Post
Hi, I’m building a multi-tenant app. Auth currently handles internal app users (workspace owners/admins).
The app also has public tenant sites with audience members who need signup/login, password reset, email verification, etc.
Key requirement: member accounts should be isolated per tenant site, not behave as a single global platform identity.
Example: If someone signs up on tenant A’s site, they should not appear logged in on tenant B’s site, and the same email may need to register separately across tenants.
Supabase Auth seems designed around a global identity namespace (auth.users).
What’s the recommended approach here?
Preferably I’d like to keep one Supabase project/database if possible.
Has anyone implemented tenant-isolated member authentication with Supabase? Any recommended patterns or pitfalls?
Thanks in advance.
The user is building a multi-tenant app and seeks advice on implementing tenant-isolated member authentication. They want to ensure that member accounts are isolated per tenant site, avoiding a global identity namespace. They are considering different approaches, including using a single Supabase project with custom auth tables or separate projects for member auth. They prefer maintaining one Supabase project if possible and seek community recommendations on best practices and potential pitfalls.
I am not sure if this will work and it might be a bit hacky but what if you keep your supabase auth for internal users then you use a separate authentication system for the multi tenant app such as better auth, you might be able to specify different schemas so that each site has it's own schema and users table.