I have a question: How does connecting agent to db directly work in case of multi tenant system? There is a high chance that agent can snoop into multiple tenants and mess up the responses
I have a question: How does connecting agent to db directly work in case of multi tenant system? There is a high chance that agent can snoop into multiple tenants and mess up the responses
I think this mostly depends on your business model.
In my client's business, the idea of having all their customer knowledge contained in one global scope is a fantasy, not a fear.
I suppose if you were granting access to users outside the business that this could become a concern, but I haven't encountered anyone who is interested in that yet.
Row level security sounds reasonable. Otherwise I don’t see how full DB access can be safe.
With postgres you can use schemas to keep tenants separate and use RLS on shared data.