all.sourceAllSource
Multi-Tenant SaaS

One event store.
Thousands of tenants.
Zero leaks.

Event sourcing for SaaS platforms. Tenant isolation at the storage engine level. RBAC with 4 roles and 7 permissions. Policy engine for custom authorization. Per-tenant quotas and billing.

Start freeRead the docs

Multi-tenancy is not an afterthought

Tenant-Level Event Isolation

Every event belongs to exactly one tenant. Queries are scoped by tenant ID at the storage engine level — not filtered after the fact. Cross-tenant data access is architecturally impossible.

RBAC: Admin / Developer / ReadOnly / ServiceAccount

Four built-in roles with seven granular permissions covering event ingestion, querying, schema management, projection access, and tenant administration.

Policy Engine with Custom Rules

Go beyond role-based access with attribute-based policies. Restrict access by IP range, time window, event type pattern, or custom claims. Policies evaluate at request time with zero latency overhead.

Per-Tenant Quota Enforcement

Set ingestion rate limits, storage caps, and query budgets per tenant. Projections track usage in real-time. Tenants that hit their quota get HTTP 429 — other tenants are unaffected.

x402 Pay-Per-Call Monetization

Built-in HTTP 402 payment protocol support. Charge tenants per API call, per event ingested, or per query executed. Metering is a projection — no external billing system needed for simple models.

API Key Management per Tenant

Each tenant gets isolated API keys with configurable scopes and expiration. Rotate keys without downtime. Revoke compromised keys instantly across all services.

Tenant provisioning in two API calls

Create a tenant, generate an API key, start ingesting — all in seconds

tenant-setup.sh
# 1. Create a new tenant with quota limits
curl -s -X POST https://api.all-source.xyz/api/v1/tenants \
  -H "Authorization: Bearer $ADMIN_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Acme Corp",
    "plan": "growth",
    "quotas": {
      "events_per_second": 10000,
      "storage_gb": 50,
      "queries_per_day": 100000
    }
  }'

# {"tenant": {"id": "tnt_acme_29x", "name": "Acme Corp", ...}}

# 2. Generate a scoped API key for the tenant
curl -s -X POST https://api.all-source.xyz/api/v1/tenants/tnt_acme_29x/keys \
  -H "Authorization: Bearer $ADMIN_KEY" \
  -d '{
    "name": "acme-production",
    "role": "developer",
    "permissions": ["events:write", "events:read", "projections:read"],
    "expires_in": "90d"
  }'

# {"key": "ask_live_acme_...", "expires_at": "2026-07-15T00:00:00Z"}

# 3. Tenant ingests events — fully isolated from all other tenants
curl -s -X POST https://api.all-source.xyz/api/v1/events \
  -H "Authorization: Bearer ask_live_acme_..." \
  -d '{
    "event_type": "order.placed",
    "entity_id": "order-4821",
    "data": {"amount": 149.99, "currency": "USD"}
  }'

# {"id": "evt_...", "tenant_id": "tnt_acme_29x"}
# This event is invisible to every other tenant

Ship multi-tenant faster

Stop building tenant isolation, RBAC, quotas, and billing from scratch. AllSource handles the hard parts so you can focus on your product.

Start freeCompare to EventStoreDB
DocumentationAudit & ComplianceGitHub