Multi-Tenant SaaS Memory

Implement memory for a multi-tenant SaaS product with strict organization and namespace boundaries.

What You Will Build

Tenant-scoped memory writes
Tenant-scoped retrieval
Policy-based access control

Step 1: Write with Tenant Scope

client.memory.add(
    content="Acme tenant configured SSO for workspace alpha",
    external_user_id="admin_acme_001",
    organization_id="org_acme",
    namespace_id="ns_acme_prod",
    memory_policy={
        "mode": "auto",
        "acl": {
            "read": ["organization:org_acme"],
            "write": ["external_user:admin_acme_001"]
        },
        "consent": "terms",
        "risk": "none"
    }
)

Step 2: Retrieve in Tenant Context

results = client.memory.search(
    query="What SSO settings exist for this tenant?",
    external_user_id="admin_acme_001",
    organization_id="org_acme",
    namespace_id="ns_acme_prod",
    enable_agentic_graph=True
)

Step 3: Validate Isolation

Run the same search from a different organization scope.
Confirm no cross-tenant memories appear.

Production Checklist

Require organization_id for all tenant writes and reads.
Standardize namespace strategy (prod, staging, sandbox).
Keep ACL policy templates in source control.

Multi-Tenant SaaS Memory

What You Will Build

Step 1: Write with Tenant Scope

Step 2: Retrieve in Tenant Context

Step 3: Validate Isolation

Production Checklist

Next Steps

Was this helpful?