How is the tenant expected to be used in muli-tenancy?

I have set up multi-tenancy in Radzen and now we have a aspnettenants table, roles and users also have the tenantid as a fk.
How is it intended that we use this feature in page and data isolation?

1 Like

Any feedback on this please?

Check the generated code for users and roles to see how the data are filtered by tenant. Additionally you can check this article to know how to filter your data by user:

Ok. So the expectation is for us to use the tenantId and tenant roles to control visibility of objects or data within a page?
What about page level? If multiple tenants create the same role, 'Admin' for example, then every tenant can see 'Admin' pages. How would you protect page access by tenant?

Hi @simon,

More info about how the multitenancy generated by Radzen works can be found here:

Every tenant have roles and users and every page access can be restricted by roles.

Can we limit page access by tenant + role?
I want only tenant1 users with 'Admin' to access a page and deny access to tenant2 users with 'Admin' role. I think that page access should be by roleId and not roleName.
e.g.
@attribute [Authorize(Roles = "Admin",Tenant = "tenant1")]
or
@attribute [Authorize(RoleId = <tenant1 'Admin' roleid>)]

I'm afraid that the security generated by Radzen (ASP.NET Core Identity) will use roles names when restricting page access. As I already posted the tenant is associated with the logged user (and roles as well from the tenant) - check the article in my previous reply.

I understand. It would be great see some more multi-tenancy features in future releases. I am really excited at using this for SaaS solutions.