Your data is yours alone. Complete separation, enforced at every layer.
Every tenant in IUSign is completely isolated — their documents, envelopes, signers, audit logs, and API keys are scoped to their tenant_id and cannot be accessed by any other tenant.
Every database table includes a tenant_id foreign key.
When a request arrives, the tenant resolver middleware identifies the tenant from the JWT or API key.
All subsequent queries are automatically scoped with WHERE tenant_id = ?
API keys are scoped to a specific tenant — a key from Tenant A cannot access Tenant B's data.
Feature flags control which capabilities each tenant has access to.
Usage limits are enforced per-tenant.
Tenant resolution: Extract JWT/API key → Look up tenant_id → Set request.state.tenant_id.
All API endpoints use request.state.tenant_id to scope queries.
Database schema: every table has tenant_id INTEGER REFERENCES tenants(id) with ON DELETE CASCADE.
GDPR compliance: GET /tenants/me/export returns all tenant data as JSON. DELETE /tenants/me cascades to all related records.
IUSign uses a shared-database, shared-schema multi-tenancy model. All tenants share the same SQLite database and table structure, but every row is scoped to a tenant_id.
Each API key is bound to a specific tenant at creation. When the key is used for authentication, the tenant resolver sets request.state.tenant_id to the key's tenant.
IUSign supports full GDPR data export and deletion. GET /tenants/me/export returns all tenant data as JSON. DELETE /tenants/me cascades to all related records.
Create your free account and send your first document in under 3 minutes.
Get Started Free