1 year ago

Multitenant applications allow several distinct groups of users to access a system. Each customer becomes a “tenant” in the system with their own set of user accounts.

You need to maintain strong boundaries between your tenants so customers can’t access each other’s data.

Deleting a user account could have different authorization requirements depending on whether that account is an administrator or ordinary user.

It’s dependent on your application implementing proper authorization controls to isolate tenants and prevent users from moving laterally between them.