Solution · platform teams · data isolation · one shared engine
Multi-tenant monitoring
One monitoring engine for the whole company, yet every team gets its own isolated namespace. Data, dashboards and alerts never cross, and access is provisioned through SSO and SCIM with no manual onboarding.
The problem
An internal platform for 100+ engineers hits a fork: either shared monitoring where teams see each other’s metrics, or a zoo of separate installs that is expensive to keep up. Both scale poorly across access control and billing.
How Unimoni solves it
Unimoni gives each team its own org with full data isolation. Queries are rewritten at the PromQL AST level, so stepping outside your tenant is technically impossible. Onboarding is automatic via SCIM, access runs through SSO, and billing rolls up per team.
What’s included
- ✓Per-team org with isolated metrics, dashboards and alerts
- ✓Isolation at the PromQL AST level — no raw-query path, no spoofing
- ✓SSO + SCIM auto-provisioning: add in your IdP, land in the right org
- ✓Unified billing with a per-team breakdown
Frequently asked
Can one team see another team’s metrics?+
No. Every query goes through an AST rewrite that binds it to the user’s org. There is no raw-query path that bypasses the rewrite, so cross-tenant spoofing is technically impossible.
How does onboarding teams and people work?+
Through SCIM 2.0: creating users and groups in your IdP automatically maps into the right orgs and roles. Access is granted via SSO — no manual setup.
Can dashboards be exposed externally — say, in an internal portal?+
Yes, via embed widgets carrying a filter-bound JWT. A widget shows only the permitted slice of data, and an origin allowlist on the key limits where it can be embedded.