At Alembic, we recently worked with a client who needed a multi-tenant SaaS platform built with Phoenix and Ash Framework. Their requirements posed several interesting technical challenges:
- The application needed to serve multiple customer organisations (tenants) from a single instance
- Each organisation required its own branded subdomain:
<org_slug>.example.com.- Users could belong to multiple organisations and needed to switch between them easily
- Switching between organisations shouldn't require re-authentication
While multi-tenancy can be implemented in various ways, we determined that a subdomain-per-tenant approach and schema-per-tenant database design would provide the best user experience and clearest separation for our clientsβ needs.
However, this approach introduced several technical hurdles that aren't immediately obvious when building Phoenix applications. In this post, we'll share our implementation strategy, focusing on four key aspects:
- Database setup with tables in the public schema and per-tenant schemas
- Configuring authentication cookies to work across subdomains
- Setting up Content Security Policy (CSP) for proper subdomain navigation
- Implementing tenant resolution and user membership verification
The solution we developed provides a seamless experience for users while maintaining proper security boundaries. We hope this implementation guide helps other Elixir developers facing similar client requirements.
continue reading on alembic.com.au
β οΈ This post links to an external website. β οΈ
If this post was enjoyable or useful for you, please share it! If you have comments, questions, or feedback, you can email my personal email. To get new posts, subscribe use the RSS feed.