Multiple supertokens instances in a single express application?

Nightlight

01/20/2023, 10:54 PM

Is it possible to add multiple supertoken instances in a single express application? The documentation only mentions a single instance using supertokens.init(). I'm wanting to set up a multi-tenant type of architecture with a single webserver and multiple cores.

rp_st

01/21/2023, 4:56 AM

Hey @Nightlight this is not possible at the moment.

rp_st

01/21/2023, 4:56 AM

We are working on adding multi tenancy to the core after which, this would be possible.

Nightlight

01/21/2023, 4:57 AM

Has the work on that already started? And do you have an eta? (Q1, Q2, etc)

Nightlight

01/21/2023, 4:57 AM

My company is working on a rewrite of a lot of our infrastructure, and was really hoping we'd swap out Cognito for Supertokens, but we really need the multi-tenancy piece 😦

rp_st

01/21/2023, 4:57 AM

Sometime aroud q2

Nightlight

01/21/2023, 4:58 AM

Maybe I can push the auth implementation for us till then. Our 2.0 release is supposed to be sometime q2

rp_st

01/21/2023, 4:58 AM

right. We should have something by then.

Nightlight

01/21/2023, 5:00 AM

We're working on an open source project that will have the option of both single and multi-tenant. I suppose worst case scenario we use supertokens for the single tenant, and something else for the multi-tenancy

rp_st

01/21/2023, 5:00 AM

If you are open to storing the all the users in the same user pool, things could work today as well.

rp_st

01/21/2023, 5:01 AM

The idea here would be to change the email of the user to include their tenant ID like user+tenantId@example.com

Nightlight

01/21/2023, 5:01 AM

I was looking at that conversation you had about that. The main issue (that you pointed out), is that you need to know the tenant id to be able to look up and wouldn't be able to do a direct lookup by email

rp_st

01/21/2023, 5:02 AM

right yea. That's an issue indeed

rp_st

01/21/2023, 5:02 AM

since it is a hack

rp_st

01/21/2023, 5:03 AM

for proper multi tenant support, you would have to wait until it's released on our end

Nightlight

01/21/2023, 5:03 AM

I'm not sure if we even need to be able to look up by email though without a tenant id. I think everything we use currently we always know the tenant id

rp_st

01/21/2023, 5:03 AM

right. In that case, things can work

Nightlight

01/21/2023, 5:04 AM

Hm. Maybe I just roll the hacky way for now just so I can get our front-end integration with it, then when multi-tenancy support rolls out, we'll switch to using that

rp_st

01/21/2023, 5:04 AM

yup. That works

rp_st

01/21/2023, 5:05 AM

Btw, just a disclaimer, we are planning to add multi tenancy as a paid feature, priced based on the number of tenants. But we are open to negotiate and make exceptions based on the nature of your project (especially since you said it's open source)

Nightlight

01/21/2023, 5:06 AM

How will the paid part of it be handled if we are self hosting? Some sort of licensing?

rp_st

01/21/2023, 5:06 AM

correct

rp_st

01/21/2023, 5:06 AM

a license key will be issued to you

rp_st

01/21/2023, 5:06 AM

which can be fully air gapped as well.

Nightlight

01/21/2023, 5:06 AM

Do you know any of the details of that? Like a monthly/yearly/lifetime?

rp_st

01/21/2023, 5:07 AM

We can make the license key however long in terms of its lifetime

rp_st

01/21/2023, 5:07 AM

it's all quite flexible

Nightlight

01/21/2023, 5:07 AM

Our profit model is going to be similar to that of Elasticsearch. So we plan to release our software to the public and be fully open source, with the restriction that people can't create competing services essentially

Nightlight

01/21/2023, 5:08 AM

So while the software is open source, we are still a for profit company

rp_st

01/21/2023, 5:09 AM

Right. There are things that can be done to aid this type of model. The only one caveat is that the supertokens core part will not be fully open source cause of the multi tenant feature being used.

rp_st

01/21/2023, 5:09 AM

So if you are planning on distributing the supertokens core part as well, then it might cause issues

rp_st

01/21/2023, 5:10 AM

but if you keep the supertokens core part hosted by you, and user's instances of your service are run by them, then it could work

Nightlight

01/21/2023, 5:10 AM

Users of our open source codebase will either have to self host, or get supertokens hosting through you guys

Nightlight

01/21/2023, 5:11 AM

The multi-tenant part I don't believe will be in our open source codebase, only the single-tenant related code

rp_st

01/21/2023, 5:11 AM

right. So single tenant stuff is open source from supertokens side as well.

Nightlight

01/21/2023, 5:15 AM

That actually works out perfect. As far as our open source code base goes, we are really trying to push for only using other open source dependencies in our application. Which is part of the reason we're moving away from Cognito

Nightlight

01/21/2023, 5:16 AM

Thanks for your help and being so quick to respond

rp_st

01/21/2023, 5:17 AM

sounds good! Please feel free to reach out anytime for further questions.

7 Views

Previous Next

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).