Per-installation segregation

santi · January 26, 2018, 4:02am

Hi, our current B2B application architecture has a model where every customer gets a single-tenant hosted installation of our service:

We create dedicated subdomains for each user organization (e.g. https://auth0.blameless.io)
We have domain-based rules that allow users to create accounts on their own apps (@blameless.io emails can automatically sign into blameless.blameless.io)
We prevent free account creations and don’t have a flow beyond a paid installations
Each installation has its own service interacting with auth0 and could provide different credentials

I was wondering based on this setup, how can we segregate the rules on a per-installation basis, how do we isolate the access that each installation gets and still manage to use a single auth0 setup for easier management.

Thanks!

lobo · January 31, 2018, 12:37am

Hi @santi, just checking this now.
Not sure if this is too obvious, but would checking the client_id on each rule help for this scenario? you’d have to check for certain client_id on the rules that you’ll be using and then that rule will be triggered (or not) for that specific client.

If that does not work/help, please let me know, expand the case a little bit more, and I’ll try to help you out with another solution.

Topic		Replies	Views
Managing Multiple Clients Help multiple-domains , multiple-clients	2	6821	March 2, 2018
Multitenant App with Multiple Sub Domains Help multiple-accounts , multi-tenant , multiple-clients	3	8044	March 2, 2018
Clients and Users separation Help users , clients	4	3883	March 2, 2018
Partial SSO on selected clients Help sso , custom-domain	3	3303	September 5, 2019
Segregate users per client Help clients	7	4561	March 2, 2018

Per-installation segregation

Related Topics