I’m currently developing a web application for a particular niche. The point is that users can create an account, manage specific data and use that data on their website through API calls. So it’s actually some sort of WordPress CMS but without the front end functionality. It is also not open source.
So in short, user can manage their data and use it on another remote website through an API.
My question:
Should I create an empty database for each new account or should link each record with a unique ID for that account?
Which of the two is the most common way, which one is the most secure and which one requires the least maintenance?
Usually it’s a bad idea to start duplicating databases. As your system changes, you’ll have to apply patches to all of the different databases so that they work with the code changes. This can be tricky. A much simpler solution is to just keep everything in a single database. Any data that is user-specific should have an identifier (such as
UserID) so you know which user it belongs to.The only case I can think were creating a new instance of the database makes sense is where the instances of the database will run on physically separate machines, for different clients.