Multi tenant SAAS scenario

How do you architect a scalable multi-tenant SaaS platform?

Architecting a scalable multi-tenant SaaS platform involves making design decisions that balance tenant isolation, scalability, security, cost-efficiency, and operational manageability. Here's a detailed breakdown across key architectural dimensions:

🔷 1. Core Design Considerations

🔷 2. High-Level Architecture Diagram (Textual View)

markdown

┌─────────────┐ ┌────────────────────────┐

│ Load Balancer│───▶│ API Gateway │

└─────────────┘ └───────┬────────────────┘

│

┌────────────────────────┼────────────────────────┐

▼ ▼ ▼

┌────────┐ ┌────────────┐ ┌────────────┐

│ Auth │ │ Tenant Mgr │ │ Config Mgr │

└────────┘ └────────────┘ └────────────┘

┌────────────────────────────────────────┐

│ Microservices (Domain-wise) │

│ e.g., User, Billing, Notification, etc.│

└────────────────────────────────────────┘

▼ ▼ ▼

┌────────────┐ ┌────────┐ ┌────────┐

│ DB Shards │ │ Redis │ │ Kafka │

└────────────┘ └────────┘ └────────┘

Observability: ELK | Prometheus | Grafana | Tracing

CI/CD: GitHub Actions / Azure DevOps / Jenkins

Platform: Kubernetes + Service Mesh (e.g., Istio)

🔷 3. Key Architecture Components

✅ 1. API Gateway

• Performs routing, authentication, rate limiting

• Tenant ID inferred from:

  • Subdomain (e.g., tenant1.app.com)

  • Custom headers / JWT claims

✅ 2. Authentication & Authorization

• Identity Provider (IdP) with OAuth2/OIDC (e.g., Auth0, Azure AD)

• Multi-tenant RBAC/ABAC at tenant and user levels

✅ 3. Tenant Management Service

• Manages tenant lifecycle: provisioning, onboarding, billing plan, metadata

• Stores tenant configs in DB or centralized config store (e.g., Consul)

✅ 4. Data Isolation Strategies

✅ 5. Configuration Management

• Centralized dynamic configuration per tenant

• Feature flags per tenant (e.g., LaunchDarkly)

✅ 6. CI/CD

• GitOps with tenant-aware deployment pipelines

• Canary or blue/green deployments

🔷 4. Scalability & Performance

• Stateless microservices with Kubernetes (AKS/EKS/GKE)

• Horizontal Pod Autoscaler (HPA) & Cluster Autoscaler

• Redis / Memcached for caching frequently used tenant-specific data

• Kafka/NATS for asynchronous processing

🔷 5. Security

• Network Security: VPC isolation, NSGs, API Gateway policies

• Data Security:

  • Tenant-aware encryption at rest and in transit

  • Row-level security (RLS) or separate key per tenant

• App Security:

  • Secure SDLC practices, automated scans, WAF

🔷 6. Monitoring & Observability

• Logs indexed with tenant_id using ELK or Loki

• Dashboards per tenant using Grafana

• Distributed tracing with tenant context

• Alerting per tenant SLA thresholds

🔷 7. Billing & Metering (Optional)

• Usage metering per tenant (API calls, DB storage, active users)

• Integration with billing platforms (Stripe, Razorpay)

🔷 8. Disaster Recovery & High Availability

• Regional HA with load balancers & geo-replication

• Backups per tenant (retention based on plan)

• DR drills automated via Terraform/Ansible scripts

🔷 9. Tenant Onboarding Flow

mermaid

sequenceDiagram

Customer ->> SaaS Portal: Sign Up

SaaS Portal ->> Tenant Mgr: Provision Tenant

Tenant Mgr ->> Config Store: Add Tenant Config

Tenant Mgr ->> DB: Create Schema or DB

Tenant Mgr ->> Email Service: Send Welcome Email

what is SMBs

:

SMBs stands for Small and Medium-sized Businesses.

These are companies that typically have:

• Small to moderate revenue

• Limited IT resources

• Smaller customer base or user volume compared to large enterprises

• 
  

Why is this important in SaaS architecture?

In multi-tenant SaaS platforms:

• SMBs are more likely to accept shared infrastructure (e.g., shared database with tenant ID column) to reduce cost.

• They usually have lower security/isolation demands than enterprises.

• They often prefer plug-and-play features with minimal customization.

