Is Contentful good for building multi-tenant app with 1000s of tenants?

Hi all,

Contentful looks great for a single organization to manage their contents. However, is it also suitable for building the back-end of a multi-tenancy service, which serves 1000s of client organizations?

I am an engineer at a company providing a web service, where a client organization can edit and collect lots of documentation. (It’s like Evernote, roughly speaking.) I’m thinking if it’s possible to migrate the back-end of the service to Contentful.

There could be 1000s of client organizations signing up our service, and each organization cannot view or edit any document from any other organization.

About multi-tenancy, I could only find this https://github.com/contentful/contentful.net/issues/129 and seems like each tenant is supposed to have a space. Unfortunately we want the same content types for all the organizations, so one space for all the client organizations is ideal.

We also want fine-grained access control in each client organization. It seems Contentful’s built-in access control distinguishes only among Contentful users, and applications.
https://www.contentful.com/developers/docs/references/content-delivery-api/#/introduction/authentication So, to distinguish our app users (not necessarily Contentful users) and have fine-grained access control, we cannot use Contentful’s built-in authentication, but would need to build our own access control layer.

Hope if someone could let me know if this is not the best use of Contentful, or direct me to starting points to look at.

Thanks,
Richard

Hi Richard,

If your overall structure would rely on a single space, then it wouldn’t be a possibility to have different tokens for each of your clients. However, you could create separate organizations for each of them that would work separately from each other and provide you with the granular authorization features that you are looking for.

Hi Gabriel, thank you for the advice! Will dig in a bit more about how I can achieve a customized authorization implementation for my use case.

Best,
Richard

No problem at all, Richard. If you’d like to discuss more sensitive details of your implementation, feel free to also reach us out at our support page.

Hi there,
we are having the same requirement. Multi-Tenants with a number of content-types which should be usable by all tenants.

@richard.e.imaoka How did you solve it?

Best, Andreas

Similar question.

Hoping to build a “site builder” type of platform and leverage the same content types across users of different companies. For example, each organization will need a “news section” content type. But access should be limited to a user’s org.

Not sure the best approach. Many thanks for any insights.