Steps to create a tenant

Create a new tenant

1. Log into the TF Platform Portal and choose your organization.

2. Select Projects in the sidebar and select a project.

3. Click + Create tenant.

4. Enter the Tenant Display name and description.

5. Click + Create tenant.

What is CORS?

Cross-Origin Resource Sharing (CORS) is a mechanism that allows web applications to make requests to resources hosted on different domains.

The platform lets you configure CORS at the tenant level, enabling precise control over cross-origin access for improved security and flexibility.

Best Practices

• Regularly review and update your CORS settings to align with security requirements.

• Always use HTTPS in production for secure communication.

• Avoid using the wildcard * in production; explicitly specify allowed origins.

Steps to Modify Your Organization:

1. Sign In Log in to your TF Platform account.

2. Access Organizations Select Organizations from the menu.

3. Locate Your Organization

   • Find the organization you want to modify.

   • Click on the organization name to access its settings.

4. Edit Organization Details Modify the necessary details such as:

   • Organization Name

   • Registration Number

   • Country & Address

5. eKYC Re-verification Note that changes may require a new eKYC process to verify the updated information. Complete the eKYC to ensure compliance and security.

6. Save Changes After updating the details and completing eKYC, ensure you save the changes.

Steps to Create a Project:

1. Sign In Log into the TF Platform Portal and choose your organization.

2. Access Projects Navigate to Projects from the sidebar.

3. Create a New Project Click on the "Create a Project" option.

4. Enter Project Details Fill in the project display name and description.

5. Confirm Creation Click + Create project.

What is TF Platform?

TF Platform (The Future Platform) is a white-label Communications & Identity platform for developers. Its control plane allows organizations to create and manage tenants, configure identity and access policies, and operate secure communication services. TF Platform is fully API-driven and modular, enabling organizations to deploy and brand their own services with complete flexibility.

Identity & Access

• Authentication Engine – authentication services.

• Authorization Engine – access control and policy enforcement.

• Accounting Engine – event logging and accountability.

• Human Identity Hub – human identity management.

Security & Privacy

• Consent & Privacy Hub – consent and privacy controls.

• Audit Hub – auditing of platform events.

Integration & Communication

• Communication Engine – messaging and communication services.

• Integration Hub – connectors and system integrations.

Data residency

When you create a tenant, you must select a geographic location for data residency. This determines where your data is processed and stored, ensuring compliance and performance. We currently support two data regions:

• European Economic Area (EEA) – Netherlands

When configuring a custom domain, Automatic Certificate Management is enabled by default. You can also opt for Self-Managed Certificates. If you disable the active self-managed certificate, the system will automatically revert to Automatic Certificate Management to maintain security.

Automatic Certificate Management

By default, SSL/TLS certificates are automatically issued, renewed, and deployed. This guarantees that your domains remain secure without any manual effort.

Configuring CORS

1. Go to Projects: Access the "Projects" section within the platform.

2. Select the Tenant: Choose the tenant you wish to configure.

3. Access CORS Settings: Navigate to the CORS settings in the tenant's "Domains" section.

Steps to Modify a Project:

When setting up a reverse proxy with self-managed certificates to connect to the TF Platform, it's crucial to ensure that you use a supported TLS version and cipher suite. The TLS handshake, which is the communication between the server and client, specifies the TLS version and cipher suite. Using an unsupported version could lead to failure.

Supported TLS 1.3 Cipher Suites

• TLS_AES_128_GCM_SHA256

Steps to Renew a Self-Managed Certificate

1. Monitor Expiration Date

   • Regularly check the expiration date of your certificate in the

Removing a Custom Domain

Step 1: Remove the Domain

• Select the custom domain you wish to remove.

What is a Tenant?

A tenant on TF Platform is a logically isolated environment where you can manage your own data, applications, resources, and configurations.

The users to which the organization will provide access through Public OAuth2 Clients.

The applications that the organization will provide access to through OAuth2 Clients.

With TF Platform, you can manage Organizations that serve as top-level entities, allowing the creation and management of multiple projects. You can easily register an organization using your TF Platform account.

Deleting an organization from the TF Platform permanently removes it, including all associated data such as projects, users, and settings. While this action is irreversible, you can recover the organization within 30 days.

Key Considerations

• Organizations can be recovered within 30 days post-deletion. After this timeframe, all data will be permanently lost.

• Ensure you have the necessary administrative permissions to perform this action.

• It is advisable to notify all organization members before deletion to ensure they are aware of the impending changes.

• A confirmation prompt will appear to verify the deletion request and ensure that the action is intentional.

By default, your tenant will be assigned a platform subdomain ([subdomain].tfplatform.com).

However, we recommend setting up your own domain for an improved user experience. A custom domain can enhance your brand identity, build trust, and provide a more personalized experience for your end users.

Choose a subdomain

Here are some examples of domains you can set in the Platform.

Steps to Add a Self-Managed Certificate

1. Access the Certificates Section

   • Navigate to the Domains page.

   • Locate and select the Certificates section.

2. Upload the Certificate

   • Click on the Upload Certificate option.

3. Input Certificate and Key

   • Enter SSL Certificate and Private Key:

     • Ensure your SSL certificate file is in PEM format (typically a .crt or .pem file).
4. Save the Certificate

   • Click the Save button to upload the certificate

5. Review Certificate details

   • Common Name: A name for easy identification.

