User management with multi tenant setup

marc.roth · August 5, 2020, 9:33pm

Hi community,

we're trying to move our application from a graph-based user management over to the integrated role based one from the 4.1 enterprise. At the moment we have all users stored in one instance per tenant and therefore the management is secure for each of them as they only can see their own users.
But we couldn't setup a system with one neo4j instance and multiple databases as granting user management allows to see all other users because of the access to the dbms. We can of course filter them down within the application using a filter to the corresponding roles, but there's still the evil database access what chalks up our system as a vulnerable.
Has anybody else had to do with such a setup already and if so what was the final outcome? Would be great to hear from you.

Kindly,
Marc

sameerG · August 6, 2020, 12:21pm

marc.roth · August 6, 2020, 12:53pm

Hi @sameerG,
thanks for sharing this video. I've already been walking through nearly all features of 4.1 concerning its' access control features. Inside the video I've seen nothing concerning any kind of "tenant-user-admin-roles", or maybe I've skipped the crucial few seconds.
Kindly,
Marc

Topic		Replies	Views
Multi-tenancy Operations apoc , operations , knowledge-base	5	2825	January 14, 2020
Neo4J Fine-Grained Security for Subset of Nodes with Label Neo4j Graph Platform security	1	501	November 20, 2020
Multiple users using same Neo4j Instance Neo4j Graph Platform migrated	9	697	November 30, 2022
Strategies for Neo4j 4 drivers and authorisation Community Content & Blogs	0	378	February 28, 2020
Multi tenant production environment Cluster	2	486	April 3, 2021

User management with multi tenant setup

Related topics