So, if you're targeting SMBs, the architecture should prioritize:

• Cost-efficiency

• Faster onboarding

• Simple tenant isolation

• Scalable shared resources

In contrast, enterprises often demand:

• High data isolation

• Custom integrations

• Compliance (like GDPR, HIPAA, etc.)

Emphasize trade-offs between isolation, cost, and complexity

Certainly. In a multi-tenant SaaS architecture, choosing the right level of tenant isolation is a critical decision that involves trade-offs between isolation, cost, and complexity. Here’s a detailed explanation with a comparison table and examples:

🔄 Trade-offs: Isolation vs Cost vs Complexity

🔷 1. Shared Database (Single Schema)

Isolation: Minimal (tenants share tables, separated by a tenant_id column)Cost: Very low (common compute/storage)Complexity: Minimal (one schema to maintain)✅ Best For: SMBs, MVPs, low-security environments❌ Risk: One bug or bad query can leak data between tenants

🔷 2. Shared Database, Separate Schemas

Isolation: Better than shared schema, each tenant has own schemaCost: Medium (same DB instance, more schema management)Complexity: Moderate (versioning, migrations, data lifecycle)✅ Best For: Mid-size tenants, balance of cost and security❌ Risk: Still some shared resources (I/O, CPU), can't fully isolate noisy tenants

🔷 3. Dedicated Database per Tenant

Isolation: Strong (data-level and sometimes performance isolation)Cost: Higher (storage, backups, connections)Complexity: High (automation of provisioning, updates, backups)✅ Best For: Enterprise clients, compliance-heavy sectors (banking, healthcare)❌ Trade-off: Cost increases with tenant scale; complex DB lifecycle management

🔷 4. Dedicated Infrastructure per Tenant

Isolation: Complete (compute, data, and networking isolation)Cost: Very high (infra replicated for each tenant)Complexity: Very high (devops, CI/CD, monitoring per tenant)✅ Best For: Strategic/regulated clients with strict SLAs, tenant-specific customization❌ Trade-off: Not scalable for 100s or 1000s of tenants

🎯 How to Choose?

💡 Hybrid Strategy (Best of Both)

Many modern SaaS platforms use a hybrid approach:

• SMBs on shared schema or shared schema-per-tenant

• Enterprises on dedicated DB or even dedicated instances

• Feature flags/configs used to enable/disable premium features

📌 Summary

The goal is to optimize for your target market, allowing scalability for small tenants and compliance/customization for larger ones.

How do you manage tenant isolation in shared infrastructure

Managing tenant isolation in shared infrastructure is one of the most critical and challenging aspects of building a multi-tenant SaaS platform, especially when you're aiming to balance cost efficiency, security, and operational simplicity.

Here’s how to effectively manage tenant isolation while using shared infrastructure:

🔐 1. Data Isolation

a. Logical Isolation

• Use a tenant_id column in every multi-tenant table.

• Enforce isolation at the data access layer (DAL) or through ORM-level filters.

  • Example: Hibernate filters, Spring Data JPA multi-tenancy support

• Apply Row-Level Security (RLS) in the database (e.g., PostgreSQL).

b. Schema-per-Tenant (Optional)

• Still uses shared DB, but each tenant gets its own schema.

• Allows different indexes, constraints per tenant.

• Better for performance isolation than pure shared schema.

🔐 2. Authentication & Authorization

• Use JWT tokens or OAuth2 with tenant_id claim embedded.

• Validate tenant_id on each request against the token/user context.

• Implement tenant-aware RBAC/ABAC:

  • Restrict data and actions based on roles within a tenant (e.g., Admin, Viewer)

🔐 3. Application-Level Isolation

a. Tenant Context Propagation

• Extract tenant_id from subdomain, header, or token.

• Use a thread-local or context-aware mechanism (e.g., RequestContextHolder in Spring) to pass tenant_id to services and repositories.

b. Service Configuration Isolation

• Store per-tenant configuration (e.g., feature flags, branding, limits) in a config store like Consul, Redis, or a centralized config DB.

• Dynamically load config on each request or cache it with TTL.

🔐 4. Resource Quotas & Limits

• Implement rate limiting and quotas per tenant:

  • API Gateway or service mesh policies (e.g., Istio, Kong, Azure API Management)

  • Prevent noisy neighbors from affecting others

• Limit DB usage:

  • Query limits, CPU quotas, memory thresholds

  • Use read replicas to offload reporting

🔐 5. Logging, Monitoring, and Auditing

• Tag all logs, metrics, and traces with tenant_id.

