
Ask HN: How come there is no example code for B2B-SaaS apps? - node-bayarea
I&#x27;m truly baffled! There are probably 1000s of consumer (B2C) SaaaS example and OSS apps in virtually all languages. But there is virtually ZERO examples or OSS projects that talk about B2B multi-tenant apps! The worst part is that even companies like Google Cloud don&#x27;t provide an example.<p>What I&#x27;m looking for is: A SaaS app that allows people to create tenants (companies), and allows admin of the tenant to login and manage group of users, keep track of billing for each tenant, have super-admin who can access any tenant. But the rest of the app code is shared across the tenants.
I&#x27;m looking for code that&#x27;s either in Java or JavaScript(NodeJS). Are you in the same boat as me? If not, could you please point me to something? I really appreciate that!
======
ComputerGuru
In my experience, a lot of projects start off with shared tenancy (using a
tenant id discriminator in the database) and eventually migrate to completely
separate schema for each tenant (i.e. a separate “installation” of a single-
tenancy app for each tenant) to avoid security and architectural pitfalls.

Once you’ve done that, you don’t have to worry about forgetting a `WHERE
tenantId = foo` somewhere and leaking data. The actual code is shared (i.e.
not installed separately or in separate processes) and you would simply use
your dependency injection or equivalent to resolve the DB connection
contingent on $user’s validated claims.

“Networking” or sharing entities across tenants becomes harder this way.. but
purer/cleaner. You essentially create a federation layer and communicate
across instances via a hard code wall (via network requests to yourself and an
API) rather than “in memory” which _is_ less efficient and requires a lot of
boiler plate, but it’s going to be what you’re going to end up doing anyway.

~~~
thrownaway954
using an ORM it's very simple. once you setup the relationships between
models, you always use the highest level model as the entry point of your
query and the ORM will scope the query for you. ie in Rails, if your highest
level model is Account you just always use @account.customer.find(18). the
Rails ORM will automatically scope the query to the current account.

using multiple schemas becomes a nightmare when you want to perform a
migration to alter the database schema. you have to somehow perform a
migration across every single schema without breaking anything. god forbid you
need to rollback. have everything in one database makes it really easy. as
please, don't talk how using a single database restricts scaling later on.
with how far databases have come and how cheap cloud computing is, scaling
isn't an issue anymore.

~~~
HatchedLake721
The highest level entry point makes so much sense. I’ve been building
multitenant saas for last 3 years enforcing “where tenant = x” and you’ve just
blown my mind.

~~~
hackerm0nkey
On more than one occasion I've started with a simple table for all tenants
(where tenant = x) because we didn't know at the time if we will have many.

Then progressively when we understood how the service will be used, refactored
to keep separate tenant's data separate.

Ended up with each tenant in a given schema, we were using Java and relied on
Hibernate (ORM) to help connecting to the correct DB (it does support multi-
tenancy) as well as on a DB migration tool (Liquibase) so any changes we made
to the schema get replicated over all tenants.

------
excid3
I've been working on something like this for Ruby on Rails in case anyone is
interested. It has multitenancy, billing separate for each tenant, automatic
query filtering for the current tenant, etc.
[https://jumpstartrails.com](https://jumpstartrails.com)

~~~
schappim
I 2nd [https://jumpstartrails.com](https://jumpstartrails.com) . I purchased
the "Unlimited Site License", and it is well worth it.

~~~
node-bayarea
I wish there was something like this ready in Noode.js world (happy to pay)

~~~
mattmanser
[https://github.com/async-
labs/saas/blob/master/README.md](https://github.com/async-
labs/saas/blob/master/README.md)

From: [https://www.indiehackers.com/post/17-saas-starter-kits-
boile...](https://www.indiehackers.com/post/17-saas-starter-kits-boilerplates-
based-on-your-favourite-programming-language-framework-35387161e0)

Probably more than that one.

------
guptaneil
One of the largest open-source Rails apps has all of those features: Canvas
LMS[1]. It uses Switchman[2] for abstracting the multi-tenancy logic.

Their approach has scaled to millions of concurrent users, but admittedly not
helpful if you’re looking for a guide since the code is buried in a legacy
monolith.

