diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
new file mode 100644
index 0000000000..b89ca2f78c
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,14 @@
+---
+name: Feature Request
+about: Request a new budibase feature or enhancement
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+**Describe the feature request**
+A clear and concise description of what the feature request.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
diff --git a/README.md b/README.md
index c57b319ec5..9f9092b399 100644
--- a/README.md
+++ b/README.md
@@ -57,7 +57,7 @@
 
 - **Open source and extensible.** Budibase is open-source - licensed as GPL v3. This should fill you with confidence that Budibase will always be around. You can also code against Budibase or fork it and make changes as you please, providing a developer-friendly experience.
 
-- **Load data or start from scratch.** Budibase pulls in data from multiple sources, including MongoDB, CouchDB, PostgreSQL, mySQL, Airtable, S3, DyanmoDB, or a REST API. And unlike other platforms, with Budibase you can start from scratch and create business apps with no data sources. [Request new data sources](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+- **Load data or start from scratch.** Budibase pulls in data from multiple sources, including MongoDB, CouchDB, PostgreSQL, MySQL, Airtable, S3, DynamoDB, or a REST API. And unlike other platforms, with Budibase you can start from scratch and create business apps with no data sources. [Request new data sources](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
 
 - **Design and build apps with powerful pre-made components.** Budibase comes out of the box with beautifully designed, powerful components which you can use like building blocks to build your UI. We also expose a lot of your favourite CSS styling options so you can go that extra creative mile. [Request new component](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
 
diff --git a/hosting/envoy.dev.yaml.hbs b/hosting/envoy.dev.yaml.hbs
index 76417b3e0d..01d5a09efa 100644
--- a/hosting/envoy.dev.yaml.hbs
+++ b/hosting/envoy.dev.yaml.hbs
@@ -26,10 +26,18 @@ static_resources:
                   cluster: couchdb-service
                   prefix_rewrite: "/"
 
+              - match: { prefix: "/api/system/" }
+                route:
+                  cluster: worker-dev
+
               - match: { prefix: "/api/admin/" }
                 route:
                   cluster: worker-dev
 
+              - match: { prefix: "/api/global/" }
+                route:
+                  cluster: worker-dev
+
               - match: { prefix: "/api/" }
                 route:
                   cluster: server-dev
diff --git a/hosting/envoy.yaml b/hosting/envoy.yaml
index d7b34f4d5e..d5f9ebee28 100644
--- a/hosting/envoy.yaml
+++ b/hosting/envoy.yaml
@@ -37,11 +37,19 @@ static_resources:
                 route:
                   cluster: app-service
 
-              # special case for worker admin API
+              # special cases for worker admin (deprecated), global and system API
+              - match: { prefix: "/api/global/" }
+                route:
+                  cluster: worker-service
+
               - match: { prefix: "/api/admin/" }
                 route:
                   cluster: worker-service
 
+              - match: { prefix: "/api/system/" }
+                route:
+                  cluster: worker-service
+
               - match: { path: "/" }
                 route:
                   cluster: app-service
diff --git a/i18n/README.id.md b/i18n/README.id.md
index 7f0229f345..d4a25f569c 100644
--- a/i18n/README.id.md
+++ b/i18n/README.id.md
@@ -8,10 +8,10 @@
 </h1>
 
 <h3 align="center">
-  Membangun, mengotomatisasi dan hosting sendiri aplikasi internal dalam hitungan menit
+  Membangun, mengotomatisasi dan <i>hosting</i> sendiri aplikasi internal dalam hitungan menit
 </h3>
 <p align="center">
-  Budibase adalah sebuah platform low-code dengan sumber terbuka, bertujuan untuk membantu para developer dan professional IT, untuk membangun, mengotomatisasi, dan mengirimkan aplikasi internal di infrastruktur sendiri dalam waktu hitungan menit.
+  Budibase adalah sebuah platform <i>low-code</i> dengan sumber terbuka, bertujuan untuk membantu para <i>developer</i> dan professional IT, untuk membangun, mengotomatisasi, dan mengirimkan aplikasi internal di infrastruktur sendiri dalam waktu hitungan menit.
 </p>
 
 <h3 align="center">
@@ -39,7 +39,7 @@
 </p>
 
 <h3 align="center">
-  <a href="https://docs.budibase.com/getting-started">Mari mulai</a>
+  <a href="https://docs.budibase.com/getting-started">Memulai</a>
   <span> · </span>
   <a href="https://docs.budibase.com">Dokumentasi</a>
   <span> · </span>
@@ -53,17 +53,17 @@
 <br /><br />
 ## ✨ Fitur-fitur
 
-- **Membangun dan mengirimkan software nyata.** Tidak seperti platform lain, dengan Budibase Anda membuat dan mengirimkan aplikasi-aplikasi satu halaman. Aplikasi-aplikasi Budibase memiliki kinerja yang matang dan dapat dirancang secara responsif, memberikan pengalaman yang menyenangkan bagi pengguna.
+- **Membangun dan mengirimkan perangkat lunak sebenarnya .** Tidak seperti platform lain, dengan Budibase Anda membuat dan mengirimkan aplikasi-aplikasi satu halaman. Aplikasi-aplikasi Budibase memiliki kinerja yang matang dan dapat dirancang secara responsif, memberikan pengalaman yang menyenangkan bagi pengguna.
 
-- **Sumber terbuka dan dapat dikembangkan.** Budibase adalah platform dengan sumber terbuka - dilisensikan sebagai GPL v3. Ini akan membuat Anda yakin bahwa Budibase akan selalu ada. Anda juga dapat berkontribusi terhadap kode Budibase atau melakukan fork dan membuat perubahan sesuka Anda, memberikan pengalaman yang ramah developer.
+- **Sumber terbuka dan dapat dikembangkan.** Budibase adalah platform dengan sumber terbuka - dilisensikan sebagai GPL v3. Ini akan membuat Anda yakin bahwa Budibase akan selalu ada. Anda juga dapat berkontribusi terhadap kode Budibase atau melakukan <i>fork</i> dan membuat perubahan sesuka Anda, memberikan pengalaman yang ramah developer.
 
-- **Muat data atau mulai dari awal.** Budibase menarik data dari berbagai sumber, termasuk MongoDB, CouchDB, PostgreSQL, mySQL, Airtable, S3, DyanmoDB, atau REST API. Dan tidak seperti platform lain, dengan Budibase Anda dapat memulai dari awal dan membuat aplikasi bisnis tanpa sumber data sekalipun. [Permintaan untuk sumber data baru](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+- **Memuat data atau mulai dari awal.** Budibase menarik data dari berbagai sumber, termasuk MongoDB, CouchDB, PostgreSQL, mySQL, Airtable, S3, DyanmoDB, atau REST API. Dan tidak seperti platform lain, dengan Budibase Anda dapat memulai dari awal dan membuat aplikasi bisnis tanpa sumber data sekalipun. [Permintaan untuk sumber data baru](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
 
-- **Rancang dan bangun aplikasi dengan komponen siap pakai yang kuat.** Budibase tersedia dengan siap pakai dan dirancang dengan indah, komponen-komponen kuat yang dapat anda gunakan layaknya blok penyusun untuk merancang UI Anda. Kami juga menyediakan banyak sekali pilihan-pilihan CSS favorit yang dapat digunakan sesuai dengan kreatifitas yang Anda inginkan. [Permintaan komponen baru [Permintaan untuk komponen baru](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+- **Rancang dan bangun aplikasi dengan komponen siap pakai yang kuat.** Budibase tersedia dengan siap pakai dan dirancang dengan indah, komponen-komponen kuat yang dapat anda gunakan layaknya blok penyusun untuk merancang antar muka Anda. Kami juga menyediakan banyak sekali pilihan-pilihan CSS favorit yang dapat digunakan sesuai dengan kreatifitas yang Anda inginkan. [Permintaan komponen baru [Permintaan untuk komponen baru](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
 
-- **Otomatiskan proses, integrasikan dengan aplikasi lain, dan sambungkan ke webhook.** Menghemat waktu dengan mengotomatisasikan proses dan alur kerja yang masih dikerjakan secara manual. Dari menghubungkan ke webhooks, hingga mengotomatiasi email-email, cukup beritahu Budibase apa yang harus dilakukan dan biarkan dia berkerja untuk Anda. Anda bisa dengan mudah [membuat otomatisasi baru untuk Budibase disini ](https://github.com/Budibase/automations) atau [minta otomatisasi baru](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+- **Otomatiskan proses, integrasikan dengan aplikasi lain, dan sambungkan ke webhook.** Menghemat waktu dengan mengotomatisasikan proses dan alur kerja yang masih dikerjakan secara manual. Dari menghubungkan ke webhooks, hingga mengotomatiasi surel, cukup beritahu Budibase apa yang harus dilakukan dan biarkan dia berkerja untuk Anda. Anda bisa dengan mudah [membuat otomatisasi baru untuk Budibase disini ](https://github.com/Budibase/automations) atau [minta otomatisasi baru](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
 
-- **Surga bagi Admin.** Budibase dibuat untuk berkembang. Dengan Budibase, Anda dapat menghosting sendiri di infrastruktrur Anda punya dan secara global mengelola para pengguna, orientasi, SMTP, aplikasi-aplikasi, grup-grup, tema, dan masih masih banyak lagi. Anda juga dapat menyediakan para pengguna/grup dengan sebuah aplikasi portal dan menyebarkan pengelolaan pengguna kepada manaajer grup.
+- **Surga bagi Admin.** Budibase dibuat untuk berkembang. Dengan Budibase, Anda dapat meng<i>hosting</i> sendiri di infrastruktrur Anda punya dan secara global mengelola para pengguna, orientasi, SMTP, aplikasi-aplikasi, grup-grup, tema, dan masih masih banyak lagi. Anda juga dapat menyediakan para pengguna/grup dengan sebuah aplikasi portal dan menyebarkan pengelolaan pengguna kepada manaajer grup.
 
 <br />
 
@@ -77,7 +77,7 @@ Saat ini ada 2 cara untuk memulai Budibase, yaitu: Digital Ocean dan Docker.
 