• Centralized log management: ELK, Loki, or Azure Monitor

• Enable per-tenant dashboards and alerts (Grafana, Datadog)

🔐 6. Feature Isolation

• Use feature flags per tenant (e.g., LaunchDarkly, Unleash)

• Allows gradual rollout, A/B testing, or premium-only features

🔐 7. Deployment and Code Isolation

• Even in shared infra, maintain tenant-aware CI/CD:

  • Feature toggles, config overrides, or tenant-specific builds if needed

• Use canary releases or blue/green deployments to limit risk by tenant segment

🔐 8. Security Isolation

• Encrypt data at rest and in transit.

• Use tenant-specific encryption keys (e.g., AWS KMS, Azure Key Vault)

• Validate request source to ensure requests can't be spoofed across tenants.

🔐 9. Tenant Onboarding Automation

• Automate:

  • Schema creation

  • Config generation

  • Role provisioning

• Use Infrastructure as Code (Terraform, Helm) to deploy per-tenant resources where needed

🔄 Example: Tenant-Aware Middleware in Spring Boot

java

CopyEdit

public class TenantInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) { String tenantId = request.getHeader("X-Tenant-ID"); TenantContext.setCurrentTenant(tenantId); return true; } }

🧠 Summary Table

Do we mentain gitnub repo per servoce per tenant in multi tenant saas

In a multi-tenant SaaS architecture, you generally do NOT maintain a separate GitHub repository per service per tenant — that would be unscalable and operationally inefficient. Here's how it’s typically handled, along with when exceptions might apply:

✅ Best Practice: Single Codebase, Multi-Tenant Aware

✔️ One GitHub repo per microservice

• All tenants share the same service logic

• Tenant-specific behavior is handled through:

  • Configuration

  • Feature flags

  • Tenant-specific overrides (in DB, config store, or conditional logic)

✔️ Benefits:

• Easier maintenance and updates

• Single CI/CD pipeline

• Faster onboarding of new tenants

• Lower operational complexity

🔧 How to Handle Tenant-Specific Needs

❗ When You Might Need Separate Repos

These are edge cases, typically for enterprise or premium tenants:

Even then, you would:

• Use a private fork from the main repo (not a totally separate repo from scratch)

• Automate sync from the upstream codebase

• Clearly document deltas

🔄 Recommended GitHub Repo Strategy

plaintext

microservices/

├── user-service/

│ ├── src/

│ ├── config/

│ └── Dockerfile

├── payment-service/

│ ├── src/

│ ├── config/

│ └── Dockerfile

├── onboarding-service/

│ ├── src/

│ ├── config/

│ └── Dockerfile

Config per tenant stored in separate folders or in external config store (like Spring Cloud Config, S3, etc.)

configs/

├── tenantA/

│ └── application-tenantA.yml

├── tenantB/

│ └── application-tenantB.yml

🧠 Summary

Here's a text version flow showing how GitHub repos, tenant logic, and configuration work together in a CI/CD pipeline for a multi-tenant SaaS platform:

✅ 1. Code Repository (GitHub)

• Structure:

  plaintext

  github.com/org/

  ├── user-service/

  ├── payment-service/

  ├── notification-service/

  └── onboarding-service/

• Each microservice repo contains:

  • Shared logic for all tenants

  • Tenant-aware code paths (conditioned by tenant ID)

  • External config integration logic (to fetch per-tenant config)

✅ 2. Configuration Repository / Store

• GitOps or external config store (e.g., Spring Cloud Config, S3, Vault, Consul)

• Structure:

  plaintext

  configs/

  ├── tenantA/

  │ └── application-tenantA.yml

  ├── tenantB/

  │ └── application-tenantB.yml

  └── tenantC/

  └── application-tenantC.yml

• Each file includes:

  • Rate limits, quotas

  • Branding, localization

  • Feature flags

  • External integration endpoints

✅ 3. CI Pipeline (Triggered by GitHub Commits)

• Tools: GitHub Actions / Jenkins / Azure DevOps / CircleCI

plaintext

[Push to GitHub Repo] ──▶ [Run CI Pipeline]

├── Run tests

├── Build Docker image

└── Push to container registry

• Shared image for all tenants with logic to fetch per-tenant config at runtime

✅ 4. CD Pipeline (Triggered After CI or on Config Change)

