DT-385-sso-and-multi-tenancy-documentation

[KorayErkan]

Summary by CodeRabbit

• Documentation
  • Consolidated and expanded RBAC guidance within Roles; removed the deprecated standalone RBAC page.
  • Added Organization Settings docs: Company Details, Single Sign-On (detailed setup), and Subscription & Billing.
  • Introduced a comprehensive Tenants guide with workflows for hierarchy, access, and lifecycle management.
  • Added a Usage & Limits page covering real-time consumption, analytics, and capacity planning.
  • Updated navigation: new Organization > Settings section; added Tenants and Usage & Limits; removed legacy SSO and Multitenancy entries.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Documentation restructured under Organization: RBAC content consolidated into roles and the standalone role-based-access-control page removed. New Settings subsection added (Company, Single Sign-On, Subscription). New Tenants and Usage and Limits pages introduced. Sidebar updated to match the new structure and removed obsolete top-level SSO and Multitenancy entries.

Changes

Cohort / File(s)	Summary of changes
RBAC docs reorg docs/organization/role-based-access-control.mdx, docs/organization/roles.mdx	Removed standalone RBAC page; expanded RBAC guidance within roles.mdx including role creation, assignment, advanced settings, and troubleshooting.
Organization Settings docs/organization/settings/*	Added new Settings docs: company.mdx (Company Details), single-sign-on.mdx (SSO overview and configuration UI), subscription.mdx (Subscription and Billing).
Tenancy and usage docs/organization/tenants.mdx, docs/organization/usage-and-limits.mdx	Rewrote multitenancy into a structured Tenants guide with workflows; added Usage and Limits page with resource monitoring and analytics.
Sidebar structure sidebars.ts	Set Organization category collapsed: false; removed organization/role-based-access-control; added nested Settings (company, single-sign-on, subscription); added organization/tenants and organization/usage-and-limits; removed top-level single-sign-on and multitenancy.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Admin as Admin User
  participant UI as DataStream UI
  participant IdP as Azure AD/Entra ID
  participant Auth as Auth Service
  participant RBAC as RBAC Engine

  rect rgb(240,248,255)
  note over Admin,UI: Configure Single Sign-On (SSO)
  Admin->>UI: Navigate Organization › Settings › Single Sign-On
  UI-->>Admin: Display SSO configuration panel
  Admin->>UI: Provide IdP metadata / initiate setup
  UI->>Auth: Save SSO settings
  Auth-->>UI: Confirm configuration saved
  end

  rect rgb(245,255,240)
  note over Admin,RBAC: Assign role to user (post-SSO)
  Admin->>UI: Assign Role to User
  UI->>RBAC: Update user-role mapping
  RBAC-->>UI: Acknowledge update
  end

  rect rgb(255,248,240)
  note over User,Auth: Login via SSO
  participant User as End User
  User->>UI: Access DataStream
  UI->>Auth: Start SSO flow
  Auth->>IdP: Redirect for authentication
  IdP-->>Auth: Token / assertion
  Auth->>RBAC: Resolve roles & permissions
  RBAC-->>Auth: Effective permissions
  Auth-->>UI: Session + claims
  UI-->>User: Grant access based on permissions
  end

Loading

sequenceDiagram
  autonumber
  participant Admin as Admin
  participant UI as DataStream UI
  participant RBAC as RBAC Engine

  rect rgb(250,250,255)
  note over Admin,RBAC: Create Custom Role
  Admin->>UI: Open Roles › Create Custom Role
  UI-->>Admin: Show Basic/Advanced permission selectors
  Admin->>UI: Set role details + select permissions
  UI->>RBAC: Create role with permissions
  RBAC-->>UI: Role created
  end

  rect rgb(255,250,245)
  note over Admin,RBAC: Modify/Delete Role
  Admin->>UI: Edit or Delete role
  UI->>RBAC: Validate usage/dependencies
  RBAC-->>UI: Validation result (allow/block)
  UI-->>Admin: Success or error with guidance
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

I hop through docs with tidy feet,
New paths for orgs, all crisp and neat.
SSO doors swing open wide,
Tenants queue in structured pride.
Usage charts hum soft and bright—
Roles realigned, the nav set right.
Thump-thump! Ship night delights.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch DT-385-sso-and-multi-tenancy-documentation

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 9298121 and 0e6aa3b.

⛔ Files ignored due to path filters (6)

• static/img/gui/roles.png is excluded by !**/*.png
• static/img/gui/settings-1-company.png is excluded by !**/*.png
• static/img/gui/settings-2-sso.png is excluded by !**/*.png
• static/img/gui/settings-3-subscription.png is excluded by !**/*.png
• static/img/gui/tenants.png is excluded by !**/*.png
• static/img/gui/usage-and-limits.png is excluded by !**/*.png

📒 Files selected for processing (8)

• docs/organization/role-based-access-control.mdx (0 hunks)
• docs/organization/roles.mdx (1 hunks)
• docs/organization/settings/company.mdx (1 hunks)
• docs/organization/settings/single-sign-on.mdx (1 hunks)
• docs/organization/settings/subscription.mdx (1 hunks)
• docs/organization/tenants.mdx (5 hunks)
• docs/organization/usage-and-limits.mdx (1 hunks)
• sidebars.ts (1 hunks)

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cloudflare-workers-and-pages]

Deploying virtualmetric-docs-test with    Cloudflare Pages

Latest commit:	0e6aa3b
Status:	🚫  Build failed.

View logs

[github-actions]

Docs Feature Deployment https://54bf5b8b.virtualmetric-docs.pages.dev