SaaS patterns

Multi-tenant routing without spaghetti middleware

Tenant at hostname or path—small functions stay independently deployable.

Read gateway docsCustom domains

Situation

Tenant leaks are expensive

A single shared stack with ad hoc tenant checks risks ID confusion and data exposure.

Debugging “which tenant hit this?” without routing metadata slows incidents.

Sharp edges

Anti-patterns

Giant routers with nested conditionals hide auth mistakes.

Copy-pasting deployments per tenant does not scale operationally.

How Inquir fits

Structured ingress

Encode tenant dimensions at the gateway so handlers receive normalized context.

Reuse observability and secrets across tenants without merging runtime processes.

Capabilities

Design knobs

Host-based tenants

Map customer subdomains to function sets.

Path prefixes

Keep one certificate while namespacing routes.

Auth separation

Attach different API key policies per surface when needed.

Steps

How to implement multi-tenant routing on Inquir

1

Choose strategy

Prefer hosts for strongest isolation perception; paths when DNS is constrained.

2

Normalize context

Pass tenant identifiers explicitly into handlers.

3

Test isolation

Automate negative tests that cross tenant boundaries.

Code example

Handler receives context

Gateway events include headers and body as strings. Header names follow the incoming HTTP message (check both casings if clients differ).

handler.mjs
export async function handler(event) {
  const tenantId =
    event.headers['x-tenant-id'] ?? event.headers['X-Tenant-Id'];
  const payload = JSON.parse(event.body || '{}');
  const data = await loadForTenant(tenantId, payload);
  return { statusCode: 200, body: JSON.stringify(data) };
}

Fit

When this matters

When to use

  • B2B SaaS APIs
  • Per-customer webhook endpoints

When not to use

  • Single-tenant internal tools

FAQ

FAQ

Does multi-tenant routing replace database row-level security?

No—ingress routing helps avoid cross-tenant mistakes at the edge; databases still need tenant-aware policies and tests.

Host-based vs path-based tenants—which to choose?

Hosts feel cleaner for white-label APIs; paths work when DNS is constrained—both can be valid if tenant context is explicit to handlers.

How do I test tenant isolation?

Automate negative tests: tokens from tenant A must never succeed against tenant B routes, and logs should tag tenant IDs consistently.

Related

Related guides

What to open next on this site: platform comparisons, feature pages, and docs that usually follow this article.

Custom domainsTLS and hostname mapping for customer-facing ingress.REST API use caseB2B APIs with tenant-scoped routes.Webhook ingressDedicated ingress for provider callbacks.Webhook processors use caseVerify and route events without tenant confusion.DocumentationGateway context headers and auth.
Inquir Compute

The simplest way to run AI agents and backend jobs without infrastructure.

Contact info@inquir.org

Product

Solutions

Developers

Company

Contact
© 2025 Inquir Compute. All rights reserved.