Overview

Every database query and API operation is scoped to the authenticated organization tenant. Cross-tenant data access is blocked at the application layer and verified in security reviews.

Support engineers require explicit customer authorization and secure session recording when accessing tenant data for escalations.

Who should read this

QA engineers, SREs, platform teams, and developers operating Zof Console and APIs.

When to use this workflow

Onboarding new team members to Zof terminology and workflows
Authoring internal runbooks aligned with Console labels
Designing CI/CD or webhook integrations against documented behavior

Step-by-step procedure

Verify tenant context

Confirm organization name in Console header matches expected tenant.

API responses never include resources from other organization IDs.

Support access procedure

Open support ticket with organization ID and admin approval.

Time-bound elevated access logged in audit trail.

Key concepts

Organization ID: Immutable tenant identifier visible in Admin Center → Organization settings.
Data residency: Enterprise plans may pin storage to approved regions; contact account team for options.

Best practices

Never share API keys across organizational boundaries
Validate tenant slug in CI environment variables per deployment