Login/Register
Multitenant SaaS App using Firebase and Flutter
Asked Answered
androidfirebasefluttermulti-tenant
T

1

10

I'm evaluating Firebase to develop an application in SaaS mode, where people from multiple companies can access it. Each person in a company should only access data from their company and not with another company. Also within the company, profiles of what each person can access and what not can be defined.

  1. The Firebase documentation recommends not using a multi-tenancy approach (https://firebase.google.com/docs/projects/learn-more). His recommendation is to manage a firebase project for each company. My doubts: Is this really necessary? Would it involve managing different Apps in PlayStores? Can Firebase projects be programmatically created?

  2. On the other hand, Google Cloud launched a GCIP authentication service that allows multi-tenant (https://cloud.google.com/identity-platform/docs/multi-tenancy-authentication). My doubts are: 1. To use that with Firebase, would I have to create backend services with additional complexities to Firebase and Flutter? 2. Is it possible to use this service without losing the offline access property that Firebase offers?

Thank you,

David

Toulon answered 21/5, 2020 at 20:49 Comment(6)
Wondering if you got a solution to this? I am in the same situation. While starting up, I don't want to lose time in mysql and migrating schemas each time I need to add columns or change structures. I need something flexible to allow pace until the product is mature.Finned
@EdenWebStudio any updates? I'm currently planing to use multi tenacy with GCIP, so far it works just fine and I don't see any reason why the firebase team advices against it. The only disadvantage I'm currently facing is authentication with in a Flutter app becuase it seems it doesn't support setting a tenant id, work around would be to call a cloud function to authenticate and return an auth token.Enoch
@jonas I just ended up with mysql and json columns. I couldn't understand how I could partition firestore for each tenant. The docs weren't clear enough. What you are doing is what I would do though. Calling a function means you can apply extra security checks in a privileged env.Finned
@EdenWebStudio with partition firestore you mean something like using a different database for each tenant?Enoch
@Enoch Yes sort of. It will still be the same database but tenant operations are scoped to their partition. This link talked about Firestore in a "Datastore mode" but I may have misunderstood what they meant. cloud.google.com/datastore/docs/concepts/multitenancyFinned
An alternative is to use the same database with restrictions at the application level in Flutter and Security Rules in Firebase.Toulon
D
1

I may have a possible solution {i have tried it partially}

Create a Master API backed - manage all common feature/functionalities in the master API

eg: CIM - Customer information management UCID - unique customer id {based on mobileno+OTP} Client ID - {ClientA,B,K,Y} which means the UCID belongs to these client Apps

ClientAPP - Seperate Build for each clients {published in their app stores} ClientApp ID - 001 register/login - check if mobileno is registered in ClientID Endpoint API - Manage client specific data Eg: App restriction {Countries,Age,etc} App Logo App Splashscreen : Background = {image/URL}

ClientApp ID - 003 register/login - check if mobileno is registered in ClientID Endpoint API - Manage client specific data Eg: App restriction {Countries,Age,etc} App Logo App Splashscreen : Background = {Gradient/Code}

sample-multi-tenant API management on Hasura

Damico answered 19/7, 2021 at 7:29 Comment(1)
I am using hasura and firebase auth. I would like to discuss further with you on this problem. Would you mind allowing me to reach you via email ? @davidMeill

© 2022 - 2024 — McMap. All rights reserved.