Replies: 1 comment
-
Hei @corepay
This makes it easier to also give self management rights to managers of an organizations so you do not have to do everything by yourself.
I hope this input does help you |
Beta Was this translation helpful? Give feedback.
-
I could use some help or ideas here on how to accomplish a multi-tenant strategy that goes several levels deep. This is what I've come up with so far and it can result in several thousand organizations if I take this path...is there a better way?
I'm having trouble reasoning through where organizations should stop and some other group strategy maybe by using role groups should begin if at all.
All account and user management will occur in my apps interfacing with zitadel through apis - no one should or have access to zitadel.
The simplest way I think I can get this done is just create organizations all the way down. For example:
Me, the system admin creates tenant accounts from my top-level org. When I create the tenant account I also GRANT access to a PROJECT in my organization that has the APPS the tenant needs to create and manage merchants. One of the PROJECTS for example is a tenant portal, another an underwriting app, another PROJECT is a CRM of sorts and another PROJECT a merchant on-boarding module...
When I create a tenant I can GRANT access to projects that I want the tenant to access - for example the TENANT may pay for the underwriting app but does not want the CRM app so I do not GRANT the CRM app.
When I board a TENANT I also create PROJECTS the tenant organization that the merchants will need to use. For example one of the PROJECTS will be a merchant portal they can log into, another a CUSTOMER portal, another a VENDOR portal, another a POS/Virtual termianl, another a Billing engine, another an ecommerce site, etc. Same strategy here, when a tenant boards a merchant they will be able to GRANT specific projects to a merchant that are premium or paid for or however they want to do it. For example, the TENANT may provide the Marketplace app option for $49 a month. If the merchant signs up for that the tenant will grant that Project App to the merchant.
Each step of the way a designated admin account for each ORG will be the owner of the created ORG <- I think this will link these all up to maintain my heirachy and relationships.
So my burning questions right now are:
Well that was a lot - if you made it this far trust me your brain doesn't hurt as much as mine righ tnow...nonetheless I would really appreciate a little feedback if anything jumped out or maybe a link to something I haven;t stumbled across in the docs.
Much appreciated!!
Beta Was this translation helpful? Give feedback.
All reactions