Implementing multi-tenancy with multiple-connections

Hi,

A question about implementing multi tenancy with the multiple connections strategy.

When a user wants to login into my product, I ask him for a tenant name (e.g. acme).
Let’s say for simplicity that I create database connections that are named exactly like the tenant, so I go into the login flow with the database connection name acme.
After the user has authenticated in Auth0 is will return to my app with the id_token/access_token - however - these do not include the name of the connection used for authentication nor the tenant name.
How do I then know, from which tenant the user is?
Seems like that whole flow is completely broken.

Thanks,
Roy.

Hi Roy,

You can add information to the tokens in rules.

John

Hi @AdallomRoy,

one main question here is: can the user potentially be part of multiple tenants or not? If he can be part of multiple tenants, and you only want to give the user one account / set of credentials, for all tenants he has access to (SSO so to speak), then you can refer to one of the approaches mentioned here:

When a user wants to login into my product, I ask him for a tenant name (e.g. acme).

Do you ask this within your application, before doing the authorization request to Auth0? Are you asking this in the form of a text input field (like in the Slack example provided in the link above?)

If so, note that you can pass this information to Auth0 as a parameter in the authorization request. Search for upstream_param or extraParams here in the forum and you’ll find examples.

Thanks, we ended up using different client for different tenants, each of these clients with a different connection.
We also used rules & client metadata in order to send the tenant id in a signed manner in the JWT token.
This seems to be working well.
I do think that current documentation in the area of how to implement multi tenancy is lacking and is only high level without any examples - would definitely love to see that gets better.

Thanks for you answers they were very helpful!
Roy.

1 Like

Glad we were able to help!