DevPath · Learn to code ESPTEN

Capstone: launch your SaaS

The plan: a multi-tenant SaaS

What you'll build

A SaaS (Software as a Service) is software used from the cloud by subscription: many people and many companies share the same application and the same database. That raises the central challenge of this capstone: that each customer sees only their own data.

Multi-tenancy

Each customer account is a tenant. In a multi-tenant model, a single instance of your application serves all tenants, and the data lives together in the same tables. The key piece is a column like tenant_id that labels each row with the owner it belongs to.

// A row from the "projects" table
{ id: 3, tenant_id: 1, name: "Acme Mobile App" }

Why isolate by tenant

If a query forgets to filter by tenant_id, a customer could see or modify another customer's data. It's the most serious (and most common) security flaw in a SaaS. That's why every read and write must be scoped to the request's tenant:

SELECT * FROM projects WHERE tenant_id = :currentTenant;

It's not optional or an optimization: it's your product's security boundary.

The layers you'll touch

The capstone integrates the whole stack you've learned in DevPath. You'll build, in order:

  1. Data (SQL): the query that returns only a tenant's projects.
  2. Backend (JS): a handler that chains a request's pipeline.
  3. Operations (JS): a production checklist and per-environment configuration.
  4. UI (React): a dashboard that shows the SaaS metrics.

Each piece is small; together, they're an application ready to launch.

Put this into practice

DevPath is a hands-on course: you read the theory here; in the app you put it into practice with exercises that really run, offline.

Start free in the app →
A request's pipeline and the production checklist →