The SaaS Architecture Guide: How to Handle Multitenancy in Rails Routing

Most Rails developers stop learning routing after resources :posts . But if you are building a SaaS platform, an API, or a multi-tenant application, resources isn't enough. You need to control who enters your application and where they land before a Controller is even instantiated. This is the power of Routing Constraints . It is the bouncer at the door of your application. Here is how to use it like a pro. Level 1: The Basics (Regex Constraints) You want /products/1 to be valid, but /products/iphone-15 to be invalid (or routed differently). By default, :id accepts anything. You can restrict this using Regex. # config/routes.rb # Only allow numeric IDs resources :products , constraints: { id: /\d+/ } # Allow "slugs" for this specific route get 'products/:slug' , to: 'products#show' , constraints: { slug: /[a-z0-9\-]+/ } Why do this? It prevents your database from getting hit with queries that are guaranteed to fail. If a user visits /products/SELECT * FROM , the router rejects it immed