0
0
Firebasecloud~30 mins

Multi-tenancy patterns in Firebase - Mini Project: Build & Apply

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Implementing Multi-Tenancy Patterns in Firebase
📖 Scenario: You are building a cloud backend using Firebase for a software service that supports multiple companies (tenants). Each company should have its own isolated data in the database to keep information private and secure.
🎯 Goal: Build a Firebase Firestore data structure and security rules that implement a simple multi-tenancy pattern. You will create tenant-specific data collections, configure a tenant ID variable, write a query to fetch tenant data, and finalize Firestore security rules to restrict access to only the tenant's own data.
📋 What You'll Learn
Create a Firestore collection named companies with two tenant documents: tenantA and tenantB
Add a configuration variable currentTenantId set to tenantA
Write a Firestore query to get all projects documents under the current tenant's subcollection
Add Firestore security rules to allow read and write access only to documents under the authenticated user's tenant ID
💡 Why This Matters
🌍 Real World
Multi-tenancy is common in SaaS applications where multiple companies share the same backend but need data isolation for security and privacy.
💼 Career
Understanding multi-tenancy patterns and security rules in Firebase is essential for cloud engineers and backend developers building scalable, secure multi-tenant applications.
Progress0 / 4 steps
1
Create Firestore tenant data structure
Create a Firestore collection called companies with two documents named tenantA and tenantB. Each tenant document should have a subcollection called projects with one document each: project1 for tenantA and project2 for tenantB. Use the following data for the projects: { name: 'Project Alpha' } for project1 and { name: 'Project Beta' } for project2.
Firebase
Need a hint?

Think of companies as a collection. Each tenant like tenantA is a document. Inside each tenant document, create a projects subcollection with project documents.

2
Add tenant configuration variable
Create a variable called currentTenantId and set it to the string 'tenantA'. This variable will represent the tenant currently logged in or active.
Firebase
Need a hint?

This variable holds the tenant ID string exactly as 'tenantA'.

3
Write Firestore query for tenant projects
Write a Firestore query using the currentTenantId variable to get all documents from the projects subcollection under the current tenant in the companies collection. Use the Firestore JavaScript SDK syntax with collection and getDocs. Store the query reference in a variable called tenantProjectsQuery.
Firebase
Need a hint?

Use collection(db, 'companies', currentTenantId, 'projects') to target the projects subcollection for the current tenant.

4
Add Firestore security rules for tenant isolation
Write Firestore security rules that allow read and write access only if the authenticated user's request.auth.token.tenantId matches the tenant ID in the document path. The rules should apply to documents under companies/{tenantId}/projects/{projectId}. Use allow read, write: if request.auth != null && request.auth.token.tenantId == tenantId;.
Firebase
Need a hint?

Security rules must check that the authenticated user's tenant ID matches the tenantId in the document path.