Customer Tenant
details page, you can
Resend invitation
to a tenant that has not activated the user account yet, and also
Add Additional Identity Providers
to be available for the customer tenant. However, the primary IdP of those tenants that have been onboarded cannot be changed.
To learn how to add additional IdPs to the platform, see Managing IdPs.

Disabling a customer tenant

By default, all customer tenants created are enabled. Often, you may want to block access to a customer tenant for multiple reasons, regardless of its status. To disable an existing customer tenant, go to the tenants page and follow these steps:
  1. From the list of customer tenants, click the
    overflow menu
    next to the tenant that you want to disable.
  2. Select
    Disable Tenant
  3. Confirm the disablement.
When a tenant has been disabled and your customer tries to access that tenant, the following error message is displayed:
'Sorry you can no longer access this Platform, it has been disabled by your Service Provider. To enable it please contact your Service Provider.'

Enabling a customer tenant

Let us pretend that the customer tenant that you disabled before is ready to go back online. To enable back a previously disabled customer tenant, go to the tenants page and follow these steps:
  1. From the list of customer tenants, click the
    overflow menu
    next to the tenant that you want to enable.
  2. Select
    Enable Tenant
  3. Confirm the enablement.

Deleting a customer tenant

To delete an existing customer tenant, go to the tenants page and follow these steps:
  1. From the list of customer tenants, click the
    overflow menu
    next to the tenant that you want to delete.
  2. Click
    Delete Tenant
  3. Confirm the deletion by typing the message un the box.
Tenant records will no longer be available. You cannot undo the deletion action.

Customer tenant actions

Your customers have access to a wide array of capabilities within their tenant, including the following:
Do you have two minutes for a quick survey?
Take Survey