Part of the reason there isn’t a generic guide to this is that multi-tenancy
is probably a premature optimization if a generic guide would be helpful. Just
use nested user accounts to accomplish your business logic. By the time you
really need true multi-tenancy, generic sample code won’t be much more helpful
than the docs of the various plugins like Switchman.

1: [https://github.com/instructure/canvas-
lms](https://github.com/instructure/canvas-lms) 2:
[https://github.com/instructure/switchman](https://github.com/instructure/switchman)

~~~
yodon
That said, Canvas is also AGPL 3 which might be a concern for some people
looking for code to base their new SaaS startup on.

------
tasssko
Try this [https://saasstartupkit.com/](https://saasstartupkit.com/) built in
Golang. My company has used it for a proof of concept as it definitely is
built around b2b multi-tenancy. Good starting point for us at the time.

~~~
node-bayarea
thanks!

------
bjacobt
You should look into Feathers JS [0]. You've the option to write in Javascript
or Typescript and its built on top of nodejs/express.

Feathers JS has got builtin authentication and it is easy to add tenants. I've
created a quick example and published it here [1], there maybe some rough
edges, please mail me if you have any questions.

As others have mentioned with multi tenancy you must have good test cases that
verify you've appropriate filters in place to avoid leaking data.

[0] [https://feathersjs.com/](https://feathersjs.com/) [1]
[https://github.com/bjacobt/feathers-multi-tenant-
example](https://github.com/bjacobt/feathers-multi-tenant-example)

~~~
node-bayarea
Thanks, will look into it

------
masonhensley
I know it's a little early and it will be in Ruby on Rails. However, I'm
working on open sourcing a clone of Stripe's Home [1] as part of a series of
open source B2B applications & they should check all those boxes (besides the
Java/Node)

I'm also happy to walk you (or others in the thread if time permits) though
the source code of a closed source app I have over a video call if you need to
grok the mechanics/db structure. (email in profile.)

It's got:

\- multi-tenancy

\- roles with-in each tenant

\- sub-tenants (think engineering team vs accounting team vs hr team)

\- accounts can be members of multiple tenants

\- billing for each tenant (even sub tenants or inherit from root tenant)

\- Super Admin & "Staff" roles

\- Auditing

If anyone's interested in the open source app, follow here -
[https://twitter.com/tools_hub](https://twitter.com/tools_hub)

[1] - [https://stripe.com/blog/stripe-home](https://stripe.com/blog/stripe-
home)

~~~
dchuk
I’m super interested in this, but not sure what I’m looking at at the twitter
account. Is there something on github or similar to look at?

~~~
masonhensley
Ya, sorry. The twitter account is a placeholder while we work. Just spun up a
repo you can follow.

[https://github.com/Internal-Tools-
Hub/CorpHome/blob/master/R...](https://github.com/Internal-Tools-
Hub/CorpHome/blob/master/README.md)

------
benologist
I have been working on this:

[https://github.com/userdashboard/dashboard](https://github.com/userdashboard/dashboard)

Dashboard powers the basic 'web app with registrations' and then using modules
it can be supplemented with organizations, Stripe Subscriptions and Stripe
Connect to standardize / reuse the "SaaS boilerplate". It runs parallel to
your application server so you can use whatever stack you like. Users browse
your Dashboard server URL and it proxies your application server for content.

The software is complete but it needs niceties like useful charts and
information added to the UI and I'll be prioritizing that in the coming weeks.
It's got a really nice documentation site being generated with Github Actions
but it's not publishing correctly unfortunately, probably tomorrow that will
be resolved.

------
james_s_tayler
[http://abp.io/](http://abp.io/) is probably the best open source one I've
seen. They also offer a paid product which is fairly comprehensive. I don't
quite like their frontend stuff but the backend side of things is definitely
what you're looking for.

There are plenty of paid products in every language which are basically B2B
SaaS templates.

ABP, bullettrain, Laravel etc.

~~~
node-bayarea
looks great, I wish there was something like this in the Node.js world

------
abraae
There's little sample code because some parts of the problem are
disproportionately harder than others.

For example, in saas, if you have a serious product then you'll soon find that
some of your tenants want to use SSO. So you need not only the stuff you
mentioned already but also admin screens for setting up e.g saml for
individual tenants. Add that to your points and you don't need sample code,
you need a whole product (we use keycloak, there are plenty of other options).