 ### Memulai Dengan Digital Ocean
 Cara paling mudah dan cepat untuk memulai adalah dengan menggunakan Digital Ocean:
-<a href="https://marketplace.digitalocean.com/apps/budibase">1-klik Digital Ocean deploy</a>
+<a href="https://marketplace.digitalocean.com/apps/budibase">1-klik Digital Ocean <i>deploy</i></a>
 
 <a href="https://marketplace.digitalocean.com/apps/budibase">
   <img src="https://user-images.githubusercontent.com/552074/87779219-5c3b7600-c824-11ea-9898-981a8ba94f6c.png" alt="digital ocean badge">
@@ -85,17 +85,17 @@ Cara paling mudah dan cepat untuk memulai adalah dengan menggunakan Digital Ocea
 <br /><br />
 
 ### Memulai dengan Docker
-Untuk memulai, Anda harus memiliki docker dan docker compose  terinstal di mesin anda. 
-Setelah Anda docker terinstal, prosesnya akan memakan waktu 5 menit, dengan empat langkah ini:
+Untuk memulai, Anda harus memiliki docker dan docker compose ter<i>install</i> di mesin anda. 
+Setelah Anda docker ter<i>install</i>, prosesnya akan memakan waktu 5 menit, dengan empat langkah ini:
 
-1. Instal CLI Budibase.
+1. <i>Install</i> CLI Budibase.
 
 ```
 $ npm i -g @budibase/cli 
 ```
 
