Discussion with the tech expert at Procol
We have kept a combination of
clientId as composite primary key into all important collections. This helps us make query userwise, brandwise, and combination (workspace-wise).
We make use of
auth token to determine which user and brand is request coming from. Accordingly, have written policies and access control.
We also suggest to make room for as many customisation as possible early on. Because SaaS is all about service and should be customisable. We pay special attention to offerings like payments and teams role management.
We haven't split-up our code base so it's a huge monolith application. However, we are now trying to split up into independent services given the scaling up issues.
We don't maintain separate database for each client (many recommend - multi tenant system). However, we have customised our existing system to run separate databases for one-two clients on their premises.