Actually bringing this to a real scenario, the correct approach would use an id as a tenant identifier, and this id would probably be your
Customer identifier, right? This is because it is your customer's data that is being segregated by the tenant concept here.
All domain classes would carry this id, even the
User domain or any other class that handles your security.