Hey there! After going through the LCM documentation, I'm still not sure how to implement our multitenancy use case on GD. Could you help me out? Our use-case is the following: Our users are stored in Auth0. We want to provide dashboarding capabilities to our users while white-labelling the GD platform and providing SSO integration with our Auth0 userbase. Within our platform, each user can have access to multiple tenants (a tenant = medical practice), and each tenant can be part of a group of tenants (medical group). We want to provide the ability for a user to join more than one tenant (workspace) in GD. We want to provide the ability for a user that is part of a medical group (group of tenants) to also have access to a workspace dedicated to the medical group. Workspaces dedicated to the group of tenants (medical groups) will be part of a different segment from tenants (medical practices) because they will have different dashboards from the tenants. They can share the same LDM as the tenants, but do not have to. Given the above, 1. How can a user have access to multiple workspace when using SSO? Is it as simple as having multiple entries in the User Bricks for the user from Auth0? And if so, how do I keep my access list up to date with the access list within our platform? 2. How can data be accessed at the medical practice workspace level and at the medical group workspace level? A possible solution is to duplicate the data in the data warehouse for every medical practice that is part of a medical group, and assign a different client id to the duplicated data. Is there an alternative that does not require data duplication? Thanks!

Hello Philippe, those are really good questions, thank you for sharing! I am not sure in what kind of database you are storing your data, so I cannot be more specific. 1. Yes, user can be provisioned to multiple workspaces simply by putting multiple entries to the source data for the users brick. The source data can be taken in form of csv on S3 or it can be a table in your source database. You would need to figure out a way to transfer your access list. It should be matter of a simple application that extracts the data from one system and puts it to other system. 2. Data duplication is certainly one way of doing this, as you mentioned. The data don’t have to be duplicated physically, you can use view or projection that will be defined as simple select from the original table. But if I understand it correctly, you are basically asking if you can load data with multiple client IDs into one workspace, correct?

Hey Boris! Thanks for your answer. 1. Great, that answers that one. Any specific doc for how to configure access list using REST API or something else? Additionally, do you have any webinar demonstrating continuous deployment strategies / a tutorial with example code for LCM in general? 2. Correct! Same data with two client IDs Data is read from BigQuery

alright, I’ll get back to you on this on Monday if that’s fine.