Skip to main content

Multi-tenancy

What is multi-tenancy?

A multi-tenant system allows multiple users (tenants) to use the same software independently.

Let's break this down:

... system ...

Here are some example systems:

  1. Application binary: each user downloads a copy and runs it on their own device. (VSCode, Chrome)
  2. Self-hosting: users can deploy the system on their server, one tenant per server. (Wordpress)
  3. SaaS: users sign in at a central portal and create a tenant. (Shopify)

Healthblocks supports both the 2nd & 3rd model, so multiple servers and each server may have multiple tenants (projects).

... multiple users ...

Healthblocks users can interact in different ways, it's important to understand this mental model!

  1. Server/user: A user account is required to sign in to a server. A user may create projects of which they are automatically an admin member. In a self-hosting setup, user signups and project creation are typically disabled.
  2. Project/member: A member can have one of three roles: admin/caregiver/patient.
    • Admin members can manage all members and their careteams in the project.
    • Caregivers can view basic member info and join their careteam.
    • Patients can only see caregivers in their careteam.
  3. Careteam/participant: A participant can have multiple roles. Each role gives that member some permissions. Care team roles and associated permissions can be configured per project.
    • FHIR has a value set for participant roles that can be used as inspiration.
    • A general purpose "View-only" role can be used to create URL-shareable exports.

... same software ...

All Healthblocks projects run the same core APIs even though the patient/caregiver facing interface is branded or even custom built. Integrations & extensions can be enabled on a project-basis. So functionality may vary between projects even though they run the same core API version.

  • Healthblocks SaaS always runs the latest available version.
  • Self-hosted Healthblocks servers may lag behind the latest version. It's up to the administrator to keep their system up-to-date.

... independently.

Each tenant (project) is 100% independent and should in no way affect other projects. It's our highest priority to prevent data leaking between projects.

How does multi-tenancy affect integrations?

Integrations MUST be aware of the relevant project they are interacting with. The naive solution would be to have one API key and add ?projectId=3 to each API call, but this is error prone. That's why API keys are linked to only one project. If an integration supports multiple projects/servers, they should keep track of the different API keys & complete API endpoint URLs. This information is available when the integration is activated.