Saas Multitenancy with subdomain

Help
, ,
1

We have a Multi-tenant application where each tenant has its own subdomain (customer1.myapp.com), the tenancy and login are managed by our application with spring security. One unique Database.

Current configuration:
• We have a table with userId, TenantId, User, pass. Despite that, each user must write the URL of the app including the subdomain, and then log in with the user and pass in that tenant.
So one user could be part of more than one tenant we don’t have a unique username or unique email.

I was wondering how is the best approach to use auht0 with universal login using the URL subdomain as information for the login and then show the universal form asking for user and password.

Example:

  1. User enters to customer1.myapp.com
  2. Auth0 took the customer1 as information for the login process (I imagine that the tenant info could be a user_metadata)
  3. Auth0 shows the Universal Login where the user must enter credentials: email, pass, or Social Media credentials
  4. Auth0 logs the user to the tenant: customer1, and redirects the user logged to customer1.myapp.com

Could please give me some advice about this approach? I don’t know if this is possible.

2

Hi there @gteibo1! I apologize for the super delayed response here but am combing through our backlog and wanted to follow up on this, and welcome you to the community :smile:

While this may be better suited for professional services, I wanted to at least see where you ended up and be sure to share our relevant multi-tenant documentation:

Multi-Tenant Applications Best Practices

The following blog post (albeit a few years old) may prove useful as well:

In particular:

In some cases, multi-tenant applications can use a separate URL either as a subdomain or as a path configured for a tenant. For example a multi-tenant application might use URLs in the form of: https://{customer}.product0.com or https://www.product0.com/{customer} . When a user arrives at your application with the vanity URL, you can pick up that tenant value and pass it as the login_hint in the authorize request. The login_hint can then be used drive tenant logic within the universal login page and rules engine. This could also be achieved using the connection parameter if a tenant is only using one connection.

3

One way to achieve this is by leveraging a Laravel package called “Tenancy for Laravel” (https://tenancyforlaravel.com/). This package provides features to enable multi-tenancy in your Laravel application, which aligns well with your multi-tenancy and allowing subdomains.

Here’s a high-level outline of how you can integrate Auth0 with Tenancy for Laravel:

  1. Install Tenancy for Laravel: Start by installing the Tenancy for Laravel package via Composer. Follow the installation instructions provided in the package documentation.
  2. Configure Multi-Tenancy: Set up the configuration for multi-tenancy in your Laravel application using Tenancy for Laravel. This typically involves defining tenant databases, managing tenant subdomains, and ensuring tenant-specific data isolation.
  3. Set up Auth0: Create an account on Auth0 and set up your application. You’ll need to configure your Auth0 tenant settings, including Universal Login, client settings, and callback URLs.

At Bytephase Repair Shop Software, we’ve executed a similar implementation where we assign each customer a unique subdomain and an independent database.

More on challenges we faced Subdomain for Customers: Benefits & Challenges | Bytephase