Templates
Each tenant edits their own copy. Per-tenant overrides do not bleed into the default.
Multi-tenancy
Repository-level isolation. Not at the edge.
Customize notifications and create per-tenant feeds to deliver value to your business customers. Templates, rules, audit, and quotas are scoped per tenant at the data layer.
Where isolation lives
Tenant scope is enforced at the repository, not at the edge.
Every read and every write filters by the tenant context carried in the request. An admin who flips a routing rule in tenant A cannot accidentally affect tenant B, even if an ID is mistyped.
What gets scoped
Every customer-facing primitive, per tenant.
Rules
Routing strategy, IF/ELSE branches, and fallback chains are configured per tenant.
Audit
Every event and admin action is scoped. One tenant's compliance query never reads another's data.
Quotas
Per-tenant, per-event thresholds with their own warning and critical alert lines.
How it shows up
Per-tenant feeds, dashboards, and APIs.
- The X-TENANT-ID header on every API call drives the data scope.
- The admin shows the tenant's data only; the tenant-switch is an explicit action with its own audit row.
- Customers can be given a per-tenant feed of the notifications you sent to them, without exposing anything else.
More platform features
Keep exploring.
Routing engineStrategies, IF/ELSE rules, failover chains, retry with backoff. All configured, never coded.TemplatesHandlebars-style syntax with conditionals, loops, and helpers. Multi-language.Audit trailEvery event and every admin action, per tenant. PII redacted at the field.Quotas & rate limitsPer-tenant, per-event thresholds with warning and critical alerts.ObservabilityEvents per minute, delivery rate, p95 latency, per-provider health, live.Agent CLIThe Nemofy skill installs in Claude Code, Codex, Cursor, OpenCode, Aider.