I plan on developing a multi-tenant server application with the following architecture:
- Authentication takes place system-wide (meaning the same user accounts are available in all tenants)
- Users can dynamically create new tenants at runtime.
- Each tenant has its own roles and users assigned to these (i.e., User A can have an administrator role in tenant X, a guest role in tenant Y, and no role in tenant Z). Permissions within tenants are granted based on these roles.
- There also exist system-wide roles (e.g., an administrator who can take ownership of any tenant, an editor who can create new tenants, or a basic user who can only be added to existing tenants).
I already looked into the official docs as well as into this and this article. All of the solutions presented there require the tenants to be fixed at compile time which in my specific case is not possible.
I would assume that a reasonable implementation of the wanted architecture uses a single database with a system-wide tenant table, and a foreign key to the tenant table in each tenant-specific table. Furthermore, a middleware determining the correct tenant from the request (e.g., from the subdomain or a fragment of the path) could produce a tenant-specific DbContext instance which automatically sets or filters by the teanant key in each database interaction.
Does it make sense to implement an application with such an architecture in asp.net? If so, can you recommend any literature on how to do this? If not, can you recommend any alternatives that are more suitable for achieving such an architecture?
Thank you very much!