In a multi-tenant SaaS product, creating a user involves more than adding a record; it involves establishing a team, data boundaries, and permission structures. To efficiently manage this, the architecture was designed around accounts rather than users. The process was restructured to prioritize account creation. This change led to more robust backend interactions including schema design and billing logic. Understanding that data is tenant-scoped significantly impacts application functionality, prompting various adjustments in permission checks and UI elements.
In any multi-tenant SaaS product, the moment a new user signs up is more than just adding a row in a "users" table. That user represents a new team, a new data boundary, and a new permission structure.
Instead of bolting on organizations after user creation or storing org data as just another field on the user, we made the account the primary object. Users belong to accounts. Data belongs to accounts. Permissions derive from accounts.
Collection
[
|
...
]