I’ve been recently dealing with enabling multi tenancy in a full stack application, the back end being ASP.NET Core. When looking into various multi tenant libraries I found them to have one or more characteristics:
- The apis were quite complex, and required lots of documentation parsing
- Difficult to plug in different value resolutions
- Require lots of boilerplate code and implementation of services
Many of these libraries are designed to use configuration files or resolution databases in order to load credentials. I don’t like this, why?
The reason is simple, most credentials don’t belong in files such as
appsettings.json. Instead, these should be stored in a Key Vault which has a host of benefits such as, permission management hardware level encryption and so on. Services such as Azure Key Vault have these benefits.