Hi everyone,
I’m currently working on a SaaS platform with a multi-tenant architecture, and I want to create a public app in the Klaviyo Marketplace. I need help understanding how to properly implement the OAuth flow for multiple tenants.
My main challenges are:
-
Tenant identification: Each tenant will have its own subdomain or dedicated space in my system, but I don’t have a centralized authentication system across all tenants. I’m not sure how to identify which tenant is authorizing the app at the moment of OAuth.
-
OAuth flow: I need guidance on how to implement a secure OAuth flow that supports multiple tenants, including PKCE, state management, and token storage per tenant.
-
Testing before Marketplace approval: I want to make sure the flow works for multiple tenants in a test environment before submitting the app for public listing.
My goal is to let each tenant connect their Klaviyo account individually without requiring a centralized login across tenants, while keeping the flow secure and scalable.
Has anyone built something similar? I would really appreciate advice, example flows, or best practices for handling multi-tenant OAuth in a SaaS app on Klaviyo.
Thanks in advance!
