Tenant Exposure


We created a tenant admin with limited rights for its own tenant, such as creating extensions, creating provisioning templates and adding MAC addresses to provisioning.

When you go to PBX > Provisioning > Templates > Server Settings, they can see the Server Settings from other tenants as well.

Please fix ASAP


1 Like

We will look into it along with our development team!

We’ve already checked this, and we realized that this never was filtered per tenant. This is because we didn’t expect someone to create more than one per tenant.

Usually, you create a single server setting and use that for all the tenants. So, in which scenarios do you need one Server Setting per tenant?

We do exactly this, we create one per tenant. But since this is multi tenant, there’s multiple servers.

We provision a subdomain for each tenant which is used by our SIP and HTTP proxies to determine different routing and security rules.
Additionally, clientname.pbx.com sounds stupid, but you’d be surprised how much it improves customer satisfaction when customers see their company name in the URL when logging in! That’s why I asked numerous times to make VitXi works with any subdomain.


+1 here
Vitxi should work with any domain. At least Subdomain.


+1 add

Great ! we want this !


cc @maynor (re: VitXi)

1 Like


We have tested VitXi on two subdomains and it worked perfectly.

Could you try again and share with us the error that the application shows?

Also, did you test on subdomains with a proxy?

Best regards!