Loading…
Loading…
Three approaches to multi-tenancy: shared database with tenant column (simplest, used by Archiet-generated code), database-per-tenant (strongest isolation, higher operational cost), and schema-per-tenant (PostgreSQL schemas, good middle ground). Archiet generates the shared-database pattern with workspace_id on every table and row-level security policies — the most common pattern for B2B SaaS up to 10,000 tenants.
Every database query in the generated code includes workspace_id filtering. This is not a convention — it is enforced structurally. The ORM models include workspace_id as a required foreign key. API endpoints extract the workspace from the authenticated user's JWT. PostgreSQL row-level security provides a second layer of defense at the database level.
The generated code includes Stripe or Paystack integration with per-workspace subscription management: checkout flow, webhook handlers for subscription lifecycle events (created, updated, cancelled, payment failed), plan-based feature gating, and usage tracking. Each workspace has its own billing state independent of other tenants.
The generated infrastructure supports horizontal scaling: stateless API servers behind a load balancer, PostgreSQL with connection pooling (PgBouncer), Redis for caching and session storage, and Celery for background job processing. The architecture model captures these infrastructure components so the compliance assessment includes availability and scalability controls.
Design your event-driven system with ArchiMate, generate production code with event bus, command/query separation, saga patterns, and dead letter queues included.
Never trust, always verify. Archiet generates zero trust architectures with identity-based access controls, micro-segmentation, continuous verification, and least-privilege defaults — mapped to SOC 2, ISO 27001, and NIST 800-207.