HELP - Best Practice?

💬 App Building
,
1

Background:

I have multiple different customers (about 12 right now, but hoping to grow to 100+), each customer may have multiple users (1-5). Each customer has a completely separate postgres database.

Goals:

  1. Give each user a login to only see data from their specific postgres database
  2. Allow for slight customizations between customers
  3. Make it easy to push updates out to all customers

Current Process:

Right now I have separate retool apps created for each customer. I give user’s access to only the retool app for their company. To make it easy to push updates, I have each page in the app created as a module. I use a series of variables as inputs into the modules to give customization for each customer. When I update the parent module, it auto pushes updates to each customer.

One thing I’m realizing is that the AI assist builder is not enable for modules. I’m also worried modules may have slowed load times than building directly in an app… so this makes me question if I’m doing this the best way.

Alternatives?:

I’ve thought about just maintaining a single app with variables kept at the user level to control customizations between customers. This would be a large redesign and I’m not even sure it would be the best way to do this.

So I ask the experts:

Am I doing this the best way possible? Is there an alternative that I’ve overlooked?

4

Hi @Drowe003,

Your goals are definitely achievable.

Having app changed cascade down from a single point of truth to all of your apps may get tricky as modules will bump into some scaling limitations and as you mentioned not work well with the current Retool Assist.

Often times, I have seen Retool practitioners split out separate Retool Spaces for each customer/sub-org to partition the resource and query data in the simplest way.

The biggest challenge with this would be keeping the apps in each Space up to date/in sync to changes you are making to the 'parent' app, which I am assuming you are wanting to be the place where you make edits/updates.

One option would be to use the JSON export/import flow to copy down the parent app to a 'child' app for each Space.

The other option would be having a single app and then delegating what data(queries/resources) can be seen and accessed at the user group permission level.

This makes it much easier for updating the app if you expect to make lots of changes. Since you are essentially having all the users on the 'parent' app instead of 'child' apps that could fall behind the parent in updates.

The harder part is making sure permissions stay organized and that queries and resources have the configurations to ensure data partitioning.

Both options have trade offs, it depends on what you think will be harder and will be doing more often. Customizations for customers or pushing updates?

Check out our docs on Permissions quick start here.

Row level security docs for using user groups and user attributes to control data access at the user level in a single app.

As well as Role Based Access Control and the Governance page of our docs. These should help give you some examples as well as conceptional framing of what can be done in Retool for permissions and how it can be done.

Of course, you can not have do deal with permissions by having a Space for each customer, but then you have have some duplicate logic for queries/resources. But once those are set, most of the time cost is up front and it is easy to maintain from there.

Hope this helps and let me know if you have any further questions!