Multi-Tenancy Agent Skill
Tenant isolation (row-level vs schema), subdomain routing, per-tenant config, and data partitioning.
The Skill
Full content, every format. Copy it, download it, or install with one command.
---
description: Tenant isolation (row-level vs schema), subdomain routing, per-tenant config, and data partitioning.
homepage: https://yepapi.com/skills/multi-tenancy
metadata:
tags: [multi-tenant, saas, isolation, routing]
---
# Multi-Tenancy
## Rules
- Row-level isolation (default): add `tenantId` column to every tenant-scoped table — enforce via middleware or RLS (Row-Level Security)
- Schema-per-tenant: use when tenants need custom schemas or strict data isolation — more complex ops, better isolation
- Subdomain routing: parse tenant from `{tenant}.app.com` — resolve in middleware, set `tenantId` on request context
- Custom domains: CNAME to your app, lookup tenant by `Host` header — use a `domains` table mapping custom domains to tenant IDs
- Per-tenant config: store theme (logo, colors), feature flags, and limits in a `tenant_settings` table — cache in memory with TTL
- RLS pattern (Postgres): `ALTER TABLE posts ENABLE ROW LEVEL SECURITY; CREATE POLICY tenant_isolation ON posts USING (tenant_id = current_setting('app.tenant_id'))`
- Middleware: extract tenant from subdomain/header, set on context, apply to all database queries — never let a query run without tenant scope
- Data partitioning: for large tables, partition by `tenantId` — improves query performance and enables per-tenant backup/restore
## Row-Level Isolation Pattern
```typescript
// Middleware - extract tenant from subdomain
function getTenantFromHost(host: string): string {
const subdomain = host.split(".")[0];
return subdomain; // or lookup in tenants table
}
// Prisma middleware - auto-filter by tenantId
prisma.$use(async (params, next) => {
if (TENANT_MODELS.includes(params.model)) {
params.args.where = { ...params.args.where, tenantId: context.tenantId };
}
return next(params);
});
```
## Subdomain Routing (Next.js Middleware)
```typescript
export function middleware(request: NextRequest) {
const host = request.headers.get("host") ?? "";
const tenant = host.split(".")[0];
const response = NextResponse.next();
response.headers.set("x-tenant-id", tenant);
return response;
}
```
## Avoid
- Queries without tenant scope — one missing `WHERE tenantId = ?` leaks data across tenants
- Hardcoding tenant in client — resolve from subdomain/domain server-side
- No index on `tenantId` — every tenant-scoped table needs a composite index starting with `tenantId`
- Mixing tenant data in shared caches — namespace cache keys with `{tenantId}:{key}`Install
Why Use the Multi-Tenancy Skill?
Without this skill, your AI guesses at multi-tenancy patterns. It might hallucinate deprecated APIs, use outdated conventions, or miss best practices entirely. With it, your AI follows a proven ruleset — every suggestion aligns with current standards.
Drop this skill into your project and your AI instantly knows the rules. Better code suggestions, fewer errors, faster shipping.
Try These Prompts
These prompts work better with the Multi-Tenancy skill installed. Your AI knows the context and writes code that fits.
"Build a multi-tenant SaaS with row-level security, subdomain routing, and per-tenant config"
"Create tenant isolation with Prisma, RLS policies, and middleware-based tenant resolution"
"Set up a white-label system with per-tenant theming, custom domains, and data partitioning"
Works Great With
Multi-Tenancy skill — FAQ
It covers tenant isolation strategies, subdomain routing, per-tenant config, and data partitioning. Your AI builds multi-tenant systems with proper security boundaries and scalable architecture.
Run `npx skills add YepAPI/skills --skill multi-tenancy` in your project root. This copies the skill file into your repo where your AI coding tool can read it automatically.
The skill covers both. Row-level (shared tables with tenant_id) is simpler and cheaper. Schema-level (separate schema per tenant) provides stronger isolation. Most SaaS apps start with row-level.