 
-2. Mempersiapkan Budibase (pilih tempat menyimpan Budibase dan port untuk menjalankannya)
+2. Mempersiapkan Budibase (pilih tempat menyimpan Budibase dan <i>port</i> untuk menjalankannya)
 
 ```
 budi hosting --init 
@@ -144,7 +144,7 @@ Jika Anda memiliki pertanyaan atau ingin berbicara dengan pengguna Budibase lain
 
 ## ❗ Kode etik
 
-Budibase berdedikasi untuk memberikan pengalaman yang ramah, beragam, dan bebas pelecehan bagi semua orang. Kami mengharapkan semua orang di komunitas Budibase untuk mematuhi [**Kode etik**](https://github.com/Budibase/budibase/blob/HEAD/.github/CODE_OF_CONDUCT.md). Mohon dibac.
+Budibase berdedikasi untuk memberikan pengalaman yang ramah, beragam, dan bebas pelecehan bagi semua orang. Kami mengharapkan semua orang di komunitas Budibase untuk mematuhi [**Kode etik**](https://github.com/Budibase/budibase/blob/HEAD/.github/CODE_OF_CONDUCT.md). Mohon dibaca.
 <br />
 
 ---
@@ -153,19 +153,19 @@ Budibase berdedikasi untuk memberikan pengalaman yang ramah, beragam, dan bebas
 
 ## 🙌 Berkontribusi untuk Budibase
 
-Dari membuka laporan bug hingga membuat pull request: setiap kontribusi dihargai dan disambut. Jika Anda berencana untuk menerapkan fitur baru atau mengubah API, harap buat issue terlebih dahulu. Dengan cara ini kami dapat memastikan pekerjaan Anda tidak sia-sia.
+Dari membuka laporan bug hingga membuat <i>pull request</i>: setiap kontribusi dihargai dan disambut. Jika Anda berencana untuk menerapkan fitur baru atau mengubah API, harap buat <i>issue</i> terlebih dahulu. Dengan cara ini kami dapat memastikan pekerjaan Anda tidak sia-sia.
 
 ### Tidak yakin memulai dari mana?
-Sebuat tempat yang baik untuk mulai berkontribusi, adalah  [Masalah pertama di proyek](https://github.com/Budibase/budibase/projects/22).
+Sebuat tempat yang baik untuk mulai berkontribusi, adalah [masalah pertama di proyek](https://github.com/Budibase/budibase/projects/22).
 
 ### Bagaimana repositori diatur
-Budibase adalah monorepo yang dikelola oleh lerna. Lerna mengelola pembangunan dan penerbitan paket budibase. Pada level tinggi, inilah paket-paket yang membentuk Budibase.
+Budibase adalah <i>monorepo</i> yang dikelola oleh lerna. Lerna mengelola pembangunan dan penerbitan paket Budibase. Pada level tinggi, inilah paket-paket yang membentuk Budibase.
 
-- [packages/builder](https://github.com/Budibase/budibase/tree/HEAD/packages/builder) - berisi kode untuk aplikasi svelte sisi klien pembangun budibase.
+- [packages/builder](https://github.com/Budibase/budibase/tree/HEAD/packages/builder) - berisi kode untuk aplikasi svelte sisi klien pembangun Budibase.
 
-- [packages/client](https://github.com/Budibase/budibase/tree/HEAD/packages/client) - Modul yang berjalan di browser yang bertanggung jawab untuk membaca definisi JSON dan membuat aplikasi web yang hidup dan bernafas darinya.
+- [packages/client](https://github.com/Budibase/budibase/tree/HEAD/packages/client) - Modul yang berjalan di <i>browser</i> yang bertanggung jawab untuk membaca definisi JSON dan membuat aplikasi web yang hidup dan bernafas darinya.
 
-- [packages/server](https://github.com/Budibase/budibase/tree/HEAD/packages/server) - Server Budibase. Aplikasi Koa ini bertanggung jawab untuk melayani JS untuk aplikasi builder dan budibase, serta menyediakan API untuk interaksi dengan database dan sistem file.
+- [packages/server](https://github.com/Budibase/budibase/tree/HEAD/packages/server) - <i>Server</i> Budibase. Aplikasi Koa ini bertanggung jawab untuk melayani JS untuk aplikasi builder dan budibase, serta menyediakan API untuk interaksi dengan database dan sistem file.
 
 Untuk informasi lebih lanjut, lihat [CONTRIBUTING.md](https://github.com/Budibase/budibase/blob/HEAD/.github/CONTRIBUTING.md)
 <br /><br />
@@ -188,7 +188,7 @@ Budibase adalah sumber terbuka, dilisensikan sebagai [GPL v3](https://www.gnu.or
 
 [![Stargazers over time](https://starchart.cc/Budibase/budibase.svg)](https://starchart.cc/Budibase/budibase)
 
-Jika Anda mengalami masalah di antara pembaruan, silakan gunakan panduan [disini](https://github.com/Budibase/budibase/blob/HEAD/.github/CONTRIBUTING.md#troubleshooting) untuk membersihkan environment Anda.
+Jika Anda mengalami masalah di antara pembaruan, silakan gunakan panduan [disini](https://github.com/Budibase/budibase/blob/HEAD/.github/CONTRIBUTING.md#troubleshooting) untuk membersihkan <i>environment</i> Anda.
 
 <br />
 
@@ -227,4 +227,4 @@ Terima kasih untuk orang-orang hebat ini ([emoji key](https://allcontributors.or
 
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
-This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!
+Proyek ini mengikuti spesifikasi [all-contributors](https://github.com/all-contributors/all-contributors). Kontribusi dalam bentuk apa pun dipersilakan!
diff --git a/lerna.json b/lerna.json
index b18463a8b9..7e72aa146a 100644
--- a/lerna.json
+++ b/lerna.json
@@ -1,5 +1,5 @@
 {
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "npmClient": "yarn",
   "packages": [
     "packages/*"
diff --git a/package.json b/package.json
index 4f545d935f..bb226ee568 100644
--- a/package.json
+++ b/package.json
@@ -43,6 +43,8 @@
     "test:e2e": "lerna run cy:test",
     "test:e2e:ci": "lerna run cy:ci",
     "build:docker": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh && cd -",
-    "build:docker:develop": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh develop && cd -"
+    "build:docker:develop": "node scripts/pinVersions && lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh develop && cd -",
+    "multi:enable": "lerna run multi:enable",
+    "multi:disable": "lerna run multi:disable"
   }
 }
diff --git a/packages/auth/db.js b/packages/auth/db.js
index 4b03ec36cc..a7b38821a7 100644
--- a/packages/auth/db.js
+++ b/packages/auth/db.js
@@ -1 +1,4 @@
-module.exports = require("./src/db/utils")
+module.exports = {
+  ...require("./src/db/utils"),
+  ...require("./src/db/constants"),
+}
diff --git a/packages/auth/package.json b/packages/auth/package.json
index 51ff579482..b88c12b389 100644
--- a/packages/auth/package.json
+++ b/packages/auth/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/auth",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "description": "Authentication middlewares for budibase builder and apps",
   "main": "src/index.js",
   "author": "Budibase",
@@ -13,6 +13,7 @@
     "@techpass/passport-openidconnect": "^0.3.0",
     "aws-sdk": "^2.901.0",
     "bcryptjs": "^2.4.3",
+    "cls-hooked": "^4.2.2",
     "ioredis": "^4.27.1",
     "jsonwebtoken": "^8.5.1",
     "koa-passport": "^4.1.4",
diff --git a/packages/auth/src/cache/user.js b/packages/auth/src/cache/user.js
index 46202cbfe9..4a19da489f 100644
--- a/packages/auth/src/cache/user.js
+++ b/packages/auth/src/cache/user.js
@@ -1,15 +1,21 @@
-const { getDB } = require("../db")
-const { StaticDatabases } = require("../db/utils")
 const redis = require("../redis/authRedis")
+const { getTenantId, lookupTenantId, getGlobalDB } = require("../tenancy")
 
 const EXPIRY_SECONDS = 3600
 
-exports.getUser = async userId => {
+exports.getUser = async (userId, tenantId = null) => {
+  if (!tenantId) {
+    try {
+      tenantId = getTenantId()
+    } catch (err) {
+      tenantId = await lookupTenantId(userId)
+    }
+  }
   const client = await redis.getUserClient()
   // try cache
   let user = await client.get(userId)
   if (!user) {
-    user = await getDB(StaticDatabases.GLOBAL.name).get(userId)
+    user = await getGlobalDB(tenantId).get(userId)
     client.store(userId, user, EXPIRY_SECONDS)
   }
   return user
diff --git a/packages/auth/src/constants.js b/packages/auth/src/constants.js
index c8cc34e937..4b4aef5a42 100644
--- a/packages/auth/src/constants.js
+++ b/packages/auth/src/constants.js
@@ -14,13 +14,14 @@ exports.Headers = {
   API_VER: "x-budibase-api-version",
   APP_ID: "x-budibase-app-id",
   TYPE: "x-budibase-type",
+  TENANT_ID: "x-budibase-tenant-id",
 }
 
 exports.GlobalRoles = {
   OWNER: "owner",
   ADMIN: "admin",
   BUILDER: "builder",
-  GROUP_MANAGER: "group_manager",
+  WORKSPACE_MANAGER: "workspace_manager",
 }
 
 exports.Configs = {
@@ -31,3 +32,5 @@ exports.Configs = {
   OIDC: "oidc",
   OIDC_LOGOS: "logos_oidc",
 }
+
+exports.DEFAULT_TENANT_ID = "default"
diff --git a/packages/auth/src/db/constants.js b/packages/auth/src/db/constants.js
new file mode 100644
index 0000000000..77643ce4c5
--- /dev/null
+++ b/packages/auth/src/db/constants.js
@@ -0,0 +1,17 @@
+exports.SEPARATOR = "_"
+
+exports.StaticDatabases = {
+  GLOBAL: {
+    name: "global-db",
+    docs: {
+      apiKeys: "apikeys",
+    },
+  },
+  // contains information about tenancy and so on
+  PLATFORM_INFO: {
+    name: "global-info",
+    docs: {
+      tenants: "tenants",
+    },
+  },
+}
diff --git a/packages/auth/src/db/utils.js b/packages/auth/src/db/utils.js
index 100dc005c8..7d3a69ccd7 100644
--- a/packages/auth/src/db/utils.js
+++ b/packages/auth/src/db/utils.js
@@ -1,36 +1,36 @@
 const { newid } = require("../hashing")
 const Replication = require("./Replication")
+const { DEFAULT_TENANT_ID } = require("../constants")
+const env = require("../environment")
+const { StaticDatabases, SEPARATOR } = require("./constants")
+const { getTenantId } = require("../tenancy")
 
 const UNICODE_MAX = "\ufff0"
-const SEPARATOR = "_"
 
 exports.ViewNames = {
   USER_BY_EMAIL: "by_email",
 }
 
-exports.StaticDatabases = {
-  GLOBAL: {
-    name: "global-db",
-  },
-  DEPLOYMENTS: {
-    name: "deployments",
-  },
-}
+exports.StaticDatabases = StaticDatabases
+
+const PRE_APP = "app"
+const PRE_DEV = "dev"
 
 const DocumentTypes = {
   USER: "us",
-  GROUP: "group",
+  WORKSPACE: "workspace",
   CONFIG: "config",
   TEMPLATE: "template",
-  APP: "app",
-  APP_DEV: "app_dev",
-  APP_METADATA: "app_metadata",
+  APP: PRE_APP,
+  DEV: PRE_DEV,
+  APP_DEV: `${PRE_APP}${SEPARATOR}${PRE_DEV}`,
+  APP_METADATA: `${PRE_APP}${SEPARATOR}metadata`,
   ROLE: "role",
 }
 
 exports.DocumentTypes = DocumentTypes
 exports.APP_PREFIX = DocumentTypes.APP + SEPARATOR
-exports.APP_DEV_PREFIX = DocumentTypes.APP_DEV + SEPARATOR
+exports.APP_DEV = exports.APP_DEV_PREFIX = DocumentTypes.APP_DEV + SEPARATOR
 exports.SEPARATOR = SEPARATOR
 
 function isDevApp(app) {
@@ -61,21 +61,21 @@ function getDocParams(docType, docId = null, otherProps = {}) {
 }
 
 /**
- * Generates a new group ID.
- * @returns {string} The new group ID which the group doc can be stored under.
+ * Generates a new workspace ID.
+ * @returns {string} The new workspace ID which the workspace doc can be stored under.
  */
-exports.generateGroupID = () => {
-  return `${DocumentTypes.GROUP}${SEPARATOR}${newid()}`
+exports.generateWorkspaceID = () => {
+  return `${DocumentTypes.WORKSPACE}${SEPARATOR}${newid()}`
 }
 
 /**
- * Gets parameters for retrieving groups.
+ * Gets parameters for retrieving workspaces.
  */
-exports.getGroupParams = (id = "", otherProps = {}) => {
+exports.getWorkspaceParams = (id = "", otherProps = {}) => {
   return {
     ...otherProps,
-    startkey: `${DocumentTypes.GROUP}${SEPARATOR}${id}`,
-    endkey: `${DocumentTypes.GROUP}${SEPARATOR}${id}${UNICODE_MAX}`,
+    startkey: `${DocumentTypes.WORKSPACE}${SEPARATOR}${id}`,
+    endkey: `${DocumentTypes.WORKSPACE}${SEPARATOR}${id}${UNICODE_MAX}`,
   }
 }
 
@@ -103,14 +103,14 @@ exports.getGlobalUserParams = (globalId, otherProps = {}) => {
 
 /**
  * Generates a template ID.
- * @param ownerId The owner/user of the template, this could be global or a group level.
+ * @param ownerId The owner/user of the template, this could be global or a workspace level.
  */
 exports.generateTemplateID = ownerId => {
   return `${DocumentTypes.TEMPLATE}${SEPARATOR}${ownerId}${SEPARATOR}${newid()}`
 }
 
 /**
- * Gets parameters for retrieving templates. Owner ID must be specified, either global or a group level.
+ * Gets parameters for retrieving templates. Owner ID must be specified, either global or a workspace level.
  */
 exports.getTemplateParams = (ownerId, templateId, otherProps = {}) => {
   if (!templateId) {
@@ -163,11 +163,26 @@ exports.getDeployedAppID = appId => {
  * different users/companies apps as there is no security around it - all apps are returned.
  * @return {Promise<object[]>} returns the app information document stored in each app database.
  */
-exports.getAllApps = async ({ CouchDB, dev, all } = {}) => {
