Multi-tenancy
NextGenKit implements multi-tenancy using Clerk Organizations with per-tenant data isolation.
How It Works
- Each organization is a tenant
- Data is scoped by
orgIdat the Prisma query level - Users can belong to multiple organizations
- Roles (admin, member) control access within each org
Data Isolation
All database queries should scope by the active organization:
import { requireOrg } from "@/lib/auth"
import { db } from "@/lib/db"
const org = await requireOrg()
const projects = await db.project.findMany({
where: { organizationId: org.id },
})
Team Management
Clerk handles invitations and member management:
- Invite members via email
- Assign roles (admin, member)
- Remove members
- Transfer ownership
Adding Org-Scoped Models
When adding new database models that should be tenant-scoped:
model Project {
id String @id @default(cuid())
name String
organizationId String
createdAt DateTime @default(now())
}
Always filter by organizationId in queries to maintain isolation.