B2B products have organizations (tenants) as customers where each of those organizations have multiple employees. These employees (members) need to share and access the same resources. Multi-tenancy supports this hierarchy of organizations and employees.<p>We’ve spent considerable time evaluating current solutions. While there are a range of options - we’ve written more about the existing problems here [1]<p>SuperTokens.com is open core - it enables you to self host or deploy your product on your customer’s infrastructure.<p>For our B2B offering, we’ve tried to strike the right balance between price and functionality. Unique to SuperTokens is that you can pay for individual features as opposed to needing to pay for a full tier which may include features you do not need<p>SuperTokens integrates natively into your frontend and backend - giving you significant control over the end user experience (UI native to your domain, without Auth0 like redirects) and the backend developer experience (override any function and make customisations within your own API layer).<p>Our implementation of the feature also includes all of the following:<p>1. API to create tenants, 2. Unique or shared user pools, 3. Create multiple development (staging, testing) environments, 4. Unique login experiences per tenant, 5. User management dashboard to manage users on a tenant level<p>Additionally, SuperTokens also supports B2B2C and B2B2B usecases!<p>What’s next:
We’re working on several future features - such as SCIM provisioning, TOTP and Pre-built UI for invitation flows<p>We'd love for you to try it out and let us know what you think. You can get started by visiting supertokens.com<p>-
[1] Existing self hosted solutions don’t support multi-tenancy / org or multi env setup very well. They either require you to deploy one instance of their service per org (= dev ops nightmare), or have limits on the number of orgs before you start seeing performance issues.<p>Whilst existing managed solutions have the features, it can be frustrating to customize the auth logic. This usually requires you to create webhooks (which are not type safe + you need to secure them), or to upload code onto their service, which is difficult to review and maintain.