+exports.getAllApps = async (CouchDB, { dev, all } = {}) => {
+  let tenantId = getTenantId()
+  if (!env.MULTI_TENANCY && !tenantId) {
+    tenantId = DEFAULT_TENANT_ID
+  }
   let allDbs = await CouchDB.allDbs()
-  const appDbNames = allDbs.filter(dbName =>
-    dbName.startsWith(exports.APP_PREFIX)
-  )
+  const appDbNames = allDbs.filter(dbName => {
+    const split = dbName.split(SEPARATOR)
+    // it is an app, check the tenantId
+    if (split[0] === DocumentTypes.APP) {
+      const noTenantId = split.length === 2 || split[1] === DocumentTypes.DEV
+      // tenantId is always right before the UUID
+      const possibleTenantId = split[split.length - 2]
+      return (
+        (tenantId === DEFAULT_TENANT_ID && noTenantId) ||
+        possibleTenantId === tenantId
+      )
+    }
+    return false
+  })
   const appPromises = appDbNames.map(db =>
     // skip setup otherwise databases could be re-created
     new CouchDB(db, { skip_setup: true }).get(DocumentTypes.APP_METADATA)
@@ -214,8 +229,8 @@ exports.dbExists = async (CouchDB, dbName) => {
  * Generates a new configuration ID.
  * @returns {string} The new configuration ID which the config doc can be stored under.
  */
-const generateConfigID = ({ type, group, user }) => {
-  const scope = [type, group, user].filter(Boolean).join(SEPARATOR)
+const generateConfigID = ({ type, workspace, user }) => {
+  const scope = [type, workspace, user].filter(Boolean).join(SEPARATOR)
 
   return `${DocumentTypes.CONFIG}${SEPARATOR}${scope}`
 }
@@ -223,8 +238,8 @@ const generateConfigID = ({ type, group, user }) => {
 /**
  * Gets parameters for retrieving configurations.
  */
-const getConfigParams = ({ type, group, user }, otherProps = {}) => {
-  const scope = [type, group, user].filter(Boolean).join(SEPARATOR)
+const getConfigParams = ({ type, workspace, user }, otherProps = {}) => {
+  const scope = [type, workspace, user].filter(Boolean).join(SEPARATOR)
 
   return {
     ...otherProps,
@@ -234,15 +249,15 @@ const getConfigParams = ({ type, group, user }, otherProps = {}) => {
 }
 
 /**
- * Returns the most granular configuration document from the DB based on the type, group and userID passed.
+ * Returns the most granular configuration document from the DB based on the type, workspace and userID passed.
  * @param {Object} db - db instance to query
- * @param {Object} scopes - the type, group and userID scopes of the configuration.
+ * @param {Object} scopes - the type, workspace and userID scopes of the configuration.
  * @returns The most granular configuration document based on the scope.
  */
-const getScopedFullConfig = async function (db, { type, user, group }) {
+const getScopedFullConfig = async function (db, { type, user, workspace }) {
   const response = await db.allDocs(
     getConfigParams(
-      { type, user, group },
+      { type, user, workspace },
       {
         include_docs: true,
       }
@@ -252,14 +267,14 @@ const getScopedFullConfig = async function (db, { type, user, group }) {
   function determineScore(row) {
     const config = row.doc
 
-    // Config is specific to a user and a group
-    if (config._id.includes(generateConfigID({ type, user, group }))) {
+    // Config is specific to a user and a workspace
+    if (config._id.includes(generateConfigID({ type, user, workspace }))) {
       return 4
     } else if (config._id.includes(generateConfigID({ type, user }))) {
       // Config is specific to a user only
       return 3
-    } else if (config._id.includes(generateConfigID({ type, group }))) {
-      // Config is specific to a group only
+    } else if (config._id.includes(generateConfigID({ type, workspace }))) {
+      // Config is specific to a workspace only
       return 2
     } else if (config._id.includes(generateConfigID({ type }))) {
       // Config is specific to a type only
diff --git a/packages/auth/src/db/views.js b/packages/auth/src/db/views.js
index 1f1f28b917..1b48786e24 100644
--- a/packages/auth/src/db/views.js
+++ b/packages/auth/src/db/views.js
@@ -1,5 +1,4 @@
-const { DocumentTypes, ViewNames, StaticDatabases } = require("./utils")
-const { getDB } = require("./index")
+const { DocumentTypes, ViewNames } = require("./utils")
 
 function DesignDoc() {
   return {
@@ -10,8 +9,7 @@ function DesignDoc() {
   }
 }
 
-exports.createUserEmailView = async () => {
-  const db = getDB(StaticDatabases.GLOBAL.name)
+exports.createUserEmailView = async db => {
   let designDoc
   try {
     designDoc = await db.get("_design/database")
diff --git a/packages/auth/src/environment.js b/packages/auth/src/environment.js
index 355843d02d..e12918f3ac 100644
--- a/packages/auth/src/environment.js
+++ b/packages/auth/src/environment.js
@@ -16,6 +16,7 @@ module.exports = {
   MINIO_SECRET_KEY: process.env.MINIO_SECRET_KEY,
   MINIO_URL: process.env.MINIO_URL,
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
+  MULTI_TENANCY: process.env.MULTI_TENANCY,
   isTest,
   _set(key, value) {
     process.env[key] = value
diff --git a/packages/auth/src/index.js b/packages/auth/src/index.js
index 98c558706a..5421dea214 100644
--- a/packages/auth/src/index.js
+++ b/packages/auth/src/index.js
@@ -2,6 +2,7 @@ const passport = require("koa-passport")
 const LocalStrategy = require("passport-local").Strategy
 const JwtStrategy = require("passport-jwt").Strategy
 const { StaticDatabases } = require("./db/utils")
+const { getGlobalDB } = require("./tenancy")
 const {
   jwt,
   local,
@@ -9,8 +10,9 @@ const {
   google,
   oidc,
   auditLog,
+  tenancy,
 } = require("./middleware")
-const { setDB, getDB } = require("./db")
+const { setDB } = require("./db")
 const userCache = require("./cache/user")
 
 // Strategies
@@ -20,7 +22,7 @@ passport.use(new JwtStrategy(jwt.options, jwt.authenticate))
 passport.serializeUser((user, done) => done(null, user))
 
 passport.deserializeUser(async (user, done) => {
-  const db = getDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
 
   try {
     const user = await db.get(user._id)
@@ -54,6 +56,7 @@ module.exports = {
     google,
     oidc,
     jwt: require("jsonwebtoken"),
+    buildTenancyMiddleware: tenancy,
     auditLog,
   },
   cache: {
diff --git a/packages/auth/src/middleware/authenticated.js b/packages/auth/src/middleware/authenticated.js
index 647ec659f5..e3705a9a24 100644
--- a/packages/auth/src/middleware/authenticated.js
+++ b/packages/auth/src/middleware/authenticated.js
@@ -2,46 +2,34 @@ const { Cookies, Headers } = require("../constants")
 const { getCookie, clearCookie } = require("../utils")
 const { getUser } = require("../cache/user")
 const { getSession, updateSessionTTL } = require("../security/sessions")
+const { buildMatcherRegex, matches } = require("./matchers")
 const env = require("../environment")
 
-const PARAM_REGEX = /\/:(.*?)\//g
-
-function buildNoAuthRegex(patterns) {
-  return patterns.map(pattern => {
-    const isObj = typeof pattern === "object" && pattern.route
-    const method = isObj ? pattern.method : "GET"
-    let route = isObj ? pattern.route : pattern
-
-    const matches = route.match(PARAM_REGEX)
-    if (matches) {
-      for (let match of matches) {
-        route = route.replace(match, "/.*/")
-      }
-    }
-    return { regex: new RegExp(route), method }
-  })
-}
-
-function finalise(ctx, { authenticated, user, internal, version } = {}) {
+function finalise(
+  ctx,
+  { authenticated, user, internal, version, publicEndpoint } = {}
+) {
+  ctx.publicEndpoint = publicEndpoint || false
   ctx.isAuthenticated = authenticated || false
   ctx.user = user
   ctx.internal = internal || false
   ctx.version = version
 }
 
-module.exports = (noAuthPatterns = [], opts) => {
-  const noAuthOptions = noAuthPatterns ? buildNoAuthRegex(noAuthPatterns) : []
+/**
+ * This middleware is tenancy aware, so that it does not depend on other middlewares being used.
+ * The tenancy modules should not be used here and it should be assumed that the tenancy context
+ * has not yet been populated.
+ */
+module.exports = (noAuthPatterns = [], opts = { publicAllowed: false }) => {
+  const noAuthOptions = noAuthPatterns ? buildMatcherRegex(noAuthPatterns) : []
   return async (ctx, next) => {
+    let publicEndpoint = false
     const version = ctx.request.headers[Headers.API_VER]
     // the path is not authenticated
-    const found = noAuthOptions.find(({ regex, method }) => {
-      return (
-        regex.test(ctx.request.url) &&
-        ctx.request.method.toLowerCase() === method.toLowerCase()
-      )
-    })
-    if (found != null) {
-      return next()
+    const found = matches(ctx, noAuthOptions)
+    if (found) {
+      publicEndpoint = true
     }
     try {
       // check the actual user is authenticated first
@@ -58,7 +46,7 @@ module.exports = (noAuthPatterns = [], opts) => {
           error = "No session found"
         } else {
           try {
-            user = await getUser(userId)
+            user = await getUser(userId, session.tenantId)
             delete user.password
             authenticated = true
           } catch (err) {
@@ -66,6 +54,7 @@ module.exports = (noAuthPatterns = [], opts) => {
           }
         }
         if (error) {
+          console.error("Auth Error", error)
           // remove the cookie as the user does not exist anymore
           clearCookie(ctx, Cookies.Auth)
         } else {
@@ -74,22 +63,26 @@ module.exports = (noAuthPatterns = [], opts) => {
         }
       }
       const apiKey = ctx.request.headers[Headers.API_KEY]
+      const tenantId = ctx.request.headers[Headers.TENANT_ID]
       // this is an internal request, no user made it
       if (!authenticated && apiKey && apiKey === env.INTERNAL_API_KEY) {
         authenticated = true
         internal = true
       }
+      if (!user && tenantId) {
+        user = { tenantId }
+      }
       // be explicit
       if (authenticated !== true) {
         authenticated = false
       }
       // isAuthenticated is a function, so use a variable to be able to check authed state
-      finalise(ctx, { authenticated, user, internal, version })
+      finalise(ctx, { authenticated, user, internal, version, publicEndpoint })
       return next()
     } catch (err) {
       // allow configuring for public access
-      if (opts && opts.publicAllowed) {
-        finalise(ctx, { authenticated: false, version })
+      if ((opts && opts.publicAllowed) || publicEndpoint) {
+        finalise(ctx, { authenticated: false, version, publicEndpoint })
       } else {
         ctx.throw(err.status || 403, err)
       }
diff --git a/packages/auth/src/middleware/index.js b/packages/auth/src/middleware/index.js
index 35c7d9c388..689859a139 100644
--- a/packages/auth/src/middleware/index.js
+++ b/packages/auth/src/middleware/index.js
@@ -4,6 +4,7 @@ const google = require("./passport/google")
 const oidc = require("./passport/oidc")
 const authenticated = require("./authenticated")
 const auditLog = require("./auditLog")
+const tenancy = require("./tenancy")
 
 module.exports = {
   google,
@@ -12,4 +13,5 @@ module.exports = {
   local,
   authenticated,
   auditLog,
+  tenancy,
 }
diff --git a/packages/auth/src/middleware/matchers.js b/packages/auth/src/middleware/matchers.js
new file mode 100644
index 0000000000..a555823136
--- /dev/null
+++ b/packages/auth/src/middleware/matchers.js
@@ -0,0 +1,33 @@
+const PARAM_REGEX = /\/:(.*?)(\/.*)?$/g
+
+exports.buildMatcherRegex = patterns => {
+  if (!patterns) {
+    return []
+  }
+  return patterns.map(pattern => {
+    const isObj = typeof pattern === "object" && pattern.route
+    const method = isObj ? pattern.method : "GET"
+    let route = isObj ? pattern.route : pattern
+
+    const matches = route.match(PARAM_REGEX)
+    if (matches) {
+      for (let match of matches) {
+        const pattern = "/.*" + (match.endsWith("/") ? "/" : "")
+        route = route.replace(match, pattern)
+      }
+    }
+    return { regex: new RegExp(route), method }
+  })
+}
+
+exports.matches = (ctx, options) => {
+  return options.find(({ regex, method }) => {
+    const urlMatch = regex.test(ctx.request.url)
+    const methodMatch =
+      method === "ALL"
+        ? true
+        : ctx.request.method.toLowerCase() === method.toLowerCase()
+
+    return urlMatch && methodMatch
+  })
+}
