Realm rule for tenant ID (multiple users per tenant)


We’re about to start building a web app using Realm. There will be many (hopefully thousands in the future) of small business tenants, most of which will only have a single user, but providing the ability to add multiple users per tenant is a must have feature at an early stage.

The Realm rule templates only seem to support access to “own” or “shared” documents, the latter of which is impractical, given each tenant could have tens of thousands of documents, which need to be accessed by all of the tenant’s users, including access to historic documents by newly added users.

Is there a standard or recommended way of setting up a rule, so that document access is controlled by a tenant ID, rather than a user ID? Assuming this is possible, does the SDK support user authentication against a tenant too?

Thanks in advance!


Does anybody have any pointers or suggestions, please?


Quick question. So there can be multiple users per tenant. Can there be multiple tenants per user? If not, tenants in a sense are groups of users - right?

Yes, in a way. As such, every document would belong to a group, rather than a user.

I’ve come from an 8 year background working with MySQL and a couple of years working with GCP, but both MongoDB and Stitch/Realm are new to me.

I initially posted this question when I was just starting to play with Realm, but having now started the setup of our app, I’m starting to get to grips with it. Not as convoluted as it initially appeared to me.

What I’m now looking at … please correct me if you think there is a better way … is the following:

Collection: user (assigned as Realm’s custom user data collection).
Property: tenant_id (string: contains reference to _id of tenant document).
Rule: All users are unable to write to tenant_id.

Collection: tenant (created when first user registers).
Property: _id: ObjectID(xyz)
Rule: All users are able to read the tenant document with _id referenced within their user document.

Trigger: On initial user creation - creates ‘tenant’ document, then updates user’s document (customData) with tenant_id reference. Subsequent users are invited to register via emailed URL, which contains a token relating back to the tenant_id, allowing the same ID to be written to their user document.

Applied to every other collection…
Schema: property: { tenant_id: ‘string’, default: }
Rule: All users are able to read/write any document with { tenant_id: %%user.customData.tenant_id }

Does the above make sense? If so, does this seem like a sensible and logical approach, please?

Thank you in advance!

… and sorry, to answer your first question:

In the real world, it is certainly possible to have a user who belongs to multiple tenants, but I don’t think I’ll ever want to support this within the app. As such, a user would only ever belong to one tenant (the parent), but a tenant could have multiple users.



The problem you are describing seems remotely similar to the chat partition problem I described in a previous medium article I wrote

Instead of chat partitions in the custom data, you would have tenant_id. This article basically explains how to enforce the read/write rules you describe using the MongoDB Realm Sync permissions as described in their documentation.

Otherwise, I think that you are on the right track with your design.

Richard Krueger

1 Like