How would you design a database schema to support multi-tenancy?

Model answer

There are three canonical approaches. Database-per-tenant gives the strongest isolation and is simplest to back up or restore for one tenant, but operational overhead scales linearly with tenant count. Schema-per-tenant (PostgreSQL schemas or SQL Server schemas) provides logical isolation with less overhead, and you can apply row-level security per schema, but migrations must be fanned out to all schemas. Shared schema with a tenant_id column is the most resource-efficient and is my default for SaaS products with hundreds or thousands of tenants; the tradeoff is that every table must have tenant_id, every query must filter on it, and every index should include it as the leading column to prevent cross-tenant scans. I enforce this with Row Level Security in PostgreSQL (SET LOCAL app.tenant_id = $1; and a policy checking current_setting('app.tenant_id')) so application code cannot accidentally leak data. I also add a tenant_id foreign key constraint rather than relying on application logic alone.