diff --git a/packages/auth/src/middleware/passport/google.js b/packages/auth/src/middleware/passport/google.js
index 68fe885512..07d6816c0b 100644
--- a/packages/auth/src/middleware/passport/google.js
+++ b/packages/auth/src/middleware/passport/google.js
@@ -27,13 +27,13 @@ async function authenticate(accessToken, refreshToken, profile, done) {
  * from couchDB rather than environment variables, using this factory is necessary for dynamically configuring passport.
  * @returns Dynamically configured Passport Google Strategy
  */
-exports.strategyFactory = async function (config) {
+exports.strategyFactory = async function (config, callbackUrl) {
   try {
-    const { clientID, clientSecret, callbackURL } = config
+    const { clientID, clientSecret } = config
 
-    if (!clientID || !clientSecret || !callbackURL) {
+    if (!clientID || !clientSecret) {
       throw new Error(
-        "Configuration invalid. Must contain google clientID, clientSecret and callbackURL"
+        "Configuration invalid. Must contain google clientID and clientSecret"
       )
     }
 
@@ -41,7 +41,7 @@ exports.strategyFactory = async function (config) {
       {
         clientID: config.clientID,
         clientSecret: config.clientSecret,
-        callbackURL: config.callbackURL,
+        callbackURL: callbackUrl,
       },
       authenticate
     )
diff --git a/packages/auth/src/middleware/passport/local.js b/packages/auth/src/middleware/passport/local.js
index 16b53bf894..0db40d64eb 100644
--- a/packages/auth/src/middleware/passport/local.js
+++ b/packages/auth/src/middleware/passport/local.js
@@ -6,19 +6,23 @@ const { getGlobalUserByEmail } = require("../../utils")
 const { authError } = require("./utils")
 const { newid } = require("../../hashing")
 const { createASession } = require("../../security/sessions")
+const { getTenantId } = require("../../tenancy")
 
 const INVALID_ERR = "Invalid Credentials"
 
-exports.options = {}
+exports.options = {
+  passReqToCallback: true,
+}
 
 /**
  * Passport Local Authentication Middleware.
- * @param {*} email - username to login with
- * @param {*} password - plain text password to log in with
- * @param {*} done - callback from passport to return user information and errors
+ * @param {*} ctx the request structure
+ * @param {*} email username to login with
+ * @param {*} password plain text password to log in with
+ * @param {*} done callback from passport to return user information and errors
  * @returns The authenticated user, or errors if they occur
  */
-exports.authenticate = async function (email, password, done) {
+exports.authenticate = async function (ctx, email, password, done) {
   if (!email) return authError(done, "Email Required")
   if (!password) return authError(done, "Password Required")
 
@@ -35,12 +39,14 @@ exports.authenticate = async function (email, password, done) {
   // authenticate
   if (await compare(password, dbUser.password)) {
     const sessionId = newid()
-    await createASession(dbUser._id, sessionId)
+    const tenantId = getTenantId()
+    await createASession(dbUser._id, { sessionId, tenantId })
 
     dbUser.token = jwt.sign(
       {
         userId: dbUser._id,
         sessionId,
+        tenantId,
       },
       env.JWT_SECRET
     )
diff --git a/packages/auth/src/middleware/passport/tests/google.spec.js b/packages/auth/src/middleware/passport/tests/google.spec.js
index 30e582a68f..9cc878bba9 100644
--- a/packages/auth/src/middleware/passport/tests/google.spec.js
+++ b/packages/auth/src/middleware/passport/tests/google.spec.js
@@ -2,8 +2,9 @@
 
 const { data } = require("./utilities/mock-data")
 
+const TENANT_ID = "default"
+
 const googleConfig = {
-  callbackURL: "http://somecallbackurl",
   clientID: data.clientID,
   clientSecret: data.clientSecret,
 }
@@ -26,13 +27,14 @@ describe("google", () => {
   
     it("should create successfully create a google strategy", async () => {
       const google = require("../google")
-         
-      await google.strategyFactory(googleConfig)
+
+      const callbackUrl = `/api/global/auth/${TENANT_ID}/google/callback`
+      await google.strategyFactory(googleConfig, callbackUrl)
   
       const expectedOptions = {
         clientID: googleConfig.clientID,
         clientSecret: googleConfig.clientSecret,
-        callbackURL: googleConfig.callbackURL,
+        callbackURL: callbackUrl,
       }
 
       expect(mockStrategy).toHaveBeenCalledWith(
diff --git a/packages/auth/src/middleware/passport/third-party-common.js b/packages/auth/src/middleware/passport/third-party-common.js
index 2ab2816391..7c03944232 100644
--- a/packages/auth/src/middleware/passport/third-party-common.js
+++ b/packages/auth/src/middleware/passport/third-party-common.js
@@ -1,11 +1,12 @@
 const env = require("../../environment")
 const jwt = require("jsonwebtoken")
-const database = require("../../db")
-const { StaticDatabases, generateGlobalUserID } = require("../../db/utils")
+const { generateGlobalUserID } = require("../../db/utils")
 const { authError } = require("./utils")
 const { newid } = require("../../hashing")
 const { createASession } = require("../../security/sessions")
 const { getGlobalUserByEmail } = require("../../utils")
+const { getGlobalDB, getTenantId } = require("../../tenancy")
+const fetch = require("node-fetch")
 
 /**
  * Common authentication logic for third parties. e.g. OAuth, OIDC.
@@ -15,19 +16,21 @@ exports.authenticateThirdParty = async function (
   requireLocalAccount = true,
   done
 ) {
-  if (!thirdPartyUser.provider)
+  if (!thirdPartyUser.provider) {
     return authError(done, "third party user provider required")
-  if (!thirdPartyUser.userId)
+  }
+  if (!thirdPartyUser.userId) {
     return authError(done, "third party user id required")
-  if (!thirdPartyUser.email)
+  }
+  if (!thirdPartyUser.email) {
     return authError(done, "third party user email required")
-
-  const db = database.getDB(StaticDatabases.GLOBAL.name)
-
-  let dbUser
+  }
 
   // use the third party id
   const userId = generateGlobalUserID(thirdPartyUser.userId)
+  const db = getGlobalDB()
+
+  let dbUser
 
   // try to load by id
   try {
@@ -65,7 +68,7 @@ exports.authenticateThirdParty = async function (
     }
   }
 
-  dbUser = syncUser(dbUser, thirdPartyUser)
+  dbUser = await syncUser(dbUser, thirdPartyUser)
 
   // create or sync the user
   const response = await db.post(dbUser)
@@ -73,7 +76,8 @@ exports.authenticateThirdParty = async function (
 
   // authenticate
   const sessionId = newid()
-  await createASession(dbUser._id, sessionId)
+  const tenantId = getTenantId()
+  await createASession(dbUser._id, { sessionId, tenantId })
 
   dbUser.token = jwt.sign(
     {
@@ -86,10 +90,26 @@ exports.authenticateThirdParty = async function (
   return done(null, dbUser)
 }
 
+async function syncProfilePicture(user, thirdPartyUser) {
+  const pictureUrl = thirdPartyUser.profile._json.picture
+  if (pictureUrl) {
+    const response = await fetch(pictureUrl)
+
+    if (response.status === 200) {
+      const type = response.headers.get("content-type")
+      if (type.startsWith("image/")) {
+        user.pictureUrl = pictureUrl
+      }
+    }
+  }
+
+  return user
+}
+
 /**
  * @returns a user that has been sync'd with third party information
  */
-function syncUser(user, thirdPartyUser) {
+async function syncUser(user, thirdPartyUser) {
   // provider
   user.provider = thirdPartyUser.provider
   user.providerType = thirdPartyUser.providerType
@@ -112,6 +132,8 @@ function syncUser(user, thirdPartyUser) {
       }
     }
 
+    user = await syncProfilePicture(user, thirdPartyUser)
+
     // profile
     user.thirdPartyProfile = {
       ...profile._json,
diff --git a/packages/auth/src/middleware/tenancy.js b/packages/auth/src/middleware/tenancy.js
new file mode 100644
index 0000000000..b80b9a6763
--- /dev/null
+++ b/packages/auth/src/middleware/tenancy.js
@@ -0,0 +1,14 @@
+const { setTenantId } = require("../tenancy")
+const ContextFactory = require("../tenancy/FunctionContext")
+const { buildMatcherRegex, matches } = require("./matchers")
+
+module.exports = (allowQueryStringPatterns, noTenancyPatterns) => {
+  const allowQsOptions = buildMatcherRegex(allowQueryStringPatterns)
+  const noTenancyOptions = buildMatcherRegex(noTenancyPatterns)
+
+  return ContextFactory.getMiddleware(ctx => {
+    const allowNoTenant = !!matches(ctx, noTenancyOptions)
+    const allowQs = !!matches(ctx, allowQsOptions)
+    setTenantId(ctx, { allowQs, allowNoTenant })
+  })
+}
diff --git a/packages/auth/src/security/sessions.js b/packages/auth/src/security/sessions.js
index 4051df7123..328f74c794 100644
--- a/packages/auth/src/security/sessions.js
+++ b/packages/auth/src/security/sessions.js
@@ -12,12 +12,13 @@ function makeSessionID(userId, sessionId) {
   return `${userId}/${sessionId}`
 }
 
-exports.createASession = async (userId, sessionId) => {
+exports.createASession = async (userId, session) => {
   const client = await redis.getSessionClient()
-  const session = {
+  const sessionId = session.sessionId
+  session = {
     createdAt: new Date().toISOString(),
     lastAccessedAt: new Date().toISOString(),
-    sessionId,
+    ...session,
     userId,
   }
   await client.store(makeSessionID(userId, sessionId), session, EXPIRY_SECONDS)
diff --git a/packages/auth/src/tenancy/FunctionContext.js b/packages/auth/src/tenancy/FunctionContext.js
new file mode 100644
index 0000000000..d97a3a30b4
--- /dev/null
+++ b/packages/auth/src/tenancy/FunctionContext.js
@@ -0,0 +1,73 @@
+const cls = require("cls-hooked")
+const { newid } = require("../hashing")
+
+const REQUEST_ID_KEY = "requestId"
+
+class FunctionContext {
+  static getMiddleware(updateCtxFn = null) {
+    const namespace = this.createNamespace()
+
+    return async function (ctx, next) {
+      await new Promise(
+        namespace.bind(function (resolve, reject) {
+          // store a contextual request ID that can be used anywhere (audit logs)
+          namespace.set(REQUEST_ID_KEY, newid())
+          namespace.bindEmitter(ctx.req)
+          namespace.bindEmitter(ctx.res)
+
+          if (updateCtxFn) {
+            updateCtxFn(ctx)
+          }
+          next().then(resolve).catch(reject)
+        })
+      )
+    }
+  }
+
+  static run(callback) {
+    const namespace = this.createNamespace()
+
+    return namespace.runAndReturn(callback)
+  }
+
+  static setOnContext(key, value) {
+    const namespace = this.createNamespace()
+    namespace.set(key, value)
+  }
+
+  static getContextStorage() {
+    if (this._namespace && this._namespace.active) {
+      let contextData = this._namespace.active
+      delete contextData.id
+      delete contextData._ns_name
+      return contextData
+    }
+
+    return {}
+  }
+
+  static getFromContext(key) {
+    const context = this.getContextStorage()
+    if (context) {
+      return context[key]
+    } else {
+      return null
+    }
+  }
+
+  static destroyNamespace() {
+    if (this._namespace) {
+      cls.destroyNamespace("session")
+      this._namespace = null
+    }
+  }
+
+  static createNamespace() {
+    if (!this._namespace) {
+      this._namespace = cls.createNamespace("session")
+    }
+    return this._namespace
+  }
+}
+
+module.exports = FunctionContext
diff --git a/packages/auth/src/tenancy/context.js b/packages/auth/src/tenancy/context.js
new file mode 100644
index 0000000000..f3f1f541e9
--- /dev/null
+++ b/packages/auth/src/tenancy/context.js
@@ -0,0 +1,81 @@
+const env = require("../environment")
+const { Headers } = require("../../constants")
+const cls = require("./FunctionContext")
+
+exports.DEFAULT_TENANT_ID = "default"
+
+exports.isDefaultTenant = () => {
+  return exports.getTenantId() === exports.DEFAULT_TENANT_ID
+}
+
+exports.isMultiTenant = () => {
+  return env.MULTI_TENANCY
+}
+
+const TENANT_ID = "tenantId"
+
+// used for automations, API endpoints should always be in context already
+exports.doInTenant = (tenantId, task) => {
+  return cls.run(() => {
+    // set the tenant id
+    cls.setOnContext(TENANT_ID, tenantId)
+
+    // invoke the task
+    const result = task()
+
+    return result
+  })
+}
+
+exports.updateTenantId = tenantId => {
+  cls.setOnContext(TENANT_ID, tenantId)
+}
+
+exports.setTenantId = (
+  ctx,
+  opts = { allowQs: false, allowNoTenant: false }
+) => {
