ObjectStackObjectStack

Tenant

Tenant protocol schemas

Tenant Schema (Multi-Tenant Architecture)

Defines the tenant/tenancy model for ObjectStack SaaS deployments.

Supports different levels of data isolation to meet varying security,

performance, and compliance requirements.

Isolation Levels:

  • shared_schema: All tenants share the same database and schema (row-level isolation)

  • isolated_schema: Tenants have separate schemas within a shared database

  • isolated_db: Each tenant has a completely separate database

Source: packages/spec/src/system/tenant.zod.ts

TypeScript Usage

import { DatabaseLevelIsolationStrategy, DatabaseProvider, LevelIsolationStrategySchema, QuotaEnforcementResult, RowLevelIsolationStrategy, Tenant, TenantConnectionConfig, TenantIsolationConfig, TenantIsolationLevel, TenantQuota, TenantSecurityPolicy, TenantUsage } from '@objectstack/spec/system';
import type { DatabaseLevelIsolationStrategy, DatabaseProvider, LevelIsolationStrategy, QuotaEnforcementResult, RowLevelIsolationStrategy, Tenant, TenantConnectionConfig, TenantIsolationConfig, TenantIsolationLevel, TenantQuota, TenantSecurityPolicy, TenantUsage } from '@objectstack/spec/system';

// Validate data
const result = DatabaseLevelIsolationStrategy.parse(data);

DatabaseLevelIsolationStrategy

Properties

PropertyTypeRequiredDescription
strategystringDatabase-level isolation strategy
databaseObjectoptionalDatabase configuration
connectionPoolObjectoptionalConnection pool configuration
backupObjectoptionalBackup configuration
encryptionObjectoptionalEncryption configuration

DatabaseProvider

Database provider for tenant data

Allowed Values

  • turso
  • postgres
  • memory

LevelIsolationStrategySchema

Properties

PropertyTypeRequiredDescription
strategystringSchema-level isolation strategy
schemaObjectoptionalSchema configuration
migrationsObjectoptionalMigration configuration
performanceObjectoptionalPerformance settings

QuotaEnforcementResult

Quota enforcement check result

Properties

PropertyTypeRequiredDescription
allowedbooleanWhether the operation is within quota
exceededQuotastringoptionalName of the exceeded quota
currentUsagenumberoptionalCurrent usage value
limitnumberoptionalQuota limit
messagestringoptionalHuman-readable quota message

RowLevelIsolationStrategy

Properties

PropertyTypeRequiredDescription
strategystringRow-level isolation strategy
databaseObjectoptionalDatabase configuration
performanceObjectoptionalPerformance settings

Tenant

Properties

PropertyTypeRequiredDescription
idstringUnique tenant identifier
namestringTenant display name
isolationLevelEnum<'shared_schema' | 'isolated_schema' | 'isolated_db'>
databaseProviderEnum<'turso' | 'postgres' | 'memory'>optionalDatabase provider
connectionConfigObjectoptionalDatabase connection config
provisioningStatusEnum<'provisioning' | 'active' | 'suspended' | 'failed' | 'destroying'>optionalCurrent provisioning lifecycle status
planEnum<'free' | 'pro' | 'enterprise'>optionalSubscription plan
customizationsRecord<string, any>optionalCustom configuration values
quotasObjectoptional

TenantConnectionConfig

Tenant database connection configuration

Properties

PropertyTypeRequiredDescription
urlstringDatabase connection URL
authTokenstringoptionalDatabase auth token (encrypted at rest)
groupstringoptionalTurso database group name

TenantIsolationConfig

Union Options

This schema accepts one of the following structures:

Option 1

Properties

PropertyTypeRequiredDescription
strategystringRow-level isolation strategy
databaseObjectoptionalDatabase configuration
performanceObjectoptionalPerformance settings

Option 2

Properties

PropertyTypeRequiredDescription
strategystringSchema-level isolation strategy
schemaObjectoptionalSchema configuration
migrationsObjectoptionalMigration configuration
performanceObjectoptionalPerformance settings

Option 3

Properties

PropertyTypeRequiredDescription
strategystringDatabase-level isolation strategy
databaseObjectoptionalDatabase configuration
connectionPoolObjectoptionalConnection pool configuration
backupObjectoptionalBackup configuration
encryptionObjectoptionalEncryption configuration

TenantIsolationLevel

Allowed Values

  • shared_schema
  • isolated_schema
  • isolated_db

TenantQuota

Properties

PropertyTypeRequiredDescription
maxUsersintegeroptionalMaximum number of users
maxStorageintegeroptionalMaximum storage in bytes
apiRateLimitintegeroptionalAPI requests per minute
maxObjectsintegeroptionalMaximum number of custom objects
maxRecordsPerObjectintegeroptionalMaximum records per object
maxDeploymentsPerDayintegeroptionalMaximum deployments per day
maxStorageBytesintegeroptionalMaximum storage in bytes

TenantSecurityPolicy

Properties

PropertyTypeRequiredDescription
encryptionObjectoptionalEncryption requirements
accessControlObjectoptionalAccess control requirements
complianceObjectoptionalCompliance requirements

TenantUsage

Current tenant resource usage

Properties

PropertyTypeRequiredDescription
currentObjectCountintegerCurrent number of custom objects
currentRecordCountintegerTotal records across all objects
currentStorageBytesintegerCurrent storage usage in bytes
deploymentsTodayintegerDeployments executed today
currentUsersintegerCurrent number of active users
apiRequestsThisMinuteintegerAPI requests in the current minute
lastUpdatedAtstringoptionalLast usage update time

On this page

TypeScript UsageDatabaseLevelIsolationStrategyPropertiesDatabaseProviderAllowed ValuesLevelIsolationStrategySchemaPropertiesQuotaEnforcementResultPropertiesRowLevelIsolationStrategyPropertiesTenantPropertiesTenantConnectionConfigPropertiesTenantIsolationConfigUnion OptionsOption 1PropertiesOption 2PropertiesOption 3PropertiesTenantIsolationLevelAllowed ValuesTenantQuotaPropertiesTenantSecurityPolicyPropertiesTenantUsageProperties