Finbuckle.MultiTenant icon indicating copy to clipboard operation
Finbuckle.MultiTenant copied to clipboard

Published 20 hours ago verified publisher icon Finbuckle

Best practices on multitenancy

Open dalton5 opened this issue 3 years ago • 5 comments

Hi,

I wonder how the multitenancy works when I am with the super admin that will manage the tenants.

How can I setup this part? The tenant info will be null?

Thanks

dalton5 avatar Oct 29 '22 21:10 dalton5

Hi, I've helped a few projects with this, but can tell me what sorts of activities specifically the super admin will do managing tenants? Also how are you currently doing authentication?

AndrewTriesToCode avatar Oct 30 '22 05:10 AndrewTriesToCode

My saas will provide some features to my users. But I would like to also have an admin to manage tenants, users globally and also add some other features that users can't access. I plan to use policies, etc ... But on a multitenantstandpint, should I create a tenant admin?

For example if I have: customer1.exemple.com, customer2.example.com my admin should be: admin.example.com?

Or may I use example.com/admin?

YesI am doing authentication.

What are the best practices?

Thanks,

dalton5 avatar Oct 30 '22 07:10 dalton5

This is useful article and code https://medium.com/@zahidcakici/multitenancy-and-finbukcle-in-net-f1d5e7e5f1bf

ZedZipDev avatar Dec 07 '22 18:12 ZedZipDev

That's a good article linked above. I'll add that a "root" or "super" admin is a common request and seems to work well. There isn't built in support for this, but it can be achieved by use of IgnoreQueryFilter in when using the dbcontext as the super tenant to return all results.

Some other thoughts:

  • It can be hard to convert from a shared database model to a per-tenant database model so consider this early on.
  • Will each tenant truly be isolated or will there be situations where data spans all tenants. For example will a single user belong to multiple tenants possibly? This adds a lot of complexity since it's a many-to-many model. If goes this route I recommend NOT trying to user MultiTenantIdentitDbContext since it is geared toward total isolation.
  • I recommend host or base path multitenant strategy. Just my preference. Host can be tough to work with in a dev environment but Firefox/Chrome will let you go to subdomain.localhost and this works pretty well. If using base path I recommend the option to adjust the ASP.NET Core path base as a part of tenant resolution.

AndrewTriesToCode avatar Dec 09 '22 03:12 AndrewTriesToCode