Multi tenancy with Realm User per Mongo Database

Hi! I’m creating a react-native app where users can register and start working. This app is going to be multi-tenant(each registered user will have his data) and I’m planing to use Realm for offline and cloud sync.

I created an Atlas cluster. And custom roles for each database. One role = access to one database.

I know that multitenancy can work easily this way but I’m planning to use Realm.

So, after creating the Realm App, I enabled the user/email registration.

In the Rules section, I only see the Database.Collection.UserField way to separate data. That means that every collection will have all the customers data shared, just separated by this field.

Is there any way to configure something like this:

RealmUser->MongoDbRole or RealmUser->Database.* ?

Or I need to create a separate AppId for each tenant?

Of course, I know that enabling free registers is a open app is going to be a big NO. I’m planning to add some previous step (making a pre-registration/validation first).

The description in the question isn’t exactly a multi-tenant (multi-tenancy) situation. It’s multi-user with each user having their own dataset.

Multi-tenancy would generally be a group of users that have a guaranteed share of the instance. They would have their own user management, data, configuration. It’s more akin for example, a company wide calendaring app where your clients would be separate companies (tenant), each having their own users. The question doesn’t really sound like that - perhaps there’s more to it. While you could craft your app that way, it adds additional complexity that may not be needed.

With MongoDB Realm it’s common practice for each user to have their own Realm; that would be a ‘partition’ within a collection. While the data is in the same collection, it’s still kept ‘separate’ by leveraging rules that only allow a user to access their Realm data

If you craft the app where each user has their own Realm (a ‘Partition’ in Atlas), it can be secured through permissions. Here’s a sync permission that enables a users read access if the partition value is listed in the readPartitions field of their custom user data

{ "%%user.custom_data.readPartitions" : "%%partition" }

See Define Sync Permissions for more reading.

1 Like