is it possible with SuperTokens to have accounts with multip

Question

is it possible with SuperTokens to have accounts with multiple users

rp · Answer

Hey < mattapperson>

rp · Answer

Are you talking about our sign in on supertokens com We don t have that yet

rp · Answer

Or are you talking about implementing that feature using supertokens on your app

mattapperson · Answer

The latter in my own app

rp · Answer

Right Can you elaborate on the flow a bit more Maybe give an example use case in detail

mattapperson · Answer

Sure basically the idea being that a company can sign up and have N employees have their own logins I m thinking I could create sets of roles per account but the api feels not optimized for this so I m thinking this could lease to issues

rp · Answer

So you essentially want multi tenancy Where each tenant is an org and each tenant has its own user pool

mattapperson · Answer

Not really no I just want to support business users who will have multiple users assigned to their account and can see their data to varying degrees based on permissions Think like slack 1 user can belong to N accounts an account can have N users

rp · Answer

Hmmm I see

rp · Answer

So this is possible What you want to do is introduce the concept of something like accountId

rp · Answer

Wherein multiple users have the same associated account id

rp · Answer

The mapping of user id to account id is something you will have to store in your database

rp · Answer

Then you want to override the createNewSession function on the backend to add the account id to the user s session

rp · Answer

And then in your api fetch the accountId from the session and write your api logic based on that

mattapperson · Answer

Hmmm and then handle the initial account id on login and updating the session to switch between accounts and updating the permissions the user has based on the active account id

rp · Answer

So the permissions can still be associated with the user id

mattapperson · Answer

Can they

rp · Answer

This way different users logging into the same account will get their respective permissions

rp · Answer

Since their user ids are different

mattapperson · Answer

But that s not how that works

mattapperson · Answer

Like slack on one account maybe I have admin permission for that account

mattapperson · Answer

While on another I do not

rp · Answer

Ah so one user id can be a part of multiple account ids as well

mattapperson · Answer

Right

rp · Answer

Right Then you want to store the permissions based userId and account id

mattapperson · Answer

Indeed

mattapperson · Answer

Sorry I kinda assumed this was a more common flow then maybe it is

rp · Answer

The way you can do that in supertokens is to associated all roles against a user Id across all their accountids

rp · Answer

And then override the getroles function to further filter the roles based on the current active account id

rp · Answer

And when users switch accounts update the roles in the session using session fetchAndSetClaim

mattapperson · Answer

Got it

mattapperson · Answer

Thanks for the help

rp · Answer

There may be more edge cases in this flow Haven t thought about it fully yet

rp · Answer

But feel free to ask more questions