Multiple tenants/customers - Best Practise

After digging thru documentation, stillI a bit confused and I would like to ask you about the best practice / recommended way to setup Auth0 with our customers and apps. Our scenario: We have web app that we install per customer and would like to use Auth0 to protect the app and store customer’s app users. Different customer’s users should be isolated. We would like to use ‘Developer’ or ‘Develeper Pro’ subscription. Customers should have a ‘user admin’ that should be able to manage their users & roles (create, delete etc) BUT should not be able to see or do anything else. What is the best practice to achieve such a setup?

Hi @royl,

Welcome to the Community!

You will most likely want a separate connection for each customer. This will act as the separation for each customer’s users.

You should be able to set this up with the delegated admin extension. You can create an admin that can only access the users from their connection. You can also limit their access to only user management (i.e. they can’t change application settings, connection settings, etc.).

Hi @dan.woda, and thank you for the response. So this Delegated Admin Extension is available for ‘Developer’ and ‘Developer Pro’ subscriptions right? Is there any known deprecation plans regarding DAE or is it future proof for years to come. Cheers!

The extension is available for those tiers, yes. The extension is an enterprise feature at this time. The main issue I could see you running into are the entity limits for connections.

As for deprecation plans, there is no planned date for this feature to be deprecated. Although, as an extension, it is possible the features would be rolled into the core product at some point (like I said, there is no planned date for this, but just a possibility).

Good to know! My last question: I looked at the pricing Pricing - Auth0 and if you look at the ‘User Management’ section and ‘Delegated Admin’ feature, it is ticked to be available only for Enterprise subscription… Why is that if it is supposed to be available for ‘Developer’ and ‘Developer Pro’ subscriptions also?

My apologies. You are correct, it looks like it is an enterprise only feature. I’ll edit my post to reflect that.

Trying out things with Free-plan. I was able to setup and configure this DAE Delegated Administration Extension v3. How is this possible?

If you will please DM me your tenant name I will look into it.