Tenant Settings
Per-tenant configuration management with deep merge support.
Overview
Each tenant has a settings blob stored in the config store (Postgres-backed). Settings control tenant-level behavior such as content logging policy, retention periods, and feature flags. The dashboard reads and writes these settings through JWT-authenticated bridge routes.
Endpoints (JWT auth, mounted at /auth/*)
| Method | Path | Description |
|---|---|---|
| GET | /auth/tenant-settings | Read tenant settings |
| PATCH | /auth/tenant-settings | Merge tenant settings |
Read settings
curl https://api.brainstormrouter.com/auth/tenant-settings \
-H "Authorization: Bearer <jwt>"Response:
{
"settings": {
"contentLogging": {
"enabled": true,
"retentionDays": 30
}
}
}Update settings
curl -X PATCH https://api.brainstormrouter.com/auth/tenant-settings \
-H "Authorization: Bearer <jwt>" \
-H "Content-Type: application/json" \
-d '{ "contentLogging": { "retentionDays": 90 } }'Response includes the merged settings and the config store version:
{
"settings": {
"contentLogging": {
"enabled": true,
"retentionDays": 90
}
},
"version": 3
}Deep merge behavior
Top-level keys are shallow-merged (last write wins). The contentLogging key is special-cased with a deep merge to avoid clobbering sibling fields on partial updates:
- Patching
{ "contentLogging": { "retentionDays": 90 } }preserves the
existing enabled value.
enabledis coerced to boolean,retentionDaysis clamped to 1--365.
Storage
Settings are persisted via the per-tenant config store under the key tenant-settings. Each write records the userId of the caller for audit.