   • Issuer: The organization that issued the certificate.

   • Valid From: The start date of the certificate's validity.
6. Activate the Certificate

   • After saving, ensure the certificate is activated by clicking the Activate button (if applicable) in the Certificates section. This step is essential for enabling secure connections using the newly uploaded certificate.

Steps to Configure a Custom Domain

1. Inside the platform

Key Considerations

• All tenants under the project must be deleted first to delete a project.

You can grant TF Platform users access to TF Platform organizations. Assign to enforce permission levels for Atlas users.

The roles will be a mapping between the APIs of the organization, projects, billing, tenants, services & the permission required in sets.

Financial Reporter - Billing Read

TF Platform allows your ITSM system, such as ServiceNow or similar alternatives, to call our APIs to register support tickets directly. This enables your organization to manage incidents and requests within your existing ITSM workflows while keeping records synchronized in both systems.

We provide two types of support:

Project-Based Support

• Implementation Support – Greenfield deployments, migrations from existing systems, and hybrid setups.

• Migration Support – Data transfers, integrations, or platform consolidation, including planning, execution, and validation.

• Improvement Support – System enhancements such as architecture optimizations, new integrations, feature enablement, and performance tuning.

• Decommissioning Support – Offboarding activities including secure data export, data cleanup, account closure, and migrations to other systems.

Business-as-Usual Support

• Operational Support – Ongoing assistance with platform use, including issue reporting, troubleshooting, under attack, and service requests via the available support channels.

Implementation Help

Need help with implementing the TF Platform? Our team of experts is available to assist you. Simply email [email protected] with the subject line "TF Platform Implementation Help." Please include details about your implementation challenges, and we'll provide guidance, best practices, and solutions to address your technical needs.

Connections of third-party applications with TF Platform, which are templated or already pre- developed.

Depending on your support plan, you can reach us via phone, email, or in-platform ticketing. All requests are logged in our ITSM system for full traceability. We apply service level commitments to ensure timely response, prioritization, and resolution of incidents and requests.

Steps to Configure Cloudflare

1. Sign Up for Cloudflare

   • Create a Cloudflare Account: If you don’t already have an account, sign up on Cloudflare's website.

   • Add Your Domain: Follow the prompts to add your domain to your account.

2. Update DNS Settings

   • Verify Domain Ownership: Follow the instructions to verify ownership, typically by adding a TXT record at your domain registrar.

   • Change DNS Records:

     • Go to the DNS

3. Configure SSL/TLS Settings

   • Set SSL/TLS Mode: Navigate to the SSL/TLS tab and choose an appropriate mode (e.g., Full or Full (strict)). If you have added the origin server certificate as a custom certificate in the platform, use Full (strict).

   • Enable Always Use HTTPS: Turn on the Always Use HTTPS option to ensure secure connections.

4. Test Your Setup

   • Access Your Tenant: Ensure your tenant is accessible through the Cloudflare proxy. Verify that SSL/TLS functionality works and that requests are routing correctly to your origin server.

Steps to Create a Prepaid Billing Account

1. Sign In: Log in to your account with your credentials.

2. Select Organization: Choose the appropriate organization from the list if you belong to multiple.

We provide subscriptions through the Microsoft Azure Marketplace and Google Cloud Marketplace. Our model combines metered billing with subscription commitments, ensuring flexibility and predictable coverage.

Billing Models

Steps to Disable a Billing Account

1. Sign In to Your Account: Log in to your account on the TF Platform.

2. Select Your Organization:

TF Platform supports a SCIM interface for provisioning from IGA tools such as SailPoint, Microsoft Entra, or Okta. This enables centralized management of your organization’s console access.

SCIM provisioning can be combined with Single Sign-On (SSO):

• SSO – enabled with Just-in-Time (JIT) provisioning by default.

You can integrate TF Platform with SIEM tools such as Microsoft Sentinel, Datadog, Splunk, QRadar, and LogRhythm to monitor security events in real time for your organization’s console access.

How It Works

1. Connect TF Platform to your SIEM using APIs or custom integrations.

TF Platform Billing accounts cannot be deleted. When you close your TF Platform Billing account, the account information is retained for reporting and auditing purposes.

To prevent your TF Platform Billing account from accruing charges, you can either:

• Disable the TF Platform account.

• Unlink the billing account from associated projects.

If you need to change the payment method linked to your TF Platform Billing account, you can manage your payment options in the Billing Accounts section.

The Platform Organization Event Feed displays select events for a given TF Platform organization, such as billing or organization events.

Categories

• Organization

• Projects

• Billing

• Tenants

• Domains

How Rate Limiting Works

Each tenant is limited to 600 API requests per minute on all public-facing APIs. This limit maintains fair usage and system stability. Rate limits apply globally across all public APIs per tenant. If the limit is exceeded, the API responds with HTTP 429 – Too Many Requests.

API Versioning

TF Platform uses header-based versioning. You specify the API version in the request header without altering the URL structure.

If no version header is provided, the latest stable major version will be used by default.

Organizations can use projects to group access based on teams, use cases, or environments (like development, staging, and production). Each organization starts with one project and can create up to ten projects. Projects within the same organization can share billing accounts.

Here are the essential characteristics of projects within TF Platform:

• TF Platform service quotas remain at the organization level, and are not enforced per project.

• An organization can have up to 10 projects.