Thank for sharing your process, it looks interesting but i think a lot of points really depends on what you're building.
1. For sub-domains
It's more likely to be useful for users's confidence that their data are not merged with others client's data (peoples thinks like that sometimes, when a SaaS is designed like that, maybe weird but it is what it is). And from what i tried in the past, i discoverd that you can define a CNAME with * as value and target your server with it then you web server (NGINX, or any proxy) will be in charge of indentifying the request informations and will handle the certificate (with server block in nginx you can load differents SSL certificated depending on the domain server_name directive ) and everything accordingly. Please check this out :
The way to design this really depends on what your system does and how it does it. It can be difficult to do if your users can be shared across multiple organizations, in that case you may need to store some user's meta data (about what organizations they are into actually for example) and either propose them to choose one when login in or redirecting them into a "default" organization and they can change it later or something (king of how AWS manage everything with Regions).
In other design if your users a totally separated per organizationa and there is no reason for a user to have the same account with multiples organization it become simplier... you just need to store the org ID in the User informations (table, or whatever you use to store them).
When you say "single email approach", i think visitors can create accounts on your system with their proper email (@gmail, @outlook, etc) but you will certainly have to restrict someone to create multiple account with the same email. But it really depends on your system. May be setting up a king of external auth system is a good and simplier solution for you (OAuth, or something). But i think you may have to make a difference between organization's owners and organization's members in someway.
Sorry for responding with so much delay... i totally missed the notification. I help this will be helpful in some way.
Just ping me a message if you want more discussions on this topic.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hi @simoami
Thank for sharing your process, it looks interesting but i think a lot of points really depends on what you're building.
1. For sub-domains
It's more likely to be useful for users's confidence that their data are not merged with others client's data (peoples thinks like that sometimes, when a SaaS is designed like that, maybe weird but it is what it is). And from what i tried in the past, i discoverd that you can define a CNAME with * as value and target your server with it then you web server (NGINX, or any proxy) will be in charge of indentifying the request informations and will handle the certificate (with server block in nginx you can load differents SSL certificated depending on the domain
server_namedirective ) and everything accordingly. Please check this out :How to create sub-domain automatically when users register on my SaaS application ?
ADONIS SIMO ・ Aug 5 '19 ・ 1 min read
2-3. User identification
The way to design this really depends on what your system does and how it does it. It can be difficult to do if your users can be shared across multiple organizations, in that case you may need to store some user's meta data (about what organizations they are into actually for example) and either propose them to choose one when login in or redirecting them into a "default" organization and they can change it later or something (king of how AWS manage everything with Regions).
In other design if your users a totally separated per organizationa and there is no reason for a user to have the same account with multiples organization it become simplier... you just need to store the org ID in the User informations (table, or whatever you use to store them).
Sorry for responding with so much delay... i totally missed the notification. I help this will be helpful in some way.
Just ping me a message if you want more discussions on this topic.