Authorization Challenges in a Multitenant System

Published by James Walker on September 09, 2022
image

This article is available first on The New Stack - read the full version here.

Multi-tenant applications allow several distinct groups of users to access a system. Most SaaS solutions use multi-tenancy so that multiple organizations can sign up. Each customer becomes a "tenant" in the system with their own set of user accounts.

While multi-tenancy is often the most effective way to build new software, it poses challenges around authorization and privacy. You need to maintain strong boundaries between your tenants so customers can't access each other's data. In many cases, it's also desirable for support teams to have the ability to override those guard rails so they can diagnose problems experienced by individual tenants.

In this article, you'll learn about the authorization problems that multi-tenancy creates. It's important to understand these before you start building your system, so you can anticipate potential weaknesses and build adequate protections to address them.

This article is available first on The New Stack - read the full version here.

Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team