Hi, our current B2B application architecture has a model where every customer gets a single-tenant hosted installation of our service:
- We create dedicated subdomains for each user organization (e.g. https://auth0.blameless.io)
- We have domain-based rules that allow users to create accounts on their own apps (@blameless.io emails can automatically sign into blameless.blameless.io)
- We prevent free account creations and don’t have a flow beyond a paid installations
- Each installation has its own service interacting with auth0 and could provide different credentials
I was wondering based on this setup, how can we segregate the rules on a per-installation basis, how do we isolate the access that each installation gets and still manage to use a single auth0 setup for easier management.