← Back to Docs Index

Trial Provisioning — Phase 2 (Plan)

Status: Draft

Goal

Automate tenant provisioning after admin approval of a Trial request, with 30‑day expiry, SSO‑only access, and clean deprovisioning.

Workflow

1) Admin reviews /admin/trials and approves a request 2) System provisions resources: - Database: trial_{company_slug}_{YYYYMMDD} - Seed data: Super Admin and minimal roles/permissions - Feature caps: max streams/rules; scheduler enabled; expiry date set - Subdomain: {company}.trial.mesofthings.com (DNS prerequisite) 3) Notifications: - Email to requester with subdomain URL and instructions - Internal log (RACELogger) and audit entry 4) Expiry lifecycle: - Warnings: −7d and −1d via email - On expiry: disable scheduler + login banner - Grace period: 7 days; then purge (export optional)

Components

  • ProvisioningService (new): encapsulates create/disable/purge
  • DatabaseManagementService: reuse/create DB + apply migrations
  • OAuth config: restrict to SSO providers, no passwords
  • Scheduler control: per‑tenant enable/disable

CLI Tasks (suggested)

flask provision trial --request-file instance/public/trial_requests/...
flask provision disable --db trial_acme_20251115
flask provision purge   --db trial_acme_20251115 --export out/exports/

Data Model Additions

  • Table trial_tenants:
  • id, company, db_name, subdomain, status (active/expired/purged)
  • created_at, expires_at, grace_until
  • request_file (path), contact_email

Security

  • SSO‑only access; super_admin controls
  • Strict separation from production DBs
  • Full audit logging for provisioning actions

Rollback

  • On failure: drop DB, remove DNS mapping (manual), mark request as failed
  • Keep request JSON for traceability

Open Items

  • DNS automation (Cloud provider/API)
  • Email infrastructure (provider and templates)
  • Export format for purge (events + configuration)

Version: beta

On this page