Tenant

"Tenant" is the LearnCoin term for a customer. Each tenant has a unique tenant_id, a dedicated signing key in GCP KMS HSM, a verificationMethod fragment in the LearnCoin DID document, and Row Level Security policies that prevent cross-tenant data access. Tenants are independent — a compromise, change, or anomaly with one tenant doesn't affect others.

Tenants are not end-users. The student who receives a credential through Ewance isn't a LearnCoin tenant; Ewance is. That's the infrastructure distinction. End-users interact with LearnCoin only via the public verification page (read-only) or the magic-link claim flow (one-time).

Tenant provisioning includes: KMS key generation, DID verificationMethod fragment registration, API key issuance (test + live), webhook endpoint registration, and RLS policy activation. The full provisioning ADR is ADR-005. Tenant offboarding is the reverse plus key-revocation and data-export flows.