+  let tenantId
+  // exit early if not multi-tenant
+  if (!exports.isMultiTenant()) {
+    cls.setOnContext(TENANT_ID, this.DEFAULT_TENANT_ID)
+    return
+  }
+
+  const allowQs = opts && opts.allowQs
+  const allowNoTenant = opts && opts.allowNoTenant
+  const header = ctx.request.headers[Headers.TENANT_ID]
+  const user = ctx.user || {}
+  if (allowQs) {
+    const query = ctx.request.query || {}
+    tenantId = query.tenantId
+  }
+  // override query string (if allowed) by user, or header
+  // URL params cannot be used in a middleware, as they are
+  // processed later in the chain
+  tenantId = user.tenantId || header || tenantId
+
+  if (!tenantId && !allowNoTenant) {
+    ctx.throw(403, "Tenant id not set")
+  }
+  // check tenant ID just incase no tenant was allowed
+  if (tenantId) {
+    cls.setOnContext(TENANT_ID, tenantId)
+  }
+}
+
+exports.isTenantIdSet = () => {
+  const tenantId = cls.getFromContext(TENANT_ID)
+  return !!tenantId
+}
+
+exports.getTenantId = () => {
+  if (!exports.isMultiTenant()) {
+    return exports.DEFAULT_TENANT_ID
+  }
+  const tenantId = cls.getFromContext(TENANT_ID)
+  if (!tenantId) {
+    throw Error("Tenant id not found")
+  }
+  return tenantId
+}
diff --git a/packages/auth/src/tenancy/index.js b/packages/auth/src/tenancy/index.js
new file mode 100644
index 0000000000..2fe257d885
--- /dev/null
+++ b/packages/auth/src/tenancy/index.js
@@ -0,0 +1,4 @@
+module.exports = {
+  ...require("./context"),
+  ...require("./tenancy"),
+}
diff --git a/packages/auth/src/tenancy/tenancy.js b/packages/auth/src/tenancy/tenancy.js
new file mode 100644
index 0000000000..6e18ea7154
--- /dev/null
+++ b/packages/auth/src/tenancy/tenancy.js
@@ -0,0 +1,105 @@
+const { getDB } = require("../db")
+const { SEPARATOR, StaticDatabases } = require("../db/constants")
+const { getTenantId, DEFAULT_TENANT_ID, isMultiTenant } = require("./context")
+const env = require("../environment")
+
+const TENANT_DOC = StaticDatabases.PLATFORM_INFO.docs.tenants
+const PLATFORM_INFO_DB = StaticDatabases.PLATFORM_INFO.name
+
+exports.addTenantToUrl = url => {
+  const tenantId = getTenantId()
+
+  if (isMultiTenant()) {
+    const char = url.indexOf("?") === -1 ? "?" : "&"
+    url += `${char}tenantId=${tenantId}`
+  }
+
+  return url
+}
+
+exports.doesTenantExist = async tenantId => {
+  const db = getDB(PLATFORM_INFO_DB)
+  let tenants
+  try {
+    tenants = await db.get(TENANT_DOC)
+  } catch (err) {
+    // if theres an error the doc doesn't exist, no tenants exist
+    return false
+  }
+  return (
+    tenants &&
+    Array.isArray(tenants.tenantIds) &&
+    tenants.tenantIds.indexOf(tenantId) !== -1
+  )
+}
+
+exports.tryAddTenant = async (tenantId, userId, email) => {
+  const db = getDB(PLATFORM_INFO_DB)
+  const getDoc = async id => {
+    if (!id) {
+      return null
+    }
+    try {
+      return await db.get(id)
+    } catch (err) {
+      return { _id: id }
+    }
+  }
+  let [tenants, userIdDoc, emailDoc] = await Promise.all([
+    getDoc(TENANT_DOC),
+    getDoc(userId),
+    getDoc(email),
+  ])
+  if (!Array.isArray(tenants.tenantIds)) {
+    tenants = {
+      _id: TENANT_DOC,
+      tenantIds: [],
+    }
+  }
+  let promises = []
+  if (userIdDoc) {
+    userIdDoc.tenantId = tenantId
+    promises.push(db.put(userIdDoc))
+  }
+  if (emailDoc) {
+    emailDoc.tenantId = tenantId
+    promises.push(db.put(emailDoc))
+  }
+  if (tenants.tenantIds.indexOf(tenantId) === -1) {
+    tenants.tenantIds.push(tenantId)
+    promises.push(db.put(tenants))
+  }
+  await Promise.all(promises)
+}
+
+exports.getGlobalDB = (tenantId = null) => {
+  // tenant ID can be set externally, for example user API where
+  // new tenants are being created, this may be the case
+  if (!tenantId) {
+    tenantId = getTenantId()
+  }
+
+  let dbName
+
+  if (tenantId === DEFAULT_TENANT_ID) {
+    dbName = StaticDatabases.GLOBAL.name
+  } else {
+    dbName = `${tenantId}${SEPARATOR}${StaticDatabases.GLOBAL.name}`
+  }
+
+  return getDB(dbName)
+}
+
+exports.lookupTenantId = async userId => {
+  const db = getDB(StaticDatabases.PLATFORM_INFO.name)
+  let tenantId = env.MULTI_TENANCY ? DEFAULT_TENANT_ID : null
+  try {
+    const doc = await db.get(userId)
+    if (doc && doc.tenantId) {
+      tenantId = doc.tenantId
+    }
+  } catch (err) {
+    // just return the default
+  }
+  return tenantId
+}
diff --git a/packages/auth/src/utils.js b/packages/auth/src/utils.js
index 6bc1e0e3a6..5936948fd7 100644
--- a/packages/auth/src/utils.js
+++ b/packages/auth/src/utils.js
@@ -1,14 +1,9 @@
-const {
-  DocumentTypes,
-  SEPARATOR,
-  ViewNames,
-  StaticDatabases,
-} = require("./db/utils")
+const { DocumentTypes, SEPARATOR, ViewNames } = require("./db/utils")
 const jwt = require("jsonwebtoken")
 const { options } = require("./middleware/passport/jwt")
 const { createUserEmailView } = require("./db/views")
-const { getDB } = require("./db")
 const { Headers } = require("./constants")
+const { getGlobalDB } = require("./tenancy")
 
 const APP_PREFIX = DocumentTypes.APP + SEPARATOR
 
@@ -111,7 +106,7 @@ exports.getGlobalUserByEmail = async email => {
   if (email == null) {
     throw "Must supply an email address to view"
   }
-  const db = getDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
   try {
     let users = (
       await db.query(`database/${ViewNames.USER_BY_EMAIL}`, {
@@ -123,7 +118,7 @@ exports.getGlobalUserByEmail = async email => {
     return users.length <= 1 ? users[0] : users
   } catch (err) {
     if (err != null && err.name === "not_found") {
-      await createUserEmailView()
+      await createUserEmailView(db)
       return exports.getGlobalUserByEmail(email)
     } else {
       throw err
diff --git a/packages/auth/tenancy.js b/packages/auth/tenancy.js
new file mode 100644
index 0000000000..9ca808b74e
--- /dev/null
+++ b/packages/auth/tenancy.js
@@ -0,0 +1 @@
+module.exports = require("./src/tenancy")
diff --git a/packages/auth/yarn.lock b/packages/auth/yarn.lock
index 8957ecb0fc..b6be8ad1e8 100644
--- a/packages/auth/yarn.lock
+++ b/packages/auth/yarn.lock
@@ -798,6 +798,13 @@ ast-types@0.9.6:
   resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.6.tgz#102c9e9e9005d3e7e3829bf0c4fa24ee862ee9b9"
   integrity sha1-ECyenpAF0+fjgpvwxPok7oYu6bk=
 
+async-hook-jl@^1.7.6:
+  version "1.7.6"
+  resolved "https://registry.yarnpkg.com/async-hook-jl/-/async-hook-jl-1.7.6.tgz#4fd25c2f864dbaf279c610d73bf97b1b28595e68"
+  integrity sha512-gFaHkFfSxTjvoxDMYqDuGHlcRyUuamF8s+ZTtJdDzqjws4mCt7v0vuV79/E2Wr2/riMQgtG4/yUtXWs1gZ7JMg==
+  dependencies:
+    stack-chain "^1.3.7"
+
 async@~2.1.4:
   version "2.1.5"
   resolved "https://registry.yarnpkg.com/async/-/async-2.1.5.tgz#e587c68580994ac67fc56ff86d3ac56bdbe810bc"
@@ -1144,6 +1151,15 @@ clone-buffer@1.0.0:
   resolved "https://registry.yarnpkg.com/clone-buffer/-/clone-buffer-1.0.0.tgz#e3e25b207ac4e701af721e2cb5a16792cac3dc58"
   integrity sha1-4+JbIHrE5wGvch4staFnksrD3Fg=
 
+cls-hooked@^4.2.2:
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/cls-hooked/-/cls-hooked-4.2.2.tgz#ad2e9a4092680cdaffeb2d3551da0e225eae1908"
+  integrity sha512-J4Xj5f5wq/4jAvcdgoGsL3G103BtWpZrMo8NEinRltN+xpTZdI+M38pyQqhuFU/P792xkMFvnKSf+Lm81U1bxw==
+  dependencies:
+    async-hook-jl "^1.7.6"
+    emitter-listener "^1.0.1"
+    semver "^5.4.1"
+
 cluster-key-slot@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/cluster-key-slot/-/cluster-key-slot-1.1.0.tgz#30474b2a981fb12172695833052bc0d01336d10d"
@@ -1444,6 +1460,13 @@ electron-to-chromium@^1.3.723:
   resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.775.tgz#046517d1f2cea753e06fff549995b9dc45e20082"
   integrity sha512-EGuiJW4yBPOTj2NtWGZcX93ZE8IGj33HJAx4d3ouE2zOfW2trbWU+t1e0yzLr1qQIw81++txbM3BH52QwSRE6Q==
 
+emitter-listener@^1.0.1:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/emitter-listener/-/emitter-listener-1.1.2.tgz#56b140e8f6992375b3d7cb2cab1cc7432d9632e8"
+  integrity sha512-Bt1sBAGFHY9DKY+4/2cV6izcKJUf5T7/gkdmkxzX/qv9CcGH8xSwVRW5mtX03SWJtRTWSOpzCuWN9rBFYZepZQ==
+  dependencies:
+    shimmer "^1.2.0"
+
 emittery@^0.7.1:
   version "0.7.2"
   resolved "https://registry.yarnpkg.com/emittery/-/emittery-0.7.2.tgz#25595908e13af0f5674ab419396e2fb394cdfa82"
@@ -4035,7 +4058,7 @@ saxes@^5.0.1:
   dependencies:
     xmlchars "^2.2.0"
 
-"semver@2 || 3 || 4 || 5", semver@^5.5.0, semver@^5.6.0:
+"semver@2 || 3 || 4 || 5", semver@^5.4.1, semver@^5.5.0, semver@^5.6.0:
   version "5.7.1"
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
   integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
@@ -4096,6 +4119,11 @@ shellwords@^0.1.1:
   resolved "https://registry.yarnpkg.com/shellwords/-/shellwords-0.1.1.tgz#d6b9181c1a48d397324c84871efbcfc73fc0654b"
   integrity sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==
 
+shimmer@^1.2.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/shimmer/-/shimmer-1.2.1.tgz#610859f7de327b587efebf501fb43117f9aff337"
+  integrity sha512-sQTKC1Re/rM6XyFM6fIAGHRPVGvyXfgzIDvzoq608vM+jeyVD0Tu1E6Np0Kc2zAIFWIj963V2800iF/9LPieQw==
+
 signal-exit@^3.0.0, signal-exit@^3.0.2:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.3.tgz#a1410c2edd8f077b08b4e253c8eacfcaf057461c"
@@ -4250,6 +4278,11 @@ sshpk@^1.7.0:
     safer-buffer "^2.0.2"
     tweetnacl "~0.14.0"
 
+stack-chain@^1.3.7:
+  version "1.3.7"
+  resolved "https://registry.yarnpkg.com/stack-chain/-/stack-chain-1.3.7.tgz#d192c9ff4ea6a22c94c4dd459171e3f00cea1285"
+  integrity sha1-0ZLJ/06moiyUxN1FkXHj8AzqEoU=
+
 stack-utils@^2.0.2:
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/stack-utils/-/stack-utils-2.0.3.tgz#cd5f030126ff116b78ccb3c027fe302713b61277"
diff --git a/packages/bbui/package.json b/packages/bbui/package.json
index 9a6bf8e64b..40448b0c43 100644
--- a/packages/bbui/package.json
+++ b/packages/bbui/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@budibase/bbui",
   "description": "A UI solution used in the different Budibase projects.",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "license": "AGPL-3.0",
   "svelte": "src/index.js",
   "module": "dist/bbui.es.js",
diff --git a/packages/bbui/src/Form/Checkbox.svelte b/packages/bbui/src/Form/Checkbox.svelte
index 90a2cddda5..6aa88f6dee 100644
--- a/packages/bbui/src/Form/Checkbox.svelte
+++ b/packages/bbui/src/Form/Checkbox.svelte
@@ -9,6 +9,7 @@
   export let text = null
   export let disabled = false
   export let error = null
+  export let size = "M"
 
   const dispatch = createEventDispatcher()
   const onChange = e => {
@@ -18,5 +19,5 @@
 </script>
 
 <Field {label} {labelPosition} {error}>
-  <Checkbox {error} {disabled} {text} {value} on:change={onChange} />
+  <Checkbox {error} {disabled} {text} {value} {size} on:change={onChange} />
 </Field>
diff --git a/packages/bbui/src/Form/Core/Checkbox.svelte b/packages/bbui/src/Form/Core/Checkbox.svelte
index e9a6b56fd9..74745aa9a6 100644
--- a/packages/bbui/src/Form/Core/Checkbox.svelte
+++ b/packages/bbui/src/Form/Core/Checkbox.svelte
@@ -8,6 +8,7 @@
   export let id = null
   export let text = null
   export let disabled = false
+  export let size = null
 
   const dispatch = createEventDispatcher()
   const onChange = event => {
@@ -16,7 +17,7 @@
 </script>
 
 <label
-  class="spectrum-Checkbox spectrum-Checkbox--sizeM spectrum-Checkbox--emphasized"
+  class="spectrum-Checkbox spectrum-Checkbox--size{size} spectrum-Checkbox--emphasized"
   class:is-invalid={!!error}
 >
   <input
diff --git a/packages/bbui/src/Form/Core/Switch.svelte b/packages/bbui/src/Form/Core/Switch.svelte
index 0d40e67007..667b2ab871 100644
--- a/packages/bbui/src/Form/Core/Switch.svelte
+++ b/packages/bbui/src/Form/Core/Switch.svelte
@@ -6,6 +6,7 @@
   export let id = null
   export let text = null
   export let disabled = false
+  export let dataCy = null
 
   const dispatch = createEventDispatcher()
   const onChange = event => {
@@ -15,6 +16,7 @@
 
 <div class="spectrum-Switch spectrum-Switch--emphasized">
   <input
+    data-cy={dataCy}
     checked={value}
     {disabled}
     on:change={onChange}
diff --git a/packages/bbui/src/Form/Toggle.svelte b/packages/bbui/src/Form/Toggle.svelte
index 8cc6506651..37de2836ba 100644
--- a/packages/bbui/src/Form/Toggle.svelte
+++ b/packages/bbui/src/Form/Toggle.svelte
@@ -9,6 +9,7 @@
   export let text = null
   export let disabled = false
   export let error = null
