Separate data by tenant
Multitenancy in Aidbox can be achieved with Multibox, API Constructor or AccessPolicies.
Multibox is a type of Aidbox distribution that isolates data to separate databases in the same PostgreSQL cluster and provides separate base URLs for each of them. Separate APIs with different base URLs are used for different tenants. Multibox allows hosting hundreds and thousands of Aidbox services in a single runtime.
Aidbox API Constructor is a tool to define your own REST API routes with middlewares, access checks, etc. In terms of multitenancy API Constructor allows you to:
- configure API with tenant filters forced on data access;
- create separate APIs for different tenants.
You can fine-tune access to every operation or resource type, for example:
- Restrict access to resources like Patient, Encounter access by tenants, i.e. each tenant can only read/change their own resources.
Locationresources read access across all tenants.
- Allow creating
Locationresources only for some specific client.
Aidbox AccessPolicy can be used to add requirements to requests. Aidbox FHIR API can have filters to ensure that a client can access only certain data. To separate search request results by a tenant you can add a filter by the tenant identifier. AccessPolicy forces using the tenant id to get access to the tenant data.