Agent skill

Multi-Tenancy Advanced Patterns

Advanced patterns for building scalable multi-tenant SaaS applications.

View SKILL.md on GitHub Repository
Stars 163
Forks 31

Install this agent skill to your Project

npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/multi-tenancy-advanced

SKILL.md

Multi-Tenancy Advanced Patterns

Overview

Advanced multi-tenancy focuses on isolation, scaling, and operational maturity for SaaS platforms serving many tenants with varying needs and compliance requirements.

Table of Contents

  1. Architectures
  2. Tenant Isolation
  3. Tenant Identification
  4. Database Strategies
  5. Caching
  6. Background Jobs
  7. Rate Limiting
  8. Feature Flags
  9. Branding and Theming
  10. Tenant Onboarding
  11. Tenant Migrations
  12. Cross-Tenant Operations
  13. Compliance and Residency
  14. Scaling Strategies
  15. Cost Allocation
  16. Monitoring
  17. Security Considerations

Architectures

  • Shared DB, shared schema: Lowest cost, highest risk.
  • Shared DB, separate schema: Better isolation, moderate ops.
  • Separate DB per tenant: Strong isolation, higher overhead.
  • Hybrid: Mix tiers based on tenant size or compliance.

Tenant Isolation

  • Data: RLS, schema separation, or separate DB.
  • Compute: Dedicated worker pools for large tenants.
  • Network: VPC isolation or private endpoints when needed.

Tenant Identification

Common approaches:

  • Subdomain (tenant.example.com)
  • Path (/t/tenant)
  • Header (X-Tenant-ID)
  • JWT claims (tenant_id)

Prefer JWT claims + middleware validation.

Database Strategies

  • Row-level security with tenant_id predicates.
  • Tenant ID columns with indexed filters.
  • Per-tenant connection pools for heavy tenants.

Caching

Use tenant-scoped cache keys:

cacheKey = f"{tenantId}:user:{userId}"

Avoid cache pollution across tenants.

Background Jobs

Isolate queues per tenant or per tier:

  • Separate queues for premium tenants
  • Dedicated workers for heavy tenants

Rate Limiting

Apply per-tenant quotas:

  • Requests per minute
  • Concurrency limits
  • Burst allowances

Feature Flags

Use tenant-scoped flags for:

  • Staged rollout
  • Premium features
  • Compliance-specific behavior

Branding and Theming

Support tenant-specific assets:

  • Theme variables
  • Logo storage and CDN
  • White-label domains

Tenant Onboarding

Automate:

  • DB provisioning or schema setup
  • Default roles and permissions
  • Initial data seeds

Tenant Migrations

Use migration tooling that supports:

  • Online migrations
  • Backfill jobs
  • Tenant-by-tenant rollout

Cross-Tenant Operations

Define admin-only tools for:

  • Support access
  • Data export and audits
  • Global reporting

Log all cross-tenant access.

Compliance and Residency

Match tenants to regions:

  • Data residency per country
  • Regulated industries (HIPAA, PCI)

Scaling Strategies

  • Shard tenants by size or region.
  • Split heavy tenants into dedicated clusters.
  • Use read replicas for large tenants.

Cost Allocation

Track usage per tenant:

  • Storage
  • Compute
  • Requests

Use cost tags and billing reports.

Monitoring

Monitor per-tenant:

  • Error rates
  • Latency
  • Resource usage

Alert on noisy neighbor issues.

Security Considerations

  • Enforce tenant boundaries at every layer.
  • Use least-privilege access.
  • Encrypt tenant data at rest and in transit.

Related Skills

  • 17-domain-specific/multi-tenancy
  • 04-database/database-optimization
  • 10-authentication-authorization/rbac-design

Didn't find tool you were looking for?

Be as detailed as possible for better results