SaaS Multi-Tenant
Isolation and safety for multi-tenant SaaS AI platforms.
Contributors
Overview
The SaaS Multi-Tenant profile addresses the unique challenges of building AI features into a SaaS product where multiple customers (tenants) share the same underlying models and infrastructure.
The primary goal here is Tenant Isolation. It ensures that a prompt from Customer A cannot trick the model into revealing data from Customer B, and that one tenant cannot potentially exhaust resources meant for others.
Included Guardrails
5 RulesCross-Context Manipulation Guardrail
Blocks references to prior conversations or hidden context.
Internal Data Leak Guardrail
Blocks exposure of internal or proprietary information.
Output Schema Validation Guardrail
Validates model output against a required JSON or structured schema.
Rate Limit Guardrail
Enforces request rate limits to control cost and abuse.
Cost Threshold Guardrail
Blocks or warns when usage exceeds configured cost limits.
Key Benefits
Tenant Isolation
Prevents "cross-contamination" of context between different user sessions.
Resource Fairness
Enforces rate limits per tenant ID to preventing "noisy neighbor" issues.
Schema Enforcement
Guarantees that JSON outputs match the expected schema for your frontend to consume.
Wait, when should I use this?
Integration
const config = {
profile: 'saas-multi-tenant',
context: {
tenantId: request.headers['x-tenant-id'],
plan: 'enterprise'
}
};Frequently Asked Questions
How do you handle rate limits?
Rate limits are keyed by the `tenantId` you provide in the context object.