• Tools: ArgoCD / Spinnaker / Azure DevOps / Helm

plaintext

CopyEdit

[New Docker Image or Config Change] ──▶ [CD Pipeline]

├── Pull tenant-specific config

├── Template Helm/Kustomize manifests

├── Deploy to AKS/EKS/GKE clusters

└── Route to correct tenant subdomain Route to correct tenant subdomain

✅ 5. Runtime Behavior (Tenant Request)

1. Request comes in via:

   https://tenantA.myapp.com/api/user

   
   

2. API Gateway parses tenant ID from:

   • Subdomain (tenantA)

   • Header (X-Tenant-ID)

   • Auth token (tenant_id claim)

3. Service logic does:

   • Load config for tenantA (from external config store)

   • Enable/disable features

   • Enforce rate limits, roles

   • Execute tenant-specific logic if needed

✅ 6. Monitoring and Observability

• Logs, traces, and metrics tagged with tenant_id

• Dashboards show:

  • Per-tenant API usage

  • Error rates

  • Resource consumption

🧠 Summary Flow

[GitHub Repo (shared logic)]

│

▼

[CI Pipeline → Docker Image]

│

▼

[CD Pipeline → Per-tenant Config Applied]

│

▼

[Runtime: Tenant Request Handling]

│

├── Identify tenant from request

├── Load tenant config

├── Apply business rules, flags

└── Execute logic securely in shared infra

✅ What Is Tenant-Specific Deployment?

Tenant-specific deployment means tailoring part of the deployment lifecycle (configs, resources, or even code behavior) based on individual tenants, even though most of the platform is shared.

🔧 When to Use Tenant-Specific Deployment?

🏗️ Deployment Models

🚀 Tenant-Specific Deployment Flow (Kubernetes + Helm)

Folder Structure:

plaintext

tenant-deployments/

├── tenantA/

│ └── values-tenantA.yaml

├── tenantB/

│ └── values-tenantB.yaml

└── helm-chart/

├── templates/

└── Chart.yaml

Sample values-tenantA.yaml

yaml

CopyEdit

tenantId: tenantA

replicaCount: 2

resources:

limits:

cpu: "500m"

memory: "512Mi"

featureFlags:

newDashboard: true

branding:

logoUrl: "https://cdn.tenantA.com/logo.png"

env:

EXTERNAL_API_URL: "https://api.tenantA.com"

Helm Deployment Command

bash

helm upgrade --install tenant-a-user-svc ./helm-chart \

-f ./tenant-deployments/tenantA/values-tenantA.yaml \

--namespace tenant-a

🔐 Injecting Tenant-Specific Secrets

Use Kubernetes secrets or external secret managers:

Option 1: Kubernetes Secret

yaml

apiVersion: v1

kind: Secret

metadata:

name: tenant-a-secret

namespace: tenant-a

type: Opaque

data:

db-password: <base64-encoded-password>

Option 2: External (e.g., Azure Key Vault, HashiCorp Vault)

• Use CSI Driver or Vault Agent Injector to mount secrets dynamically.

⚙️ Automating with CI/CD (GitHub Actions / Azure DevOps / ArgoCD)

Example GitHub Actions Matrix Deploy:

yaml

jobs:

deploy:

strategy:

matrix:

tenant: [tenantA, tenantB, tenantC]

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@v2

- name: Deploy Helm Chart

run: |

helm upgrade --install ${{ matrix.tenant }}-svc ./helm-chart \

-f ./tenant-deployments/${{ matrix.tenant }}/values-${{ matrix.tenant }}.yaml \

--namespace ${{ matrix.tenant }}

📊 Observability and Tenant Isolation

• Namespace: Logical isolation of metrics, logs

• Service Mesh: Rate limits, retries, mTLS per tenant

• Prometheus/Grafana: Dashboards per namespace or tenant_id label

• Alerting: Per-tenant thresholds (e.g., error rate, API latency)

🧠 Summary

What approach would you use for feature flagging in a multi-tenant platform?

