Interior Design · $1M-$5M
A Multi-Tenant Client Vault for a Luxury Interior Design Collective
Multi-tenant client portal that gave each design studio a private workspace with full CRUD, real-time notifications, and clean RLS enforcement on a self-hosted Supabase stack.
Quote pending client approval.
| Before | After |
|---|---|
| Notion/Slack mix per studio, no client-isolation guarantee | One application, RLS enforced at the database for writes (migration 0011) |
| Per-seat SaaS cost scales linearly with every new studio joining | Self-hosted Supabase on sb-core.mooreiq.ai, ~$0 incremental per added studio |
| No daily-digest or unified mention pipeline | Instant mention/DM/file/room-invite notifications + daily digest |
| Onboarding new client = manual invite + permission setup | Onboarding via Supabase invite link, role-scoped from first login |
This case study has a longer body coming in the next update. The engineering writeup covers the migration history, the RLS policy design, the notification pipeline, and the self-hosting handoff. The numbers above are accurate as of 2026-05-27.
Frequently asked questions
- Why self-host Supabase instead of using Supabase Pro?
- At collective scale, Supabase Pro per-project pricing compounds fast across multiple studio tenants. The self-hosted stack runs on a single VPS for under $50/month total, with nightly pg_dump backups and a storage rsync. Same Postgres, same auth, same RLS guarantees -- just on infrastructure we control.
- How does RLS actually keep tenant data isolated?
- Every table that holds tenant data has an RLS policy keyed to the tenant the requesting user belongs to. Migration 0011 specifically enforces RLS on write paths, so even an authenticated request that tries to insert into another tenant's workspace fails at the database. The application code never has to remember to filter -- the database refuses the operation.
- What was the hardest part of the build?
- Onboarding flow. Each studio needs to invite its own clients without seeing other studios' clients, and clients need to land in the right workspace from a single invite URL regardless of which Supabase auth path they hit (invite, recovery, magic link). The fix was a configured SITE_URL plus a deterministic post-auth redirect that maps the Supabase user back to their tenant before any UI loads.
- Can this pattern be applied to my business?
- Yes, if your business model is "we serve other businesses, each of whom has their own clients we should never see." Recruiting firms, design studios, agencies, law firms. The pattern is the same. The customization happens at the schema and the UI layer.