6 Enforcing Tenant Permissions with RLS and Handling Tenant Domains

In the previous chapter, you made your Next.js application tenant-aware and implemented the necessary database structure for multi-tenancy. However, we cannot consider it tenant-based yet as the application isn’t loading any specific tenant data or checking user-to-tenant permissions – it’s just that the structure allows multi-tenancy.

Gear up to bring the application to another level as you’ll make the application tenant-based in this chapter. Here, you’ll explore the implementation of row-level security (RLS) policies for simple and secure access to user-bound data, as well as navigate the nuances of RLS dependencies, refine your policies, and introduce custom claims for a ...

Get Building Production-Grade Web Applications with Supabase now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building Production-Grade Web Applications with Supabase by David Lorenz

6

Enforcing Tenant Permissions with RLS and Handling Tenant Domains

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly