is it possible with SuperTokens to have accounts w...
# support-questions-legacym
mattapperson
02/11/2023, 3:10 AMis it possible with SuperTokens to have accounts with multiple users?
r
rp_st
02/11/2023, 4:40 AMHey @mattapperson
rp_st
02/11/2023, 4:40 AMAre you talking about our sign in on supertokens.com? We don’t have that yet.
rp_st
02/11/2023, 4:45 AMOr are you talking about implementing that feature using supertokens on your app?
m
mattapperson
02/11/2023, 12:47 PMThe latter, in my own app
r
rp_st
02/11/2023, 1:46 PMRight. Can you elaborate on the flow a bit more? Maybe give an example use case in detail
m
mattapperson
02/12/2023, 2:59 AMSure, basically the idea being that a company can sign up and have N employees have their own logins.
I’m thinking I could create sets of roles per account, but the api feels not optimized for this so I’m thinking this could lease to issues.
r
rp_st
02/12/2023, 4:09 AMSo you essentially want multi tenancy? Where each tenant is an org and each tenant has its own user pool?
m
mattapperson
02/12/2023, 11:42 AMNot really, no. I just want to support business users who will have multiple users assigned to their account and can see their data to varying degrees based on permissions. Think like slack.
1 user can belong to N accounts, an account can have N users
r
rp_st
02/12/2023, 11:43 AMHmmm. I see.
rp_st
02/12/2023, 11:44 AMSo this is possible. What you want to do is introduce the concept of something like “accountId”
rp_st
02/12/2023, 11:44 AMWherein multiple users have the same associated account id
rp_st
02/12/2023, 11:45 AMThe mapping of user id to account id is something you will have to store in your database
rp_st
02/12/2023, 11:45 AMThen you want to override the createNewSession function on the backend to add the account id to the user’s session
rp_st
02/12/2023, 11:46 AMAnd then in your api, fetch the accountId from the session and write your api logic based on that
m
mattapperson
02/12/2023, 11:47 AMHmmm and then handle the initial account id on login and updating the session to switch between accounts, and updating the permissions the user has based on the active account id
r
rp_st
02/12/2023, 11:48 AMSo the permissions can still be associated with the user id
m
mattapperson
02/12/2023, 11:48 AMCan they?
r
rp_st
02/12/2023, 11:48 AMThis way different users logging into the same account will get their respective permissions
rp_st
02/12/2023, 11:48 AMSince their user ids are different
m
mattapperson
02/12/2023, 11:49 AMBut that’s not how that works
mattapperson
02/12/2023, 11:49 AMLike slack… on one account maybe I have admin permission for that account
mattapperson
02/12/2023, 11:49 AMWhile on another I do not
r
rp_st
02/12/2023, 11:49 AMAh so one user id can be a part of multiple account ids as well
m
mattapperson
02/12/2023, 11:50 AMRight
r
rp_st
02/12/2023, 11:50 AMRight. Then you want to store the permissions based userId and account id
m
mattapperson
02/12/2023, 11:50 AMIndeed
mattapperson
02/12/2023, 11:50 AMSorry, I kinda assumed this was a more common flow then maybe it is
r
rp_st
02/12/2023, 11:51 AMThe way you can do that in supertokens is to associated all roles against a user Id (across all their accountids)
rp_st
02/12/2023, 11:52 AMAnd then override the getroles function to further filter the roles based on the current active account id
rp_st
02/12/2023, 11:52 AMAnd when users switch accounts, update the roles in the session using session.fetchAndSetClaim
m
mattapperson
02/12/2023, 11:52 AMGot it
mattapperson
02/12/2023, 11:52 AMThanks for the help!
r
rp_st
02/12/2023, 11:53 AMThere may be more edge cases in this flow. Haven’t thought about it fully yet.
rp_st
02/12/2023, 11:53 AMBut feel free to ask more questions
4 Views