Multi-Tenancy

What is the best practice for managing security in a multi-tenant application ? 

Should I create a user group per tenant, and  stamp each record with  a tenantedID, then apply application level filtering or perhaps there

is a smarter way to avoid the  application level filtering ?

  Discussion posts and replies are publicly visible

Parents
  • As there is no direct support for multi tenancy, I think the best way is to build completely record based and store the tenant level group id in the records. Then only use queryRecord to make sure all queries go through the record. To identify in which tenant group a user is, you can create a group type for the tenant groups and then use getgroupsoftypeforuser() from the People Functions plugin.

Reply
  • As there is no direct support for multi tenancy, I think the best way is to build completely record based and store the tenant level group id in the records. Then only use queryRecord to make sure all queries go through the record. To identify in which tenant group a user is, you can create a group type for the tenant groups and then use getgroupsoftypeforuser() from the People Functions plugin.

Children
  • Hi Stefan - when you say all queries go through records, do you essentially mean all data query operations (QE, etc) go through records? Can you please quote a basic example around this. Also, another question I have how do you control the security when your data is coming from Stored Procedures?

    In nutshell, should we not have the "row-level" security on each record/ tuple in the database, and accordingly fetch the data set?

    2) When it comes to group-level user security - how are records associated with it? (I am assuming you are referring to Appian record object here?)

  • 0
    Certified Lead Developer
    in reply to siddharthg837

    Hm ... in general you need to make sure that the tenant is is stored in all tables and used in all queries. Regardless of how data is queried. Same for stored procedures, views etc.

    This is an add-on to any kind of row-level access by user or group.