Descope Per-Tenant Identity Isolation for B2B Platforms

Descope provides a flexible identity management framework tailored for B2B CIAM platforms, addressing the need for both shared-user and tenant-level user models. While the shared-user model is suitable for most SaaS products, allowing users to maintain a consistent identity across multiple tenants, certain scenarios such as white-label reselling, franchise networks, and regulated multi-brand operations require tenant-level isolation where a single user can have distinct identities across different tenants. Descope's tenant-level users feature enables this by isolating login credentials, MFA states, and user profiles per tenant, ensuring complete independence and compliance with specific business needs. This feature integrates seamlessly with Descope's existing enterprise readiness suite, including SSO, RBAC, SCIM provisioning, and more, without disrupting existing B2B authentication functions. Organizations needing full isolation can enable this setting in their project configurations, ensuring users are siloed per tenant, while others can maintain the default shared-user setup, allowing for seamless transitions across workspaces.