Multi-Tenant Isolation in FileMaker

Expert

Design patterns for running multiple customer organizations in a single FileMaker deployment with complete data isolation.

What you'll learn

  • Multi-tenant data isolation using a TenantID field
  • Record-level security for tenant isolation
  • Preventing cross-tenant data leakage via finds and relationships
  • Admin access patterns that work across tenants

A multi-tenant FileMaker solution serves multiple organizations (tenants) from a single file. Each tenant must be completely isolated from others -- they should only see their own data, never another tenant's. This is different from multi-user security: it is about separating organizations, not just individuals.

1/4
1

TenantID field pattern

Every table in a multi-tenant solution needs a TenantID field that identifies which organization owns each record. The TenantID is set at record creation and should never be changeable by a tenant user. Store the TenantID in an auto-enter field that derives from the user's account: `Get(AccountName)` if accounts are per-tenant, or a lookup from a Tenants table.

FileMaker Script
// TenantID auto-enter calculation:
// Set once at creation, do not replace
Lookup ( Tenants::TenantID ; Get ( AccountName ) = Tenants::AccountName )
WebDirect-Specific Security ConsiderationsFileMaker Go Security on Mobile Devices

Sign in to track your progress and pick up where you left off.

Sign in to FM Dojo