+  export let dataCy = null
 
   const dispatch = createEventDispatcher()
   const onChange = e => {
@@ -18,5 +19,5 @@
 </script>
 
 <Field {label} {labelPosition} {error}>
-  <Switch {error} {disabled} {text} {value} on:change={onChange} />
+  <Switch {dataCy} {error} {disabled} {text} {value} on:change={onChange} />
 </Field>
diff --git a/packages/bbui/src/Modal/Modal.svelte b/packages/bbui/src/Modal/Modal.svelte
index c93467bc75..f805dec0ad 100644
--- a/packages/bbui/src/Modal/Modal.svelte
+++ b/packages/bbui/src/Modal/Modal.svelte
@@ -70,6 +70,7 @@
     >
       <div class="modal-wrapper" on:mousedown|self={cancel}>
         <div class="modal-inner-wrapper" on:mousedown|self={cancel}>
+          <slot name="outside" />
           <div
             use:focusFirstInput
             class="spectrum-Modal is-open"
@@ -93,6 +94,7 @@
     z-index: 999;
     overflow: auto;
     overflow-x: hidden;
+    background: rgba(0, 0, 0, 0.75);
   }
 
   .modal-wrapper {
@@ -112,6 +114,7 @@
     justify-content: center;
     align-items: flex-start;
     width: 0;
+    position: relative;
   }
 
   .spectrum-Modal {
@@ -122,6 +125,7 @@
     --spectrum-dialog-confirm-border-radius: var(
       --spectrum-global-dimension-size-100
     );
+    max-width: 100%;
   }
   :global(.spectrum--lightest .spectrum-Modal.inline) {
     border: var(--border-light);
diff --git a/packages/bbui/src/Modal/ModalContent.svelte b/packages/bbui/src/Modal/ModalContent.svelte
index e6d4ab5f0f..bba72e6093 100644
--- a/packages/bbui/src/Modal/ModalContent.svelte
+++ b/packages/bbui/src/Modal/ModalContent.svelte
@@ -15,6 +15,7 @@
   export let showCloseIcon = true
   export let onConfirm = undefined
   export let disabled = false
+  export let showDivider = true
 
   const { hide, cancel } = getContext(Context.Modal)
   let loading = false
@@ -41,11 +42,17 @@
   aria-modal="true"
 >
   <div class="spectrum-Dialog-grid">
-    <h1 class="spectrum-Dialog-heading spectrum-Dialog-heading--noHeader">
-      {title}
-    </h1>
-
-    <Divider size="M" />
+    {#if title}
+      <h1
+        class="spectrum-Dialog-heading spectrum-Dialog-heading--noHeader"
+        class:noDivider={!showDivider}
+      >
+        {title}
+      </h1>
+      {#if showDivider}
+        <Divider size="M" />
+      {/if}
+    {/if}
     <!-- TODO: Remove content-grid class once Layout components are in bbui -->
     <section class="spectrum-Dialog-content content-grid">
       <slot />
@@ -72,8 +79,8 @@
       </div>
     {/if}
     {#if showCloseIcon}
-      <div class="close-icon" on:click={hide}>
-        <Icon hoverable name="Close" />
+      <div class="close-icon">
+        <Icon hoverable name="Close" on:click={cancel} />
       </div>
     {/if}
   </div>
@@ -96,6 +103,9 @@
   .spectrum-Dialog-heading {
     font-family: var(--font-sans);
   }
+  .spectrum-Dialog-heading.noDivider {
+    margin-bottom: 12px;
+  }
 
   .spectrum-Dialog-buttonGroup {
     gap: var(--spectrum-global-dimension-static-size-200);
diff --git a/packages/bbui/src/Notification/Notification.svelte b/packages/bbui/src/Notification/Notification.svelte
new file mode 100644
index 0000000000..cebc859bda
--- /dev/null
+++ b/packages/bbui/src/Notification/Notification.svelte
@@ -0,0 +1,20 @@
+<script>
+  export let type = "info"
+  export let icon = "Info"
+  export let message = ""
+</script>
+
+<div class="spectrum-Toast spectrum-Toast--{type}">
+  {#if icon}
+    <svg
+      class="spectrum-Icon spectrum-Icon--sizeM spectrum-Toast-typeIcon"
+      focusable="false"
+      aria-hidden="true"
+    >
+      <use xlink:href="#spectrum-icon-18-{icon}" />
+    </svg>
+  {/if}
+  <div class="spectrum-Toast-body">
+    <div class="spectrum-Toast-content">{message || ""}</div>
+  </div>
+</div>
diff --git a/packages/bbui/src/Notification/NotificationDisplay.svelte b/packages/bbui/src/Notification/NotificationDisplay.svelte
index 89e7666cc7..9d96bf7e70 100644
--- a/packages/bbui/src/Notification/NotificationDisplay.svelte
+++ b/packages/bbui/src/Notification/NotificationDisplay.svelte
@@ -2,30 +2,16 @@
   import "@spectrum-css/toast/dist/index-vars.css"
   import Portal from "svelte-portal"
   import { flip } from "svelte/animate"
-  import { fly } from "svelte/transition"
   import { notifications } from "../Stores/notifications"
+  import Notification from "./Notification.svelte"
+  import { fly } from "svelte/transition"
 </script>
 
 <Portal target=".modal-container">
   <div class="notifications">
     {#each $notifications as { type, icon, message, id } (id)}
-      <div
-        animate:flip
-        transition:fly={{ y: -30 }}
-        class="spectrum-Toast spectrum-Toast--{type} notification-offset"
-      >
-        {#if icon}
-          <svg
-            class="spectrum-Icon spectrum-Icon--sizeM spectrum-Toast-typeIcon"
-            focusable="false"
-            aria-hidden="true"
-          >
-            <use xlink:href="#spectrum-icon-18-{icon}" />
-          </svg>
-        {/if}
-        <div class="spectrum-Toast-body">
-          <div class="spectrum-Toast-content">{message}</div>
-        </div>
+      <div animate:flip transition:fly={{ y: -30 }}>
+        <Notification {type} {icon} {message} />
       </div>
     {/each}
   </div>
@@ -34,7 +20,7 @@
 <style>
   .notifications {
     position: fixed;
-    top: 10px;
+    top: 20px;
     left: 0;
     right: 0;
     margin: 0 auto;
@@ -45,8 +31,6 @@
     justify-content: flex-start;
     align-items: center;
     pointer-events: none;
-  }
-  .notification-offset {
-    margin-bottom: 10px;
+    gap: 10px;
   }
 </style>
diff --git a/packages/bbui/src/index.js b/packages/bbui/src/index.js
index 4d045e504b..3a491bfb54 100644
--- a/packages/bbui/src/index.js
+++ b/packages/bbui/src/index.js
@@ -38,6 +38,7 @@ export { default as MenuItem } from "./Menu/Item.svelte"
 export { default as Modal } from "./Modal/Modal.svelte"
 export { default as ModalContent } from "./Modal/ModalContent.svelte"
 export { default as NotificationDisplay } from "./Notification/NotificationDisplay.svelte"
+export { default as Notification } from "./Notification/Notification.svelte"
 export { default as SideNavigation } from "./SideNavigation/Navigation.svelte"
 export { default as SideNavigationItem } from "./SideNavigation/Item.svelte"
 export { default as DatePicker } from "./Form/DatePicker.svelte"
diff --git a/packages/builder/cypress/integration/createAutomation.spec.js b/packages/builder/cypress/integration/createAutomation.spec.js
index 75611eff06..e82eeff670 100644
--- a/packages/builder/cypress/integration/createAutomation.spec.js
+++ b/packages/builder/cypress/integration/createAutomation.spec.js
@@ -29,10 +29,10 @@ context("Create a automation", () => {
     cy.get(".setup").within(() => {
       cy.get(".spectrum-Picker-label").click()
       cy.contains("dog").click()
-      cy.get("input")
+      cy.get(".spectrum-Textfield-input")
         .first()
         .type("goodboy")
-      cy.get("input")
+      cy.get(".spectrum-Textfield-input")
         .eq(1)
         .type("11")
     })
@@ -41,7 +41,7 @@ context("Create a automation", () => {
     cy.contains("Save Automation").click()
 
     // Activate Automation
-    cy.get("[aria-label=PlayCircle]").click()
+    cy.get("[data-cy=activate-automation]").click()
   })
 
   it("should add row when a new row is added", () => {
diff --git a/packages/builder/package.json b/packages/builder/package.json
index 27d9e07476..1af7d81015 100644
--- a/packages/builder/package.json
+++ b/packages/builder/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/builder",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "license": "AGPL-3.0",
   "private": true,
   "scripts": {
@@ -65,10 +65,10 @@
     }
   },
   "dependencies": {
-    "@budibase/bbui": "^0.9.82",
-    "@budibase/client": "^0.9.82",
-    "@budibase/colorpicker": "1.1.2",
-    "@budibase/string-templates": "^0.9.82",
+    "@budibase/bbui": "^0.9.99-alpha.6",
+    "@budibase/client": "^0.9.99-alpha.6",
+    "@budibase/colorpicker": "^1.1.2",
+    "@budibase/string-templates": "^0.9.99-alpha.6",
     "@sentry/browser": "5.19.1",
     "@spectrum-css/page": "^3.0.1",
     "@spectrum-css/vars": "^3.0.1",
diff --git a/packages/builder/src/builderStore/store/frontend.js b/packages/builder/src/builderStore/store/frontend.js
index f84e1c8735..3339ea07d6 100644
--- a/packages/builder/src/builderStore/store/frontend.js
+++ b/packages/builder/src/builderStore/store/frontend.js
@@ -70,7 +70,7 @@ export const getFrontendStore = () => {
         url: application.url,
         layouts,
         screens,
-        theme: application.theme,
+        theme: application.theme || "spectrum--light",
         hasAppPackage: true,
         appInstance: application.instance,
         clientLibPath,
diff --git a/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte b/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte
index ff3874a919..3ba59f36a6 100644
--- a/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte
+++ b/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte
@@ -1,7 +1,7 @@
 <script>
   import { automationStore } from "builderStore"
   import { database } from "stores/backend"
-  import { notifications, Icon, Button, Modal, Heading } from "@budibase/bbui"
+  import { notifications, Button, Modal, Heading, Toggle } from "@budibase/bbui"
   import AutomationBlockSetup from "./AutomationBlockSetup.svelte"
   import CreateWebookModal from "../Shared/CreateWebhookModal.svelte"
 
@@ -12,7 +12,7 @@
   $: automationLive = automation?.live
 
   function setAutomationLive(live) {
-    if (automation.live === live) {
+    if (automationLive === live) {
       return
     }
     automation.live = live
@@ -48,20 +48,11 @@
 
 <div class="title">
   <Heading size="S">Setup</Heading>
-  <Icon
-    l
-    disabled={!automationLive}
-    hoverable={automationLive}
-    name="PauseCircle"
-    on:click={() => setAutomationLive(false)}
-  />
-  <Icon
-    l
-    name="PlayCircle"
-    disabled={automationLive}
-    hoverable={!automationLive}
-    data-cy="activate-automation"
-    on:click={() => setAutomationLive(true)}
+  <Toggle
+    value={automationLive}
+    on:change={() => setAutomationLive(!automationLive)}
+    dataCy="activate-automation"
+    text="Live"
   />
 </div>
 {#if $automationStore.selectedBlock}
@@ -69,7 +60,7 @@
     bind:block={$automationStore.selectedBlock}
     {webhookModal}
   />
-{:else if $automationStore.selectedAutomation}
+{:else if automation}
   <div class="block-label">{automation.name}</div>
   <Button secondary on:click={testAutomation}>Test Automation</Button>
 {/if}
diff --git a/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte b/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte
index 7f02b3c215..35722481db 100644
--- a/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte
+++ b/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte
@@ -172,6 +172,11 @@
         alt: `Many ${table.name} rows → many ${linkTable.name} rows`,
         value: RelationshipTypes.MANY_TO_MANY,
       },
+      {
+        name: `One ${linkName} row → many ${thisName} rows`,
+        alt: `One ${linkTable.name} rows → many ${table.name} rows`,
+        value: RelationshipTypes.ONE_TO_MANY,
+      },
       {
         name: `One ${thisName} row → many ${linkName} rows`,
         alt: `One ${table.name} rows → many ${linkTable.name} rows`,
diff --git a/packages/builder/src/components/common/bindings/DrawerBindableCombobox.svelte b/packages/builder/src/components/common/bindings/DrawerBindableCombobox.svelte
index 38f8693f51..a48a91a44f 100644
--- a/packages/builder/src/components/common/bindings/DrawerBindableCombobox.svelte
+++ b/packages/builder/src/components/common/bindings/DrawerBindableCombobox.svelte
@@ -18,8 +18,8 @@
 
   const dispatch = createEventDispatcher()
   let bindingDrawer
-  $: tempValue = Array.isArray(value) ? value : []
   $: readableValue = runtimeToReadableBinding(bindings, value)
+  $: tempValue = readableValue
 
   const handleClose = () => {
     onChange(tempValue)
@@ -56,7 +56,7 @@
     slot="body"
     value={readableValue}
     close={handleClose}
-    on:update={event => (tempValue = event.detail)}
+    on:change={event => (tempValue = event.detail)}
     bindableProperties={bindings}
   />
 </Drawer>