As to billing, that's a whole gigantic separate area and again something where
you don't want sample code, you want a complete product (I have heard jbilling
talked of favorably).

In short, the problem space is too big to be addressed with some sample code.

------
x3haloed
Does this help?

[https://docs.microsoft.com/en-us/azure/sql-database/saas-
dbp...](https://docs.microsoft.com/en-us/azure/sql-database/saas-dbpertenant-
wingtip-app-overview)

~~~
mweatherill
I was going to post this same link. Great docs from Microsoft

~~~
node-bayarea
thanks!

------
kamyarg
This may not match your description but definitely matches the title - OSS B2B
SaaS app:
[https://github.com/getsentry/sentry](https://github.com/getsentry/sentry)

They also have a separate repo to help you run it:
[https://github.com/getsentry/onpremise](https://github.com/getsentry/onpremise)

------
phiggins
Why? It’s difficult and knowledge of how to do single and multi-tenant
applications for B2B keep a ton of people employed. However it’s not that far
off from consumer projects. Most established players moved fast to build
custom code to match their use cases. It’s not OSS material.

For B2B, “super-admin” should only be done with logged permission. Usually an
email request.

Here’s two projects to help point you in the right direction.

[https://github.com/terraform-google-modules/terraform-
google...](https://github.com/terraform-google-modules/terraform-google-
project-factory)

WorkOS is attempting to simplify this.
[https://m.youtube.com/watch?v=IR2QZQrzoiA&t=1433s](https://m.youtube.com/watch?v=IR2QZQrzoiA&t=1433s)

~~~
grinich
Thanks for the shout-out! :)

------
charrondev
[https://github.com/vanilla/vanilla](https://github.com/vanilla/vanilla) can
be run in a “multi-tenant” setup. It is always done with separate databases
and configs though.

Localhost setups are always multi-tenant, even if our infrastructure is more
strongly isolated. In the end, if you can load different configurations for
your app at runtime, and that configuration includes info about how to connect
to your DB, cache, etc, then it’s pretty easy to do.

[https://github.com/vanilla/vanilla-
docker/blob/master/docs/v...](https://github.com/vanilla/vanilla-
docker/blob/master/docs/vanilla-localhost-dirs.md) this is an example of how
we do the localhost setups, although I’d using separate DB credentials for any
production site.

------
langbot
[https://github.com/async-labs/saas](https://github.com/async-labs/saas)
"Build your own SaaS business with SaaS boilerplate. Productive stack: React,
Material-UI, Next, MobX, WebSockets, Express, Node, Mongoose, MongoDB. Written
with TypeScript"

~~~
mbzi
I like this, I see what they're doing and it looks promising. However It lacks
a data request/GDPR takedown section which for me makes the project
commercially useless.

Most teams/products always look at compliance as the last big rock to
implement and it becomes a massive headache. If this project is focused to B2B
learning it should have been tackled first (and not missing from the demo).

~~~
yread
Is it really such a big problem in b2b? Can't you be only the Processor sign a
DPA with your customers and let them handle the biggest part of the headache?

~~~
mbzi
yes. I am a data processor not a controller. If you store data tied to the
user you still need a mechanism to retrieve / delete it. This is something I
encountered. Even if it is in reality not an issue and by itself the data is
meaningless. Perhaps I need better legal advice :)

------
abhishektwr
Will you consider a SaaS option? We are finishing up a identity management
platform which does exactly that (at least access management part with 3-tiers
of multi-tenancy). Our dedicated option allows you to host up to 1000-5000
tenants in a completely isolated infrastructure. Happy to have a chat.

~~~
abhishektwr
Just to add details on this topic, Multi-tenancy is quite complicated subject
and there are many ways to implement it.

(1) One database per tenant. Each tenant gets their own set of tables.
Dedicated virtual infrastructure with strong data isolation. (2) One database
but one schema per tenant using Postgres. Each tenant gets their own set of
tables. Shared virtual infrastructure with strong data isolation. (3) One
database one schema one set of tables but tenant data is segmented using
tenant key in the tables. Shared virtual infrastructure logical data
isolation. On top you can create tenant specific views.

Before you choose one, you need to analyse best possible approach according to
your needs factoring performance, cost, maintenance and scalability. You can
also mix some of these approaches in you solution. So for instance we use all
3 on top of single codebase.

Happy to respond any specific questions anyone may have.

------
sneeuwpopsneeuw
What is the problem just build it your self. A simple template that has a
login with a todo list can be extended to have a companies table. When you
have added this, you can add a n to n relation between companies and users and
poof you have a B2B saas app template.

