multi-tenant | Spring Boot Spring JPA Hibernate Postgresql | Object-Relational Mapping library

There is a warning on the Firebase best practices documentation against using Firebase with multi-tenant applications: https://firebase.google.com/docs/projects/learn-more#multi-tenancy

This is what I am most concerned about: "Multi-tenancy can lead to serious configuration and data privacy concerns problems, including unintended issues with analytics aggregation, shared authentication, overly-complex database structures, and difficulties with security rules."

There is also plenty of official Google documentation supporting the use of Firebase for multi-tenancy, for instance: https://cloud.google.com/identity-platform/docs/multi-tenancy-authentication .

Do you know why they would have these conflicting recommendations and examples? Does use of Google Identity Platform fix the core security deficits mentioned in the warning?

I am re-posting this question, with additional clarification in the title, and a few edits/removals from the body, to specify that I am only looking for why this widely used product has this particular warning in its official documentation. I have removed most subjective content. I have no opinion on this that is relevant to the question - I am only looking to understand the warning. It seemed there was one good answer before the previous question was closed, so I will link that here for reference: Why is Google Firebase not recommended by Google in their own documentation for multi-tenant applications?

There is a warning on the Firebase best practices documentation against using Firebase with multi-tenant applications: https://firebase.google.com/docs/projects/learn-more#multi-tenancy

This is what I am most concerned about: "Multi-tenancy can lead to serious configuration and data privacy concerns problems, including unintended issues with analytics aggregation, shared authentication, overly-complex database structures, and difficulties with security rules." Identity Platform looks like it should cover everything except analytics aggregation and database structures, but I can control analytics logging and my database structure is simple enough, being divided cleanly by tenant. My application is one common application, but has tenanted client data and users (managed via Google Identity Platform).

There is also plenty of official Google documentation supporting the use of Firebase for multi-tenancy: https://cloud.google.com/identity-platform/docs/multi-tenancy-authentication . There are also dozens of examples out there for how to set up multi-tenancy with Firebase and Google Identity Provider.

Do you know why they would have these conflicting recommendations and examples? Does use of Google Identity Platform fix the core security deficits mentioned in the warning? It has me strongly considering abandoning Firebase, which would be a shame given the features it gives me.

I'm using a schema interceptor to configure my schema. It's a multi-tenant application, so I build the schema according to the tenant's configuration. I'm mapping that configuration to SDL language (schema-first approach) and then I add it to the schema builder (schemaBuilder.AddDocumentFromString(...)).

As said on the documentation (here), "Schema-first does currently not support filtering!". But that is the only approach I can use right now, so I'm trying to find a workaround.

What I've tried:

Manually create the input filter types and add the filtering to the server (something like this):

I'm building a multi-tenant rails application, similar to Shopify. Whenever a customer registers an Account, they will have a subdomain created at customer.myapp.com. This subdomain returns a view with data related to their account (including a /admin area).

Now in some cases, customers would like to use their own custom domain, instead of the subdomain created for them. How do I need to adjust my rails routes and controllers to return a view with data related to the customers account, based on not just the subdomain but on either the custom domain OR the subdomain?

This is how I've set up my config/routes.rb for handling subdomains:

We have a setup where we are running 6 PgBouncer processes and our performance benchmarks degrade linearly with time. The longer PgBouncer has been running, the longer the connections to Postgres exist results in slower response times for the benchmark. We have a multi-tenant schema separated database with 2000+ relations. We are configured for Transaction Mode pooling right now. Over time, we see the memory footprint of each Postgres process climb and climb and climb, and again, this results in poorer performance.

We have tried to be more aggressive in cleaning up idle connections with the following settings:

Does Firestore have any support for a multi-tenant app? I am creating a service which will have multiple clients and need to be able to separate each client's data completely from every other client.

I developed a web accounting application using vanilla PHP as backend and jquery and vanilla javascript as frontend. Every client will have one database. The single database contains all client's database connection strings and login credentials for clients. Whenever a client logs in using a login credential client gets the connection string from the master database where all database connections are stored. Based on login credentials my backend will connect to their database. They will work on their database.

How can i achieve this scenario using laravel 8? i tried several solutions like, Dynamic database connection in Laravel, Create Dynamic Database Connection in Laravel, Laravel 5.8 dynamic database connection not being set in model, laravel 5.4 dynamic database connection, Configure database connections on the fly in Laravel

these all solutions recommend using configure file or .env file. as you can see in my scenario i can't setup every client's database connection in database config array because my client's database connections are dynamic and there are lots of database connections.

so what you guys will suggest to overcome this scenario?

and i don't want to use Multi-Tenant setup its just overkill and i do want is grab connection string while logging and use that connection string to connect user's specific database. so its kind a dynamic!

Our application has a multi-tenant architecture where we have multiple different websites deployed using a single codebase. Is there a way to edit the application name (ie. show Sign in to with Google instead of Sign in to with Google) without needing to create a separate project in Google Console for each website?

If editing the app name is impossible, is there a way to just show Sign in with Google instead?

I have found two different ways to, first, get the next invoice number and, then, save the invoice in a multi-tenant database where, of course, each tenant will have his own invoices with different incremental numbers.

• My first (and actual) approach is this (works fine):

1. Add a new record to the invoices tables. No matter the invoice number yet (for example, 0, or empty)
2. I get the unique ID of THAT created record after insert
3. Now I do a "SELECT table where ID = $lastcreatedID **FOR UPDATE**"
4. Here I get the latest saved invoice number with "SELECT @A:=MAX(NUMBER)+1 FROM TABLE WHERE......"
5. Finally I update the previously saved record with that invoice number with an "UPDATE table SET NUMBER = $mynumber WHERE ID = $lastcreatedID"

This works fine, but I don't know if the "for update" is really needed or if this is the correct way to do this in a multi-tenant DB, due to performance, etc.

• The second (and simpler) approach is this (and works too, but I don't know if it is a secure approach):

1. INSERT INTO table (NUMBER,TENANT) SELECT COALESCE(MAX(NUMBER),0)+1,$tenant FROM table WHERE....
2. That's it

Both methods are working, but I would like to know the differences between them regarding speed, performance, if it may create duplicates, etc.

Or... is there any better way to do this?

I'm using MySQL and PHP. The application is an invoice/sales cloud software that will be used by a lot of customers (tenants).

Thanks