is it possible with SuperTokens to have accounts w...
# support-questionsm
mattapperson
02/11/2023, 3:10 AMis it possible with SuperTokens to have accounts with multiple users?
r
rp
02/11/2023, 4:40 AMHey @mattapperson
rp
02/11/2023, 4:40 AMAre you talking about our sign in on supertokens.com? We don’t have that yet.
rp
02/11/2023, 4:45 AMOr are you talking about implementing that feature using supertokens on your app?
m
mattapperson
02/11/2023, 12:47 PMThe latter, in my own app
r
rp
02/11/2023, 1:46 PMRight. Can you elaborate on the flow a bit more? Maybe give an example use case in detail
m
mattapperson
02/12/2023, 2:59 AMSure, basically the idea being that a company can sign up and have N employees have their own logins.
I’m thinking I could create sets of roles per account, but the api feels not optimized for this so I’m thinking this could lease to issues.
r
rp
02/12/2023, 4:09 AMSo you essentially want multi tenancy? Where each tenant is an org and each tenant has its own user pool?
m
mattapperson
02/12/2023, 11:42 AMNot really, no. I just want to support business users who will have multiple users assigned to their account and can see their data to varying degrees based on permissions. Think like slack.
1 user can belong to N accounts, an account can have N users
r
rp
02/12/2023, 11:43 AMHmmm. I see.
rp
02/12/2023, 11:44 AMSo this is possible. What you want to do is introduce the concept of something like “accountId”
rp
02/12/2023, 11:44 AMWherein multiple users have the same associated account id
rp
02/12/2023, 11:45 AMThe mapping of user id to account id is something you will have to store in your database
rp
02/12/2023, 11:45 AMThen you want to override the createNewSession function on the backend to add the account id to the user’s session
rp
02/12/2023, 11:46 AMAnd then in your api, fetch the accountId from the session and write your api logic based on that
m
mattapperson
02/12/2023, 11:47 AMHmmm and then handle the initial account id on login and updating the session to switch between accounts, and updating the permissions the user has based on the active account id
r
rp
02/12/2023, 11:48 AMSo the permissions can still be associated with the user id
m
mattapperson
02/12/2023, 11:48 AMCan they?
r
rp
02/12/2023, 11:48 AMThis way different users logging into the same account will get their respective permissions
rp
02/12/2023, 11:48 AMSince their user ids are different
m
mattapperson
02/12/2023, 11:49 AMBut that’s not how that works
mattapperson
02/12/2023, 11:49 AMLike slack… on one account maybe I have admin permission for that account
mattapperson
02/12/2023, 11:49 AMWhile on another I do not
r
rp
02/12/2023, 11:49 AMAh so one user id can be a part of multiple account ids as well
m
mattapperson
02/12/2023, 11:50 AMRight
r
rp
02/12/2023, 11:50 AMRight. Then you want to store the permissions based userId and account id
m
mattapperson
02/12/2023, 11:50 AMIndeed
mattapperson
02/12/2023, 11:50 AMSorry, I kinda assumed this was a more common flow then maybe it is
r
rp
02/12/2023, 11:51 AMThe way you can do that in supertokens is to associated all roles against a user Id (across all their accountids)
rp
02/12/2023, 11:52 AMAnd then override the getroles function to further filter the roles based on the current active account id
rp
02/12/2023, 11:52 AMAnd when users switch accounts, update the roles in the session using session.fetchAndSetClaim
m
mattapperson
02/12/2023, 11:52 AMGot it
mattapperson
02/12/2023, 11:52 AMThanks for the help!
r
rp
02/12/2023, 11:53 AMThere may be more edge cases in this flow. Haven’t thought about it fully yet.
rp
02/12/2023, 11:53 AMBut feel free to ask more questions