Multi Tenant REST API

Multi Tenant REST API

  

I am basing my architecture on the 4 layer canvas. So I have my entity models defined as read only in the Core Business Modules, and I am exposing an API to be able to edit the data on this layer. 

I have set all my modules to be multi tenant.


On the End User module I am trying to find a way to save the data by tenant using the basic authentication, the problem is that basic authentication doesn't let me use the logged in user as the parameters, so I can only set one specific user so that this works.

What is the best approach to achieve multi tenancy using the 4 layer canvas?


Thanks

Hey Andres,

are you exposing a REST API to be used between your modules?

Hi Pedro,

Thanks for the reply.

Yes, so basically I have all my data models set as PUBLIC and READ ONLY in a module that exposes a set of API's so that the UI module can call these API's and be able to edit the data.

Pedro Cardoso wrote:

Hey Andres,

are you exposing a REST API to be used between your modules?


Solution

But why a REST API? Why not a set of public actions that you can reference in your module? Not sure if the recommendation in 4LA changed, but I don't remember seeing nothing about using REST to make your modules "talk" to each other...

Solution

Yes, that is true, it is easier to do Public Actions and take advantages of everything that OutSystems has built in.

But in case that in the future I would like to expose an API that will be able to be consumed by a separate application, in order to keep the tenants correctly, would we need to create custom authentication, or somehow send in the TenantId if we expose the TenantId?

Pedro Cardoso wrote:

But why a REST API? Why not a set of public actions that you can reference in your module? Not sure if the recommendation in 4LA changed, but I don't remember seeing nothing about using REST to make your modules "talk" to each other...



Thing is that, when you're inside the webservice, you still didn't logged in with a user. I would say that you need to log in with a user, and in that way, you're already in the correct tenant.

Thanks a lot for your responses Pedro

 I'm going to go with the Public Server Actions for now, and will keep playing around with the log ins for a REST API to identify the tenants.


Pedro Cardoso wrote:

Thing is that, when you're inside the webservice, you still didn't logged in with a user. I would say that you need to log in with a user, and in that way, you're already in the correct tenant.



Welcome :)