How to Build a Multi-Tenant SaaS with Next.js

Multi-tenancy is the cornerstone of B2B SaaS. It allows multiple customers (tenants) to share a single application while keeping their data completely isolated. In this guide, we'll explore the key concepts and implementation patterns for building multi-tenant SaaS with Next.js.

What is Multi-Tenancy?

Multi-tenancy means that a single instance of your application serves multiple customers. Each customer (tenant) gets their own workspace, data, and often their own billing — all running on shared infrastructure.

Common Multi-Tenancy Patterns

Pattern	Description	Complexity	Data Isolation
Shared database, shared schema	All tenants in one database with tenant ID column	Low	Low
Shared database, separate schemas	Each tenant gets their own database schema	Medium	High
Separate databases	Each tenant gets their own database	High	Highest

For most SaaS applications, shared database with a tenant ID (also called row-level isolation) provides the best balance of simplicity and data safety.

Core Components

1. Organization Model

The organization is the primary tenant entity:

// Database schema (Prisma example)
model Organization {
  id        String   @id @default(cuid())
  name      String
  slug      String   @unique
  members   OrganizationMember[]
  createdAt DateTime @default(now())
}

model OrganizationMember {
  id             String       @id @default(cuid())
  userId         String
  organizationId String
  role           MemberRole   @default(MEMBER)
  user           User         @relation(fields: [userId])
  organization   Organization @relation(fields: [organizationId])
}

enum MemberRole {
  OWNER
  ADMIN
  MEMBER
}

2. Data Scoping

Every database query should be scoped to the current organization:

// Always include organizationId in queries
const projects = await db.project.findMany({
  where: { organizationId: currentOrg.id },
});

3. Role-Based Access Control (RBAC)

Different roles need different permissions:

const permissions = {
  OWNER: ['manage_organization', 'manage_members', 'manage_billing', 'read', 'write', 'delete'],
  ADMIN: ['manage_members', 'read', 'write', 'delete'],
  MEMBER: ['read', 'write'],
};

function hasPermission(role: MemberRole, permission: string): boolean {
  return permissions[role]?.includes(permission) ?? false;
}

4. Organization Switching

Users can belong to multiple organizations:

// Middleware to resolve current organization
function getCurrentOrganization(request: Request) {
  // Option 1: From URL path (/org/[slug]/dashboard)
  // Option 2: From cookie/session
  // Option 3: From header
}

Key Challenges

Data Isolation

Ensure queries are always scoped. A single missed where clause can leak data between tenants. Use middleware or query hooks to enforce this automatically.

Billing Per Organization

Subscriptions should be tied to organizations, not individual users. This allows team billing and per-seat pricing.

Invitations

Building an invite flow requires email sending, token generation, and a join process:

1. Admin sends invite → generates token → sends email
2. Invitee clicks link → verifies token → joins organization
3. New member gets assigned a role

Organization Context

Make the current organization available throughout your app — in server components, API routes, and client components.

The Faster Way: Use supastarter

Building multi-tenancy from scratch is complex and error-prone. supastarter includes a complete multi-tenancy implementation:

• Organization CRUD with settings
• Member management with invitations
• RBAC with configurable roles
• Data scoping middleware
• Organization-level billing
• Organization switching UI
• Available for Next.js and Nuxt

Check out supastarter to get a production-ready multi-tenant SaaS foundation.

Summary

Multi-tenancy is essential for B2B SaaS. The key components are:

1. Organization model — the primary tenant entity
2. Data scoping — all queries filtered by organization
3. RBAC — role-based permissions per member
4. Member management — invitations and role assignment
5. Organization billing — subscriptions tied to orgs

For a production-ready implementation, consider using a SaaS boilerplate like supastarter that handles all of this out of the box.