Hey all, I was wondering if there’s anyway to use Prefect (I have the services self hosted on a kubernetes cluster) with multiple tenants. I see the

tenant

field in the database, but could find a way to make the UI tenant specific, neither to register the flow for a specific tenant. Any ideas?

Hi @wiretrack - since Prefect Server doesn't ship with any form of auth, the

tenant

field is a convention only; the UI normally relies on implicit database sharding to filter views instead of adding an explicit

tenant_id

filter to every request

Hi @nicholas, thanks, understood. I’ve been looking into the code I though that it was not the case indeed. I’ve seen that

register()

method in the

Flow

class instantiates a

client

object, which accepts

tenant_id

as a parameter. So, excluding the authentication (security) aspect of it, it shouldn’t be a dramatic change to add

tenant_id

as a parameter for the

register

method, and allow for multitenancy. Maybe the UI would need an extra layer to allow to change tenants, but could also have just a

tenant_id

identifier. Far from production ready in the sense of security, but could be a great alternative for separation of concerns.

In theory I think we'd be willing to accept something like that but I think it may end up being a pretty non-trivial amount of work, particularly in the UI, since every query will need to be adjusted and every component that calls them will need to retrieve and pass it