Introduction

OpsRamp is a hybrid IT operations management (ITOM) platform that empowers organizations to monitor, manage, and automate infrastructure across cloud, on-premises, and hybrid environments - all from a single, unified interface.

As a core part of this platform, Tenancy Management provides the foundation for scalable, secure, and efficient operations. It enables Service Providers (SPs), Managed Service Providers (MSPs), partners, and enterprises to manage multiple entities with clear boundaries and delegated control.

Tenancy Hierarchy

OpsRamp’s multi-level tenancy model is designed for flexibility and operational scale. The key roles include:

  • Service Provider (SP): Top-level tenant with global visibility and administrative privileges over all sub-tenants.
  • Partner (optional): Mid-tier tenant used by MSPs or resellers. These partners use OpsRamp to provide differentiated, branded IT operations services to their customers.
  • Client: End customer, enterprise, or business units with isolated environments.



Neighbors

The above flowchart illustrates the Tenancy hierarchy in OpsRamp:

  • At the top is the Service Provider (SP), responsible for defining global policies, managing users, and provisioning partners.
  • Below the SP are partners (Partner 1 and Partner 2) each with their own users and policies.
  • Each Partner manages multiple clients (e.g., Client A, B under Partner 1, and Client C, D under Partner 2).
  • Clients manage their own devices, and may inherit policies from their respective Partner. Clients can create and manage their own policies to suit their specific operational needs.

Note:

  • Inheritance Flow: Policies can be inherited downward
    (e.g., from SPPartnerClient), but not upward.
  • Isolation: Each tenant’s data, configuration, and users are isolated.

Key Capabilities

OpsRamp’s tenancy model is built to support different types of users - like partners, resellers, and clients - by giving each one their own space and control. Here is what it offers:

  • Separate Workspaces for Each Tenant: Every partner or client has their own secure area. Their data and configurations stay separate from others.

  • Individual Administrative Control: Each tenant can have their own administrators who manage their environment without affecting others.

  • Central View for Providers: Service Providers (SPs) can see everything across all their tenants - partners, clients, performance, alerts - through one dashboard. Similarly, partners can see all the tenants - clients.

  • Role-Based Access Control (RBAC): RBAC allows each tenant to define precise user permissions, ensuring users can access only the resources and actions they are authorized to use.

  • Custom Branding Support: Branding customization enables personalized logos, themes, and login experiences at each tenant level.

    • Service Provider (SP):
      • Can configure branding for themselves.
      • Can apply branding to partners and client tenants under them.
      • Has full control over how the platform looks across the entire hierarchy.

    • Partner:
      • Can configure branding for themselves.
      • Can apply branding to their client tenants.
      • Cannot modify branding at the SP level or for other partners.

    • Client:
      • Can configure their own branding if the feature is enabled for them.
      • This includes custom logos, colors, and login screen settings.
      • Cannot modify branding of parent tenants (SP or partner).

  • White-Labeling Support: Partners and resellers can brand their OpsRamp instances for their clients - OpsRamp offers white-labeling support, allowing its partners and resellers to rebrand the platform under their own branding for their clients, enhancing their service offerings and client relationships

  • Flexible Onboarding: New clients or partners can be onboarded quickly using the UI or APIs, with templated configurations for speed and consistency.

Use Cases

One of the most common use cases is in MSP environments, where a single provider supports many different clients. Each client needs its own isolated environment — with separate monitoring rules, alert configurations, user roles, integrations, etc. With tenancy, the MSP can manage all of this from a single platform, while clients still have their own secure, branded space.

Another key use case is when clients or business units require direct access to their own environments. Instead of setting up entirely separate systems, tenancy allows you to assign user roles that are restricted to specific tenants. This ensures that users can only access what is relevant to them - which helps protect data and keeps everything organized.

Branding also plays a big role, especially for partners or resellers who want to offer OpsRamp as a white-labeled service. Each tenant can have its own logo, theme, and visual customization, so clients feel like they are using a solution tailored specifically for them.

In larger organizations or service provider setups, it is also common to delegate administrator responsibilities to different teams. Tenancy allows you to assign administrative roles per tenant, so each team can manage their area without affecting others.

Compliance is another key reason to use tenancy. In regulated industries, keeping data separate for each client or team is a must. Tenancy makes this easier by creating isolated environments, which helps meet rules like GDPR, HIPAA, and similar standards.

Likewise, tenancy allows you to separate environments by geography. You can create separate clients per region, like APAC, Japan, South America, Canada, each with their own settings, while maintaining a central view. This kind of setup helps with timezone alignment and regulatory needs.