Stratum is an open-source multi-tenancy library for Node.js and TypeScript. It gives your application hierarchical tenants, config inheritance, permission delegation, three database isolation strategies, and GDPR compliance — so you never have to build multi-tenancy from scratch again.
npm install @stratum-hq/lib pg
Every B2B SaaS team starts the same way: add a tenant_id column to every table.
It works — until your product grows.
tenant_id on every table, manual WHERE clauses. Simple. Works fine.
Enterprise customer needs custom configuration. You hand-roll config tables with no inheritance. Each customer is a special case.
Compliance audit. You scramble to add audit logging, data export, and purge capabilities. Retroactively.
Large customer demands data isolation. Painful migration from shared tables to schema-per-tenant. Three months of engineering work.
By month 18, your team has built a worse version of Stratum and spent 3+ months doing it. Stratum gives you all of this from day one.
Tenants form a tree. A root organization can have resellers, who have clients, who have teams. Config and permissions flow down the tree automatically.
AcmeSec ├── NorthStar MSP │ ├── client-alpha │ └── client-beta └── Apex Partners └── client-gamma
Set a value on the root tenant and every child inherits it automatically. Lock a key so children can't override it. Override it at any level when needed.
root: max_users = 1000 ├─ child-a: inherits 1000 └─ child-b: max_users = 500 root: region = "eu" (locked)
Choose per tenant. Mix strategies in a single deployment. Upgrade a tenant's isolation level without migrating data.
We've seen multi-tenancy pain firsthand — at security platforms (MSSP/MSP) where nested tenant hierarchies are the norm, and at B2B SaaS companies where enterprise customers demand isolation, custom config, and compliance.
Every team we worked with had the same story: they started with tenant_id,
then built config tables, then added audit logs, then scrambled for isolation —
each time reinventing what should be infrastructure.
The Node.js and TypeScript ecosystem has no dominant multi-tenancy library. The .NET world has ABP.IO. Ruby has Apartment. Node.js developers roll their own every time. Stratum changes that.
| Stratum | tenant_id column | WorkOS / Frontegg | Custom built | |
|---|---|---|---|---|
| Tenant hierarchy | Yes (20 levels) | No | No | Build it yourself |
| Config inheritance | Built-in | No | No | Build it yourself |
| Isolation strategies | 3 (RLS, schema, DB) | Manual RLS | No | Build it yourself |
| GDPR compliance | Export + purge | No | Partial | Build it yourself |
| Audit logging | Built-in | No | Auth events only | Build it yourself |
| Time to implement | 60 seconds | 1 day | 1 week | 3+ months |
| Open source | MIT | N/A | Proprietary | Yours |
import { Pool } from "pg"; import { Stratum } from "@stratum-hq/lib"; const stratum = new Stratum({ pool: new Pool(), autoMigrate: true }); await stratum.initialize(); // Create a tenant and set config const org = await stratum.createOrganization({ name: "Acme Corp", slug: "acme" }); await stratum.setConfig(org.id, "max_users", { value: 100 }); // That's it. Multi-tenancy with config inheritance, ready to go.