Complex Multi Tenant Access Patterns

I’m currently trying to evaluate whether or not Auth0 supports some of our complex use cases and was hoping to find some answers here. I work for a software company currently considering Auth0 as a possible AuthN/AuthZ provider, we’re satisfied that the AuthN side of things is exceptionally well catered for already but our use case for AuthZ is more complicated than any examples I can find in the docs and since I’m not perfectly familiar with how everything works I thought it best to ask for a hand before diving into implementation.

So we run a multi-tenant platform with some basic tenant relationships built in (e.g. tenant A may be a parent of Tenant B). We would like to support the following use cases for granting access to specific resources/tenants:

  • User A has full access to all tenants (super admin)
  • User B has full access to Tenant 1, Tenant 2 and tenant 3
  • User C has limited access to Tenant 1 and Tenant 2
  • User D has full access to tenant 1 and limited access to Tenant 2

All user access will be controlled by authorising requests to internal API endpoints which will have the full context of what the user is requesting and which tenant they are requesting it for.
My question basically boils down to is auth0 able to support each of the use cases laid out above and if so how would I go about configuring Auth0 to support these use cases.

Writing custom code is not a problem but we’re aiming to minimise the amount of custom code we have to write in order to minimise the time it takes to integrate a provider.

Thanks in advance,
Richard

Hi Richard,

Auth0 can support these scenarios, but the devil is in the details (as always).

Are you working with our Sales team? That would be a good place to start - they will dive in to your use case and work out the detail with you.

John

Hi John,

Thanks for the reply.
I’ve already had a call with a member of the sales team and they were able to answer some of my questions but directed me here for the more complicated ones which they were unable to answer.

It would be great to get a little bit of time with someone on the technical side to discuss the specifics of how to configure and implement these use cases within Auth0, I’m aiming to have a working POC so we can more accurately estimate the total cost of ownership of Auth0 vs other providers vs an in house auth solution.

Thanks,
Richard

Hi @richard.newman

I sent you a DM.

John

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.