Can two tenants share the same API?

We have two different sets of users.

End users that has our hardware installed in their homes and also partners, who do the actual installation of the hardware. In my mind they should use different apps and I don’t see them ever logging in to the other app. So my thinking is that they should live in different tenants. I guess another option is to use roles, but not sure if that makes sense here.

I think they will use different API’s, but there might be some overlap where they call the same API. The installers can sort of be seen as the “parent” of the end user, where they might want to monitor some parts of the user data. Are there any recommendations on this type of setup? Can I simply pick the issuer out of the token and validate the token against the issuer domain?

Hi @durre1,

Welcome to the Auth0 Community and apologies for the delay.

IMO, this sounds like a decent candidate for roles/RBAC, particularly if there is some permissions overlap. It sounds like your partners act as an admin in certain circumstances, which is a fairly common use case for RBAC.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.