~~~
eloff
Having built a number of these, it's not that simple. For example do you put a
tenant column on every table, have a separate table per tenant, or have a
separate schema or database? There are tradeoffs for each approach and lots of
gotchas you wouldn't expect. Like if you use a separate table or database,
migrations take forever, you can run into file descriptor limits in your
database, etc.

~~~
wolco
Separate table per tenant? Not unless you have/expect 2 to 5 tenants otherwise
you run into the issues you describe above.

Having a database per tenant has always interested me. It make sense if the
databases will be different (contain other tables)

Adding a tenant id to the tables that require them makes sense.

The best approach is to create a pivot table between users and tenants that
holds user_id and tenant_id. Use the primary id of that table to represent the
user at that tenant.

~~~
eloff
The limit is a lot higher than 2 to 5, but I think sooner or later it will get
you. Until then you will suffer a slow death by a thousand migrations.

A separate database is best used if you need an absolute firewall between the
tenants for security reasons. Almost no bug can ever let one tenant see the
data from another. If they share tables, it's easier to make that mistake.

The downside is you can't have quieres across all your tenants, so you'll want
a BI database that brings all the data together anyway.

------
mmaha
Check this [SaaS Deployment Guide]([https://github.com/aws-quickstart/saas-
identity-cognito](https://github.com/aws-quickstart/saas-identity-cognito))
out from AWS.

------
hayksaakian
I'm not sure you'll find something with such a specific requirement.

The first thing that came to mind is server management tools like free
alternatives to cpanel/webhostmanager

[https://froxlor.org/](https://froxlor.org/)

You'll have better luck searching online if you look for "free / open source"
\+ specific problem/solution rather than "b2b saas app"

in this example i searched for "free alternative to cpanel"

------
hijp
I’m using Jumpstart Pro (paid) for a rail’s app i’m working on, I know you
requested node, but you may find it very useful to see how they implemented
multitenancy and ruby/rails code is very readable.

[https://youtu.be/6wuaVWKVclo](https://youtu.be/6wuaVWKVclo)

[https://jumpstartrails.com/](https://jumpstartrails.com/)

------
hbcondo714
An engineer from Nodewood posted on here at the same time as this post about
their SaaS starter kit, built in Node.js and includes billing but no mention
of multi-tenancy:

[https://news.ycombinator.com/item?id=23054417](https://news.ycombinator.com/item?id=23054417)

------
hackerm0nkey
I have built many over the years in Java but nothing is public, I was thinking
of abstracting away a Microservice template as a starting point for my
projects.

What you are mentioning is a very specific example of that, happy to have a
chat and perhaps we can build that together and open source it ?

------
yodon
And then add in a user authentication system like Auth0 or Cognito with a way
to pass authentication tokens among microservices within the app. All stuff
that should be boilerplate samples but in practice burns an enormous amount of
time getting in place.

------
harshamv22
Multitenancy with Rails - 2nd edition

If you are doing Rails by any chance this is just what you need.
[https://leanpub.com/multi-tenancy-rails-2](https://leanpub.com/multi-tenancy-
rails-2)

------
dawie
If you find any, please let us know. We are looking for a Laravel example.

~~~
mikeburrelljr
Check out Tenancy for Laravel:
[https://tenancyforlaravel.com/](https://tenancyforlaravel.com/)

------
mariushn
[https://nodex.wensia.com/](https://nodex.wensia.com/) (it's not OSS, but $99)

------
stedaniels
They're are literally dozens of these startup frameworks for most of the web
languages out there.

------
mikst
I think because it's much easier to do deploy templates than multitennancy.

------
cultofmetatron
you could get pretty far with laravel spark if you don't mind picking up some
php. [https://spark.laravel.com/](https://spark.laravel.com/)

------
villgax
That's kind of their daily bread & butter.

------
swiley
Doesn't open stack do this?

------
gfodor
I'm starting a SaaS that adds multitenancy to an app as a service.

------
mister_hn
Isn't Gitlab a B2B SaaS app?

