The previous articles on Multitenant Applications talked about organization of data particularly keys and values. This article talks about branding.

Branding is perhaps most noticeable when users sign-in to the multitenant solution.  When the sign-in process can include the company logo and customized experiences based on browser language, it creates a powerful branding for the organization over the multitenant solution that is re-used across the organizations.

The technique behind such flexibility in customization involves an inventory of all user interface properties, such that their customizations can be looked up and applied to compose a unique and holistic branded page to the users. This inventory consists of the text, its culture and locale, references to the images to be used, stylesheets and other assets and where to locate them on the rendered page. Even dark mode or light mode can be set as default and not rely on users’ preferences. The inventory makes it easy to add customizations for new tenants and organize their variations over the defaults.

The tenant provider composes the page by referring to the tenant ID obtained from the domain name and request headers. Tenants might want to bring their own domain names. This might be important for business purposes. It might also be for technical purposes such as they supply their own TLS certificates which bear subject names.

The name resolution to an IP address depends on whether there is a single instance or many instances of the multitenant application. For example, a CNAME for the custom domain of a tenant might have a value pointing to a multi-part subdomain of the multitenant application solution provider. Since this provider might want to set up proper routing to multiple instances, they might have a CNAME record for subdomains of their individual instance to route to that instance. They will also have an A name record for that specific instance to point to the IP address of the provider’s domain name. This chain of records resolves the requests for the custom domain to the IP address of the instance within the multiple instances deployed by the provider.

Host header resolution is also significant. All the web components need to be aware of how to handle the requests that arrive with the provider’s domain name in their host request header. Each tenant’s domain name might be a subdomain or a custom domain and this adds operational overhead to the onboarding of tenants. Host headers can also be rewritten by say the Azure FrontDoor so that the web server receives a single Host header. The example of Azure FrontDoor also propagates the original value of the host header in a X-Forwarded-Host header so the multitenant application can properly resolve the tenant.

Custom branding appears after the users’ sign-in. Some of the prerequisites for custom branding includes licenses for Azure Active Directory Premium 1 and 2, Office 365 for office applications, and Microsoft 365 for keeping the user signed in. When users sign into the organization’s tenant-specific applications, such as https://outlook.com/woodgrove.com, or when passing a domain variable such as https://passwordreset.microsoftonline.com/?whr=woodgrove.com All branding elements are optional. Default settings will remain, if left unchanged. Images have different image and file-size requirements. Language, background image, banner logo, username hint and sign-in page text can all be part of the branding strategy.

If the branding must appear before sign-in, technologies like pagelets can be used so that the server has the chance to discern and render the page without relying on out-of-box default pages.

By retrieving the proper assets from the inventory of customizations, a multitenant solution can compose the user interface page with the proper branding experience for users.