Skip to content
You are reading Codefi Orchestrate development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.

Configure multi-tenancy

When using multi-tenancy, authentication of JWTs is used to restrict access to resources by tenants.


Orchestrate is not an identity provider and does not generate JWTs in production. In production, use an identity provider such as Auth0 to generate JWTs.

Set the environment variables

Environment Variable Description
MULTI_TENANCY_ENABLED Set to 1 to enable multi-tenancy. The default is 0.
AUTH_JWT_CLAIMS_NAMESPACE The namespace for the custom JWT claim. For example, orchestrate.namespace.
AUTH_JWT_CERTIFICATE The public key of the identity provider (Auth0, for example).
AUTH_API_KEY The secret enabling internal microservice to microservice communication to bypass JWT authentication.
AUTH_JWT_PRIVATE_KEY For testing and demonstration only.

To make requests in a multi-tenant environment, specify the JWT in the request header.

Testing and demonstration

For testing and demonstration purposes only, use the AUTH_JWT_PRIVATE_KEY environment variable to specify the private key associated with the public key specified by AUTH_JWT_CERTIFICATE.

ConsenSys has acquired Quorum from J.P. Morgan. Please read the FAQ.
Questions or feedback? You can obtain paid professional support by Consensys at