https://community.appian.com/discussions/f/best-practices/19836/multi-tenancyWhat is the best practice for managing security in a multi-tenant application ? Should I create a user group per tenant, and stamp each record with a tenantedID, then apply application level filtering or perhaps there is a smarter way to avoid theen-USTelligent Community 12https://community.appian.com/thread/118579?ContentTypeID=1Sat, 02 Sep 2023 16:27:59 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:f0be9499-8d1e-4451-89bc-e3157d2a3e5cStefan Helzle<p>Agreed. But multi-tenancy can mean so many things ...</p><div style="clear:both;"></div>https://community.appian.com/thread/118578?ContentTypeID=1Sat, 02 Sep 2023 15:58:52 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:86d00ce3-4d74-462a-b5ee-9e352b230ee3Mathieu Drouin<p>No but it is a feature that was introduced since then that can make it easier to build a multi tenant application.</p><div style="clear:both;"></div>https://community.appian.com/thread/118575?ContentTypeID=1Sat, 02 Sep 2023 15:40:31 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:76f5068a-3738-468e-9b41-7864443581d8Stefan Helzle<p>That&#39;s not full multi tenancy.</p><div style="clear:both;"></div>https://community.appian.com/thread/118557?ContentTypeID=1Sat, 02 Sep 2023 11:22:26 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:7ac6af44-54fd-4117-9e4b-5eab25a2ee90Mathieu Drouin<p>What about Record Security?</p><div style="clear:both;"></div>https://community.appian.com/thread/118556?ContentTypeID=1Sat, 02 Sep 2023 10:01:38 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:75dc94e0-620c-4974-b17a-1784867a691cStefan Helzle<p>No progress here ...</p><div style="clear:both;"></div>https://community.appian.com/thread/118531?ContentTypeID=1Fri, 01 Sep 2023 15:09:31 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:05a3cc6b-0fb7-415f-9409-b9413a1927b7David Roberts<p>As this post is 2-3 years old, I was wondering if there has been any progress or updates wrt multi-tenancy options in Appian?</p><div style="clear:both;"></div>https://community.appian.com/thread/82483?ContentTypeID=1Thu, 10 Jun 2021 09:51:04 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:8ce37dc3-2f9d-4321-b2f1-b90a68c015e3Stefan Helzle<p>Hm ... in general you need to make sure that the tenant is is stored in all tables and used in all queries. Regardless of how data is queried. Same for stored procedures, views etc.</p> <p>This is an add-on to any kind of row-level access by user or group.</p><div style="clear:both;"></div>https://community.appian.com/thread/82482?ContentTypeID=1Thu, 10 Jun 2021 09:04:17 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:fea9b471-5f6d-4d06-9b0b-229a2a776e1dsiddharthg837<p>Hi Stefan - when you say all queries go through records, do you essentially mean all data query operations (QE, etc) go through records? Can you please quote a basic example around this. Also, another question I have how do you control the security when your data is coming from Stored Procedures?</p> <p>In nutshell, should we not have the &quot;row-level&quot; security on each record/ tuple in the database, and accordingly fetch the data set?</p> <p>2) When it comes to group-level user security - how are records associated with it? (I am assuming you are referring to Appian record object here?)</p><div style="clear:both;"></div>https://community.appian.com/thread/77538?ContentTypeID=1Sun, 01 Nov 2020 13:37:47 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:0c6d08d3-2822-466c-8b65-7d5716fb8c7aStefan Helzle<p>As there is no direct support for multi tenancy, I think the best way is to build completely record based and store the tenant level group id in the records. Then only use queryRecord to make sure all queries go through the record. To identify in which tenant group a user is, you can create a group type for the tenant groups and then use&nbsp;getgroupsoftypeforuser() from the <span>People Functions&nbsp;</span>plugin.</p><div style="clear:both;"></div>