TenantOS is building a B2B SaaS platform framework (like what powers Notion, Linear, or Jira internally). The platform hosts thousands of customer organizations (tenants) on shared infrastructure. Key challenges:
- Tenant isolation - each tenant's data is logically isolated. A bug or query in one tenant must never access another's data. Choose between: shared database with tenant_id column, schema-per-tenant, or database-per-tenant.•Authentication & authorization - SAML SSO for enterprise tenants. Each tenant has its own user directory, roles, and permissions.•Billing & metering - track usage (API calls, storage, seats) per tenant. Generate invoices monthly. Support per-seat and usage-based pricing.•Custom domains - enterprise tenants use their own domain (e.g., `app.customer.com`) rather than a subdomain. Requires automated SSL certificate provisioning (Let's Encrypt).•Rate limiting per tenant - prevent noisy neighbors from degrading performance for others. Enforce per-tenant API rate limits.•Data residency - some tenants require their data to stay in a specific region (EU, US). Route their requests to the correct regional deployment.•Tenant onboarding - automated provisioning: create DB schema, seed default data, configure SSO, issue API keys.
Targeting 5,000 tenants with 2 million total users.
Design a multi-tenant SaaS backend with tenant isolation, per-tenant billing, custom domains, and data residency. Build this architecture under realistic production constraints, then validate tradeoffs in the design lab simulation.