Hello, I am building a multi-tenancy application. We make a platform where merchants can create their own websites and have their own users. We have encountered the challenge that if User A has a user for both Tenant A and B and wants to change their password it will change for login both on Tenant A and B. We are wondering if we should move on to a system where we use Supabase Auth, but store emails like sha256(tenantId+email)@customer.internal and if that causes any problem with Supabase Auth?
We are already using custom auth emails using the auth hook.
Kristian6900 is building a multi-tenancy application where users can belong to multiple tenants. They face a challenge with password changes affecting all tenants for a user. They are considering using Supabase Auth with a custom email format to address this issue. Another user, nexorsist, suggests using separate Supabase instances per tenant to avoid data mixing, but Kristian finds this approach cumbersome.
Feel like having their password change on all the tenants is the better behaviour. But I also think it isn't great to mix tenants data together in one giant database. It would probably be better to fire up a new Supabase instance per tenant and price that into your service
If your one has a problem or gets compromised you are going to have massive problems
a new supabase instance per tenant is a bigger headache. My impression is that most SaaS solutions that require multi-tenancy uses one database