Multiple db connections for one app

jzim · August 19, 2021, 8:00pm

Hello!

Which SDK this is regarding: auth0-spa-js

I have a question about the best way to use 2 db connections for a single SPA. I’ve read through Multiple db connections for a single app but my use case is a little different. Using multiple databases for an application - #3 by c.vanderberg is closer but old, and using a single db/roles as it suggests would be a big change for our org.

My company maintains multiple instances of our app for multiple clients. In our auth0 infrastructure, each client’s instance corresponds to an individual application, db connection, and api. Each db is used for a separate pool of users so that a user for clientA can’t access clientB’s instance of the app.

Historically this has meant that any time we gain a new client and set up their app instance, we create a ‘superadmin’ reserved for our org’s use in their db. As we continue to gain clients, this model requires more work to maintain. Instead I would like to set up a db connection to hold our org’s users. This db would be connected to every client instance/application and would permit our org’s users to access every client’s instance. When I first began using auth0 this was the way I assumed db connections would work, but setting up the db in this way seems to prevent users from our org’s db from logging in - the Universal Login widget returns a ‘wrong email or pw’ error.

I’ve worked around this by customizing the login page via the auth0 dashboard and adding a connectionResolver as explained here. This permits our users from our db to login as well as client users from their instance’s db. It nicely fits our use case since our usernames will all be associated with a single domain.

My question is, is this the best way to implement what I’m trying to do? I’ve read about rules, hooks and actions and none of them seem to fit our case as obviously as the connectionResolver does. However, most of the references I’ve seen to connectionResolver are in older topics so I want to make sure I’m not using an outdated solution.

Thanks for any feedback you can provide!
JZ

john.gateley · August 24, 2021, 12:43pm

Hi @jzim

The connection resolver is a good approach.
You can also explicitly specify the connection in the call to /authorize so your internal employees would specify the internal DB, and your clients would each specify their own DB. This approach has the drawback that you can only specify a single connection with that parameter, so if you want to use a DB OR a SAML connection, for example, it doesn’t work.

John

konrad.sopala · August 24, 2021, 12:57pm

Thanks for helping on this one John!

jzim · August 24, 2021, 6:29pm

Thanks @john.gateley! Glad to know I’m thinking about this correctly. I implemented the resolver today and so far it’s been seamless.

konrad.sopala · August 25, 2021, 12:14pm

Wohoooo! Glad to hear that!

system · September 9, 2021, 12:15pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.