Collaborate Disseminate
I’m working on a project where we aim to have a separate database for each tenant. In our setup, there is a central database (and API) containing a "users" table that stores usernames and passwords for all users. Additionally, th… Continue reading How to keep membership in sync in a multi tenant architecture with per tenant database?
I’ve spent a few weeks on GCP and GKE (Kubernetes) trying to figure out how to store customer secrets. The secrets are used by some application even when the user is not logged on so I want to ensure no human can reach to them.
A lot of pl… Continue reading Keeping customer secrets safe from sysadmins and devs in Kubernetes
I’m building a multi-tenant app that has the unusual requirement of allowing tenants to use their own choice of external systems for login/authentication
ie: tenant 1 uses Azure AD, tenant 2 uses Auth0, tenant 3 uses Github etc.
The plan i… Continue reading Multi-tenant SPA with multiple OIDC providers
https://nexla.zendesk.com/hc/en-us/articles/360053720333-Database-Connection-Options
Specifically:
In a text editor, add the below public SSH key to the authorized_keys
file. The key must be all on one line. Make sure that you don’t
intro… Continue reading Is it secure for a platform to use the same private key for multiple clients’ SSH connections?
I’ve looked extensively for a duplicate question, but I couldn’t find anything that answers this question exactly.
I have a SQL Server that will be used to store data for a multi-tenant application. Every tenant will have their own databas… Continue reading How should SQL Server users be managed for a multi-tenant application?
Context
I’m trying to build an hybrid multi-tenant API using OAuth2.0 using Laravel 8 Passport, so my system has 2 parts: one process the request from the tenant application, and the other part process the request from my front-end which a… Continue reading Which OAuth2 flow should I use?
I am developing a Multi-tenant application to allow tenants to open an e-commerce shop (similar to Shopify). We are hosted on AWS.
At this point there will be under 20,000 transactions in the first year but I am a bit confused regarding PC… Continue reading PCI Compliance and multi tenancy?
We have a site builder, allows users to add/modify JS/HTML/CSS. Is it possible to provide a global authentication for it?
I mean users login once but can interact with all sites as their own names. Those sites should not be able to steal u… Continue reading Secure authentication for sites which allow user to modify js/html
Consider the following architecture:
An on premise Web API 2 [Written in C# hosted in IIS] which uses OAuth 2 authentication [ Implicit Flow ] to secure itself. This API acts as the data source by external apps [ Currently an angular 9 APP… Continue reading Risks associated with a compromised external Security token server
Consider the following architecture:
An on premise Web API 2 [Written in C# hosted in IIS] which uses OAuth 2 authentication [ Implicit Flow ] to secure itself. This API acts as the data source by external apps [ Currently an angular 9 APP… Continue reading Risks associated with a compromised external Security token server