Skip to Content
StackBlaze Templates — operator documentation
AI SaaS KitFeaturesMulti-tenancy

Multi-tenancy

The template is multi-tenant by design. A tenant is an organisation (workspace); a user can belong to many.

The model

  • Every new user gets a personal workspace automatically (via the better-auth organization plugin).
  • A user joins additional organisations through the members table.
  • Every resource table carries a tenant_id and is scoped to it.

Always scope queries by tenant. When you add a new resource table, give it a tenant_id and filter every read/write by the active workspace. This is the core security boundary of the app — a missed scope leaks one tenant’s data to another.

Members & invitations

Workspace settings let owners invite members and manage roles. Invitations are accepted at /accept-invitation/[id]. The members limit per plan comes from plans.ts (Free/Pro: 1, Team: 10).

Switching workspaces

The dashboard shell exposes the active workspace; queries run against whichever workspace is selected. Resource access is checked against the user’s membership in that tenant.

Adding a tenant-scoped table

When you extend the schema:

  1. Add a tenant_id column referencing the organisation.
  2. Index tenant_id (you’ll filter by it constantly).
  3. Scope every query — list, get, create, update, delete — by the active tenant.
  4. npm run db:generate && npm run db:push to apply.
AuthenticationAI chat