stellar · marwen-abid · Jun 5, 2024 · May 15, 2024 · Jun 4, 2024
diff --git a/network/stellar-disbursement-platform/admin-guide/deploy-the-sdp.mdx b/network/stellar-disbursement-platform/admin-guide/deploy-the-sdp.mdx
@@ -38,6 +38,14 @@ curl -O https://raw.githubusercontent.com/stellar/stellar-disbursement-platform-
 
 You can find the full list of configurable values in the [SDP GitHub repository](https://github.com/stellar/stellar-disbursement-platform-backend/blob/develop/helmchart/sdp/README.md#stellar-disbursement-platform-sdp-parameters).
 
+There is a more detailed explanation of how to configure the SDP in the [Configuring the SDP Guide.](./configuring-sdp.mdx)
+
+### Multi-tenant considerations
+
+When running the SDP in a multi-tenant configuration, you will need to acquire wildcard TLS certificates to facilitate tenant provisioning as the SDP relies on subdomains to differentiate between tenants. This will allow you to provision tenants without having to manually configure TLS certificates for each tenant. You can use a service like [Let's Encrypt](https://letsencrypt.org/) or [Namecheap](https://www.namecheap.com/security/ssl-certificates/) to acquire these certificates.
+
+For more information about multi-tenancy in the SDP, see the [Design and Architecture Guide](./design-and-architecture.mdx#multi-tenancy).
+
 ### Install the chart
 
 To install the chart with the release name `sdp` and the values file `myvalues.yaml`:

diff --git a/network/stellar-disbursement-platform/admin-guide/design-and-architecture.mdx b/network/stellar-disbursement-platform/admin-guide/design-and-architecture.mdx
@@ -37,4 +37,17 @@ There are 3 types of schemas in the database:
 
 - **Admin Schema**: contains tables for managing tenants. This schema is used by the Admin API to manage tenant configuration and provisioning.
 - **TSS Schema**: contains tables for managing transactions. This schema is used by the Transaction Submission Service to manage the state of payment transactions.
-- **Tenant Schemas**: each tenant has its own schema that contains tables for managing disbursements, recipients, and other tenant-specific data. These schemas are prefixed with `sdp_`.
+- **Tenant Schemas**: each tenant has its own schema that contains tables for managing disbursements, recipients, and other tenant-specific data. These schemas are prefixed with `sdp_`.
+
+## Multi-tenancy {#multi-tenancy}
+
+The SDP can be deployed in a multi-tenant configuration, where multiple organizations share the same instance of the SDP. Each organization is referred to as a tenant and has its own set of data and configuration. A host organization can manage multiple tenants and manage their configuration through the Admin API.
+
+### Tenant Resolution {#tenant-resolution}
+
+The SDP uses a tenant resolution strategy to determine which tenant a request belongs to. Tenant resolution is only required for unauthenticated requests, as authenticated requests include the tenant information already in the JWT token.
+
+- **Header**: the `SDP-Tenant-Name` header is used to specify the tenant name in the request. When present, this header is used to attempt resolving the tenant.
+- **Subdomain**: the SDP can use the subdomain of the request URL to resolve the tenant. For example, `tenant1.sdp.example.com` would resolve to the tenant `tenant1`.
+
+Resolution priority goes as follows: JWT token (authenticated requests) > Header > Subdomain.