For feature flagging in a multi-tenant SaaS platform, you need a strategy that enables:

• Granular control (per tenant, per user, per segment)

• Safe rollout (canary releases, A/B testing)

• Dynamic toggling (without redeployments)

• Auditability & traceability (for compliance, debugging)

  
  

✅ Recommended Approach: External Feature Flag Management

🏗️ Architecture Overview

lua

+-------------------+

| SaaS Application |

+-------------------+

|

v

[ tenant_id | user_id ]

|

v

+--------------------------+

| Feature Flag Service API |

+--------------------------+

|

v

Evaluates flags via rules:

- tenant_id == "icici"

- plan == "premium"

- region == "EU"

🛠️ Options for Feature Flag Platforms

🎛️ How to Define and Use Flags

Example: Flag Definition

json

CopyEdit

{ "flagKey": "new-dashboard", "enabled": true, "rules": [ { "condition": "tenant_id == 'tenantA'", "enabled": true }, { "condition": "plan == 'enterprise'", "enabled": true } ] }

In Code (Pseudocode):

java

CopyEdit

if (featureFlagService.isEnabled("new-dashboard", tenantId, userId)) { showNewDashboard(); } else { showLegacyDashboard(); }

🚀 Feature Rollout Strategies

🔐 Multi-Tenant Considerations

⚙️ Deployment & CI/CD Integration

• Keep flag logic outside the code deployments

• CI/CD can tag or label flags during a release

• Use feature flags for blue/green, A/B testing, and rollback

🧠 Summary

How do you ensure tenant-aware authentication and authorization?

Ensuring tenant-aware authentication and authorization in a multi-tenant SaaS platform is critical for security, isolation, and custom access control. It requires identifying which tenant a user belongs to, enforcing boundaries between tenants, and applying tenant-specific permissions.

🔐 1. Tenant-Aware Authentication

✅ Goals:

• Identify the user and the tenant context

• Prevent cross-tenant access

• Support different identity providers per tenant (optional for B2B SaaS)

🔑 Key Approaches:

🔐 Example: JWT Payload

json

CopyEdit

{ "sub": "user123", "tenant_id": "tenantA", "roles": ["admin", "approver"], "email": "admin@tenantA.com" }

✅ Auth Services & Tools:

🔒 2. Tenant-Aware Authorization

Once authenticated, apply fine-grained access control:

💡 Principles:

• Use RBAC or ABAC scoped to the tenant

• Always check if the resource belongs to the requesting tenant

• Never trust the tenant context from the client — validate on server

✅ Authorization Techniques:

🔐 Example: DB-Level Isolation

sql

CopyEdit

SELECT * FROM transactions WHERE tenant_id = 'tenantA' AND user_id = 'user123';

Or use RLS (Row-Level Security) in PostgreSQL:

sql

CopyEdit

CREATE POLICY tenant_isolation_policy ON transactions FOR SELECT USING (tenant_id = current_setting('app.tenant_id')::uuid);

🏢 3. Tenant Isolation Models

🛡️ 4. Best Practices for Secure Tenant-Aware Access

🧠 Summary

 How do you manage schema upgrades across tenants?

Managing schema upgrades across tenants in a multi-tenant SaaS platform depends on your tenant isolation model (shared DB, schema-per-tenant, or DB-per-tenant) and your deployment strategy (monolith vs microservices, CI/CD, etc.).

Schema changes must be applied safely, consistently, and with minimal downtime.

✅ Key Considerations

🏗️ Isolation Model vs Upgrade Strategy

🛠️ Tooling (Recommended)

🔁 CI/CD-Driven Upgrade Process

1. Maintain migration scripts in version control (/migrations)

2. Tag migration files with versions (e.g. V1.1__add_column.sql)

3. For shared DB: Run once

4. For schema-per-tenant or DB-per-tenant:

   • Loop through each tenant and apply in parallel or batches

   • Record success/failure per tenant

🧪 Example: Flyway Multi-Tenant Upgrade (Schema-per-Tenant)

bash

TENANTS=("tenant_a" "tenant_b" "tenant_c")

for TENANT in "${TENANTS[@]}"

do

flyway -schemas=$TENANT migrate

done

🛡️ Zero-Downtime Schema Upgrade Techniques

📊 Schema Version Tracking

🧠 Best Practices Summary

📌 Sample Flow (Schema-per-Tenant, CI/CD-Integrated)

1. Developer commits schema change to Git

2. CI pipeline:

   • Runs unit tests

   • Validates SQL syntax

   • Packages migration script

3. CD pipeline:

   • Fetch list of tenants (schemas)

   • Loops through each schema

   • Applies change using Flyway

   • Logs result per tenant

Handling tenant-specific customizations in a multi-tenant SaaS platform is critical for supporting business differentiation without fragmenting your core platform. The goal is to enable customization while keeping the codebase and operational overhead manageable.

