I’m building proof of concept for my company using auth0. I need to implement multi-tenancy and am considering doing this as below;
The approach I am taking is to put the tenant information in the users meta data. The reason for doing this is;
- We don’t need different domains or to manage authentication differently for different tenants (so don’t need multiple applications or tenants)
- Simplicity and Expediency for the PoC
- We will consider a connection per tenant in the future but wanted the simplest approach for the PoC
The flow we are looking to build is for the first user to sign in to then be able to invite people from within our application.
Firstly, I was wondering if there were any example of this.
Second, failing that I am investigating using the authentication rules within auth0 to create/update the tenant information in the user profile simply by storing the users email domain in a tenant property.
I was wondering if anyone has done this, has examples or if this is not an appropriate use of the rules?
third, I can’t work out how to stop someone signing up with the same domain (i.e. people from the same company).
If the rules run during the signup process then I could do that wit rules again but am unsure about this.