Multi-Client Web API Structure

7

I have the following situation:

I have a Web application that accesses the data through a C # WebAPI. I need to apply the concept of multitenancy in it to allow my application to be accessed by multiple clients and that each client access your database individually.

Faced with this need, I researched the SOPt and found the following questions:

Web application for several people

Databases for Different Customers

As for the concept I understood, my question is about the deploy of my WebAPI and what would be the best practice:

Should I deploy and host a single API instance in IIS (and redirect access to the database via code)?

Or should I perform the individual Deploy, ie host numerous instances of the API in IIS, each accessing your database?

If the second option is the most feasible, is there any way to do this multiple deploy in a more automated way? Is there a cloud feature that enables this deploy escalation (Azure, Amazon, etc ...)?

    
asked by anonymous 03.01.2017 / 14:43

1 answer

4

The question is a little broad. I'll try to provide some parameters that will help you choose your ideal scenario.

  • Individual Databases ensure data isolation (one user of one client will not see data from another). On the other hand, your cost of maintaining the structure will be considerably higher - imagine that whenever you change the model the patch should be applied in 100+ instances. This scenario is further complicated if you allow banks to be in different versions of patching . Additionally you will need a repository exclusively to provide tenancy scope - a bank where clients and their users are registered.

  • A shared database simplifies your patching process, however it needs a greater effort to ensure isolation - search interfaces should always client to which the user is associated.

  • The API can have its parameterized scope without the need for hundreds of deploys . Some usage policies that may be useful are credential scope definition , where the scope of data to be used is defined after the user's sign-in, or per domain strong>, where both cliente1.api.empresa.br and cliente2.api.empresa.br are mapped to api.empresa.br , and internally its API chooses the data scope according to the subdomain accessed (#

03.01.2017 / 15:14