Multi-tenant app? HELP


I own a super niche staffing firm and we are trying to build a more custom experience for clients. I started with the HR template, which got me about 60% of the way there.

I know I can add private users, but what if there are private users 1) from different companies and 2) that should see different data (candidates, jobs, etc)?

TIA for any help!

You should use Roles to securely partition the data between tenants. The company name can be used as the Role.

1 Like

Hi :raising_hand_man: @solmon just wanted to welcome you to the community.

If you want to know more about roles this is worth a read

Wishing you well with your app

Is this solution applicable to public apps? I badly need multitenancy. But articles I found only talk about private apps.

Public apps won’t have the level of security a roles set up has. I have been in this position before and can confirm.

1 Like

That means if your app is public there is absolutely ZERO multitenancy possibility?
Worst case, user would select the tenant during registration. But I was hoping maybe different URLs could be used to differentiate the tenants.

To be more clear about this, you can still use a public with email to filter different tenants but your data can still be accessed.

To make it more secure, row owners can be turned on. The most secured is roles.

Say Paul and Jane register in the app by providing their emails. I do not know these email address beforehand. So how do I know what tenant each of them is from without asking them to type in or select the name of their tenants?

They should probably type in their name. And I’d use another 1-3 pieces of information to verify the lookup, so someone can’t just sign in as someone else.

Yes, you will still have to let them select a tenant. What level of security do you want for your data, can you clarify more?

First off I want to get it working. Security is really moot if the functionality isn’t there. Having the user select a tenant is not really user friendly. I would rather avoid that. Particularly because it exposes the name of all tenants to everybody. Second, it can get really cumbersome if we go beyond a handful of tenants.

So I expect you to have an existing dataset that would match the user with their respective tenant?

Sorry. There is no existing dataset. The way I was expecting this to work is that each tenant has a domain name. So we would have many domain names pointing to the same app. And depending on what URL customers use to access the app, one would know which tenant they belong to.

Yes, we can make that work with a formula to extract the “tenant name” out of the email address.

For example will have a Tenant A value.