Azure AD : Single or Multitenant for SaaS-web application

Question

We are in the planning phase of creating a web application for employee time tracking systems. If the application is successful, we hope to sell it to other companies as a SaaS (software as a service) service, so that it does not need to be installed on enterprise servers.

I wonder if we should register our application on Azure, as Multitenant or Single tenant? Only employees of a company should be able to use the time reporting system, so I consider using single tenant. But how does it work if other companies want to buy the service and connect their employees? Do we need to create a new web application that is single tenant and unique to the new company? Or should we register the application as multitenant so that other companies can connect to our Azure AD?

I'm relatively new to Azure AD, and could use some advice from someone with more experience with Azure and cloud services.

Answer 1

I thinks you should register the application as public (multi-tenant). For how to chose between single tenant and multi tenant, you may refer to: Tenancy in Azure Active Directory

With multi-tenant application, it does not means that customers will connect to your Azure AD. In fact, they will still connect to their own Azure ADs, get authenticated, and finally send the authentication results to your web app. Once your web app gets the authentication result, it can identify each user and take some operations for the user.

The Azure portal is just a perfect multi-tenant SaaS application sample. All the Azure users from different tenants just use the same portal web app, they sign in with their own credentials, and they are just able to manage the resources belong to themselves.

To build such a multi-tenant app, some necessary business logic is needed. For example, you need to put data from different users to different places, create different table in your SQL for different users, and so on.