Multitenant application with subdomains

We are working on a Multitenant application where each tenant has its subdomain, the tenancy is managed by our application. One unique Database.

Current configuration:
• We have a table with userId, TenantId, User, pass. Despite that, each user must write the URL of the app including the subdomain, and then log in with the user and pass in that tenant.
• We have a table for each userID with roles and permissions. Each tenant decides what level of access that user has in the form of roles and permissions

We want to have unique users that should be able to enter credentials (Social Media or user/pass) and then choose which tenant to enter. In some way SSO for our tenants.

I was wondering if the next configuration and flow would look good as the solution:

  • Tenants for each instance: dev, staging, prod
  • App: only one app,
  • Connections: one database (importing legacy) + social media

Flow:

  1. Universal Login: The user must enter credentials: email, pass, or Social Media credentials
  2. Log in to Auth0
  3. retrieve available Tenant list
  4. Select tenant and then redirect to respective subdomain"

Some extra doubts:

  • should we store tenant information in app_metadata instead of using an API in our App to check available tenants for the user?
  • If so, Should we maintain the app_metadata updated from our application?
  • Should we still create users in our application to manage their roles and permissions?

Thanks in advance

1 Like