Multi-Tenant Platform Architecture (Cloudflare · Vercel)

Workflow (order matters)

0. Choose platform

• Cloudflare: Workers for Platforms + dispatch namespaces for per-tenant code isolation; best when tenants run untrusted code or you need edge-first compute with D1/KV/DO primitives.
• Vercel: Next.js App Router + Middleware for shared-app multi-tenancy; best when tenants share one codebase and you need ISR, React Server Components, and managed deployment.
• Pick one; do not mix hosting. The remaining steps apply to both with platform-specific guidance in reference files.
• After choosing, load only the references for that platform unless you are explicitly comparing Cloudflare vs Vercel.

1. Choose domain strategy

• Use a dedicated tenant domain (separate from the brand domain) for all subdomains/custom hostnames. Reputation does not isolate; a phishing site on random.acme.com damages the whole domain.
• Register a separate TLD for tenant workloads (e.g. acme.app for tenants, acme.com for brand).
• Consider PSL for browser cookie isolation; it does not protect reputation. See psl.md.
• Start PSL submission early; review can take weeks.