✅ Common Types of Tenant-Specific Customizations

🧱 Architectural Patterns for Tenant Customizations

1. Configuration-Driven Customization

• Store tenant-specific logic/config in a config DB or JSON/YAML file

• Example: onboarding steps, limits, labels

json

CopyEdit

{ "tenantId": "tenantA", "config": { "approvalFlow": "manager -> compliance", "currency": "INR", "loanLimit": 500000 } }

Spring Boot Approach:

• Use @ConfigurationProperties

• Load tenant-specific configs at runtime using context

2. Feature Flags per Tenant

• Enable/disable features for specific tenants

• Tools: Unleash, LaunchDarkly, FF4J, or a custom DB-driven system

yaml

CopyEdit

tenantA: features: kycEnabled: true autoApproval: false

3. Theming & Branding

• Use dynamic CSS/themes per tenant

• Serve static assets (logos, fonts) from tenant-specific buckets (e.g., S3)

4. Pluggable Strategy Pattern (Code-Level Hooks)

• Implement tenant-specific logic via @Component-based strategies

java

CopyEdit

public interface LoanApprovalStrategy { boolean approveLoan(Application app); } @Component("tenantA") public class TenantALoanApproval implements LoanApprovalStrategy { public boolean approveLoan(Application app) { // Custom rule return app.amount < 500000; } }

• Use Spring’s ApplicationContext to resolve strategy by tenant ID

5. Multi-Tenant Data Model

• Use optional/JSON fields for tenant extensions (in RDBMS or NoSQL)

• Example: PostgreSQL jsonb, MongoDB schema-less

sql

CopyEdit

ALTER TABLE customer ADD COLUMN custom_attributes JSONB;

6. Dynamic Workflows (BPM/Workflow Engine)

• Use Camunda, Flowable, or Temporal to define workflows per tenant

• Example: Tenant A requires additional legal approval step

7. Custom Extensions via Microservices

• Allow tenants to plug in custom microservices via contract-driven APIs

• Define API schemas and version contracts

• Route calls to tenant-specific service endpoints

🔐 Security Considerations

🧪 CI/CD Considerations

🧠 Summary of Approaches

How would you onboard a new tenant dynamically?

Onboarding a new tenant dynamically in a multi-tenant SaaS platform means provisioning everything the tenant needs — data isolation, configurations, default users, etc. — without downtime or manual effort.

✅ Key Goals of Dynamic Tenant Onboarding

🏗️ Step-by-Step: Dynamic Tenant Onboarding Flow

1. Tenant Creation Trigger

• Via Admin Panel or API call:

http

CopyEdit

POST /tenants { "tenantName": "Acme Corp", "plan": "enterprise", "region": "us-east-1", "adminEmail": "admin@acme.com" }

2. Provisioning Backend Logic (Spring Boot Example)

a. Generate Tenant Metadata

• Assign unique ID, tenant code

• Persist metadata in tenant_master table

b. Provision Database/Schema

• Options:

  • Schema-per-tenant (Postgres, MySQL)

  • DB-per-tenant (high isolation)

  • Row-level (single schema, multi-tenant flag)

Use Flyway/Liquibase to migrate schema:

java

CopyEdit

flyway.configure() .schemas("tenant_acme") .locations("classpath:db/migration") .load() .migrate();

c. Create Default Users & Roles

• Insert into users, roles, permissions tables

• Hash passwords, assign scopes

d. Set Default Configurations

• Save branding, workflows, limits in tenant_config

e. Register Tenant Context

• In-memory map, config DB, or distributed cache (Redis)

• Useful for tenant routing and dynamic datasource lookup

f. Emit Event

• Publish onboarding event to Kafka/NATS for async provisioning (e.g., S3 bucket, email domain)

3. Tenant Context Routing in Runtime

Use a Tenant Resolver to route DB/logic based on request headers or token claims:

http

CopyEdit

Authorization: Bearer eyJ...tenant_id=acme

4. CI/CD Support (Optional)

Automate schema creation in deploy pipelines:

bash

CopyEdit

curl -X POST /tenants -d @new_tenant.json

Add Helm chart or Terraform logic if provisioning isolated infra (K8s namespace, blob storage, etc.).

🔐 Security & Access Control