Role Based Access/Resource Control for a SaaS app with Multi-Tenancy

Hey all,

Is there a package or combination of packages that people here use for this, for example, allowing a paying tenant admin user to create users that can create and/or edit content but not other users?

This will be my first multi-tenant app, so I’m really in the deep end and appreciate any advise.


If you are using Phoenix, you can take a look at Otherwise, use

Either one just provides a way for you to define permissions. You still have to handle the multi-tenant situation. It’s pretty much per your use case.

1 Like

I might be in the minority here, but I would build the authorization component myself. Authorization tends to involve complicated business rules and, in my experience, is specific to each application. If you use a library you have to include those business rules within the patterns of the library. Personally I’ve had better results creating the patterns that make sense for the specific application I’m working on.

That said, there’s nothing wrong with using an auth library. Canary is popular and seems like another good option. Try a few out and see what you think.

1 Like

Thanks, I’ll check out policy wonk (again).

Something in the past appeared lacking in it to me, or I was lacking at elixir/phoenix framework to have time to get it, the latter more likely, haha.

Hopefully this time it fills the gap I’m finding, but perhaps that’s because I don’t yet trust myself to write completely error free code that may also be more insecure than if it were a commonly used core package for authentication and authorisation. I think I’m just being a whinging noob for complaining, haha. Perhaps I’ll give it a try if I can’t get policy wonk or another package (or combination of) working first or I fail to modify/extend them if necessary.

Thanks, I’ll check them out!