diff --git a/packages/builder/src/components/design/AppPreview/AppThemeSelect.svelte b/packages/builder/src/components/design/AppPreview/AppThemeSelect.svelte
index c9d937593b..21dae25708 100644
--- a/packages/builder/src/components/design/AppPreview/AppThemeSelect.svelte
+++ b/packages/builder/src/components/design/AppPreview/AppThemeSelect.svelte
@@ -24,7 +24,7 @@
 
 <div>
   <Select
-    value={$store.theme || "spectrum--light"}
+    value={$store.theme}
     options={themeOptions}
     placeholder={null}
     on:change={e => store.actions.theme.save(e.detail)}
diff --git a/packages/builder/src/components/design/AppPreview/componentStructure.json b/packages/builder/src/components/design/AppPreview/componentStructure.json
index 81962cd849..c83686158f 100644
--- a/packages/builder/src/components/design/AppPreview/componentStructure.json
+++ b/packages/builder/src/components/design/AppPreview/componentStructure.json
@@ -49,6 +49,7 @@
     "children": [
       "heading",
       "text",
+      "divider",
       "image",
       "backgroundimage",
       "link",
diff --git a/packages/builder/src/components/design/AppPreview/iframeTemplate.js b/packages/builder/src/components/design/AppPreview/iframeTemplate.js
index 9ae26bdaaf..1e3ff7c856 100644
--- a/packages/builder/src/components/design/AppPreview/iframeTemplate.js
+++ b/packages/builder/src/components/design/AppPreview/iframeTemplate.js
@@ -47,6 +47,18 @@ export default `
           return
         }
 
+        // Parse received message
+        // If parsing fails, just ignore and wait for the next message
+        let parsed
+        try {
+          parsed = JSON.parse(event.data)
+        } catch (error) {
+          // Ignore
+        }
+        if (!parsed) {
+          return
+        }
+        
         // Extract data from message
         const {
           selectedComponentId,
@@ -55,7 +67,7 @@ export default `
           previewType,
           appId,
           theme
-        } = JSON.parse(event.data)
+        } = parsed
 
         // Set some flags so the app knows we're in the builder
         window["##BUDIBASE_IN_BUILDER##"] = true
diff --git a/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte b/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte
index 0900bae1a7..972a2bb7fe 100644
--- a/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte
@@ -11,6 +11,7 @@
   export let componentDefinition
   export let componentInstance
   export let assetInstance
+  export let bindings
 
   const layoutDefinition = []
   const screenDefinition = [
@@ -65,6 +66,7 @@
             options: setting.options,
             placeholder: setting.placeholder,
           }}
+          {bindings}
         />
       {/if}
     {/each}
diff --git a/packages/builder/src/components/design/PropertiesPanel/ConditionalUISection.svelte b/packages/builder/src/components/design/PropertiesPanel/ConditionalUISection.svelte
index b1f65f3593..2802f38c2b 100644
--- a/packages/builder/src/components/design/PropertiesPanel/ConditionalUISection.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/ConditionalUISection.svelte
@@ -4,6 +4,7 @@
   import ConditionalUIDrawer from "./PropertyControls/ConditionalUIDrawer.svelte"
 
   export let componentInstance
+  export let bindings
 
   let tempValue
   let drawer
@@ -32,5 +33,5 @@
     Show, hide and update components in response to conditions being met.
   </svelte:fragment>
   <Button cta slot="buttons" on:click={() => save()}>Save</Button>
-  <ConditionalUIDrawer slot="body" bind:conditions={tempValue} />
+  <ConditionalUIDrawer slot="body" bind:conditions={tempValue} {bindings} />
 </Drawer>
diff --git a/packages/builder/src/components/design/PropertiesPanel/DesignSection.svelte b/packages/builder/src/components/design/PropertiesPanel/DesignSection.svelte
index 639ac90586..fa1a357f38 100644
--- a/packages/builder/src/components/design/PropertiesPanel/DesignSection.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/DesignSection.svelte
@@ -4,6 +4,7 @@
 
   export let componentDefinition
   export let componentInstance
+  export let bindings
 
   const getStyles = def => {
     if (!def?.styles?.length) {
@@ -29,6 +30,7 @@
       columns={style.columns}
       properties={style.settings}
       {componentInstance}
+      {bindings}
     />
   {/each}
 {/if}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertiesPanel.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertiesPanel.svelte
index e85c30a171..27f6650cde 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertiesPanel.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertiesPanel.svelte
@@ -1,27 +1,45 @@
 <script>
-  import { store, selectedComponent } from "builderStore"
+  import { store, selectedComponent, currentAsset } from "builderStore"
   import { Tabs, Tab } from "@budibase/bbui"
   import ScreenSettingsSection from "./ScreenSettingsSection.svelte"
   import ComponentSettingsSection from "./ComponentSettingsSection.svelte"
   import DesignSection from "./DesignSection.svelte"
   import CustomStylesSection from "./CustomStylesSection.svelte"
   import ConditionalUISection from "./ConditionalUISection.svelte"
+  import { getBindableProperties } from "builderStore/dataBinding"
 
   $: componentInstance = $selectedComponent
   $: componentDefinition = store.actions.components.getDefinition(
     $selectedComponent?._component
   )
+  $: bindings = getBindableProperties($currentAsset, $store.selectedComponentId)
 </script>
 
 <Tabs selected="Settings" noPadding>
   <Tab title="Settings">
     <div class="container">
       {#key componentInstance?._id}
-        <ScreenSettingsSection {componentInstance} {componentDefinition} />
-        <ComponentSettingsSection {componentInstance} {componentDefinition} />
-        <DesignSection {componentInstance} {componentDefinition} />
-        <CustomStylesSection {componentInstance} {componentDefinition} />
-        <ConditionalUISection {componentInstance} {componentDefinition} />
+        <ScreenSettingsSection
+          {componentInstance}
+          {componentDefinition}
+          {bindings}
+        />
+        <ComponentSettingsSection
+          {componentInstance}
+          {componentDefinition}
+          {bindings}
+        />
+        <DesignSection {componentInstance} {componentDefinition} {bindings} />
+        <CustomStylesSection
+          {componentInstance}
+          {componentDefinition}
+          {bindings}
+        />
+        <ConditionalUISection
+          {componentInstance}
+          {componentDefinition}
+          {bindings}
+        />
       {/key}
     </div>
   </Tab>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte
index ebe60c7110..006039edda 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte
@@ -13,12 +13,12 @@
   import { generate } from "shortid"
   import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
   import { OperatorOptions, getValidOperatorsForType } from "helpers/lucene"
-  import { getBindableProperties } from "builderStore/dataBinding"
-  import { currentAsset, selectedComponent, store } from "builderStore"
+  import { selectedComponent, store } from "builderStore"
   import { getComponentForSettingType } from "./componentSettings"
   import PropertyControl from "./PropertyControl.svelte"
 
   export let conditions = []
+  export let bindings = []
 
   const flipDurationMs = 150
   const actionOptions = [
@@ -64,10 +64,6 @@
       value: setting.key,
     }
   })
-  $: bindableProperties = getBindableProperties(
-    $currentAsset,
-    $store.selectedComponentId
-  )
   $: conditions.forEach(link => {
     if (!link.id) {
       link.id = generate()
@@ -101,6 +97,12 @@
     conditions = conditions.filter(link => link.id !== id)
   }
 
+  const duplicateCondition = id => {
+    const condition = conditions.find(link => link.id === id)
+    const duplicate = { ...condition, id: generate() }
+    conditions = [...conditions, duplicate]
+  }
+
   const handleFinalize = e => {
     updateConditions(e)
     dragDisabled = true
@@ -188,6 +190,7 @@
                       placeholder: getSettingDefinition(condition.setting)
                         .placeholder,
                     }}
+                    {bindings}
                   />
                 {:else}
                   <Select disabled placeholder=" " />
@@ -195,7 +198,7 @@
               {/if}
               <div>IF</div>
               <DrawerBindableInput
-                bindings={bindableProperties}
+                {bindings}
                 placeholder="Value"
                 value={condition.newValue}
                 on:change={e => (condition.newValue = e.detail)}
@@ -216,7 +219,7 @@
               {#if ["string", "number"].includes(condition.valueType)}
                 <DrawerBindableInput
                   disabled={condition.noValue}
-                  bindings={bindableProperties}
+                  {bindings}
                   placeholder="Value"
                   value={condition.referenceValue}
                   on:change={e => (condition.referenceValue = e.detail)}
@@ -235,6 +238,12 @@
                   bind:value={condition.referenceValue}
                 />
               {/if}
+              <Icon
+                name="Duplicate"
+                hoverable
+                size="S"
+                on:click={() => duplicateCondition(condition.id)}
+              />
               <Icon
                 name="Close"
                 hoverable
@@ -273,7 +282,7 @@
     gap: var(--spacing-l);
     display: grid;
     align-items: center;
-    grid-template-columns: auto 1fr auto 1fr 1fr 1fr 1fr auto;
+    grid-template-columns: auto 1fr auto 1fr 1fr 1fr 1fr auto auto;
     border-radius: var(--border-radius-s);
     transition: background-color ease-in-out 130ms;
   }
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/DataSourceSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/DataSourceSelect.svelte
index c8ce846192..d86f13e100 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/DataSourceSelect.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/DataSourceSelect.svelte
@@ -1,8 +1,5 @@
 <script>
-  import {
-    getBindableProperties,
-    getDataProviderComponents,
-  } from "builderStore/dataBinding"
+  import { getDataProviderComponents } from "builderStore/dataBinding"
   import {
     Button,
     Popover,
@@ -31,6 +28,7 @@
   export let value = {}
   export let otherSources
   export let showAllQueries
+  export let bindings = []
 
   $: text = value?.label ?? "Choose an option"
   $: tables = $tablesStore.list.map(m => ({
@@ -60,10 +58,6 @@
       parameters: query.parameters,
       type: "query",
     }))
-  $: bindableProperties = getBindableProperties(
-    $currentAsset,
-    $store.selectedComponentId
-  )
   $: dataProviders = getDataProviderComponents(
     $currentAsset,
     $store.selectedComponentId
@@ -75,13 +69,13 @@
     type: "provider",
     schema: provider.schema,
   }))
-  $: queryBindableProperties = bindableProperties.map(property => ({
+  $: queryBindableProperties = bindings.map(property => ({
     ...property,
     category: property.type === "instance" ? "Component" : "Table",
     label: property.readableBinding,
     path: property.readableBinding,
   }))
-  $: links = bindableProperties
+  $: links = bindings
     .filter(x => x.fieldSchema?.type === "link")
     .map(property => {
       return {
@@ -138,7 +132,7 @@
               bind:customParams={value.queryParams}
               parameters={queries.find(query => query._id === value._id)
                 .parameters}
-              bindings={queryBindableProperties}
+              {bindings}
             />
           {/if}
           <IntegrationQueryEditor
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte
index 444aab5fe9..2e2a318610 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte
@@ -13,10 +13,10 @@
   import { generate } from "shortid"
 
   const flipDurationMs = 150
-
   const EVENT_TYPE_KEY = "##eventHandlerType"
 
   export let actions
+  export let bindings = []
 
   // dndzone needs an id on the array items, so this adds some temporary ones.
   $: {
@@ -121,6 +121,7 @@
         <svelte:component
           this={selectedActionComponent}
           parameters={selectedAction.parameters}
+          {bindings}
         />
       </div>
     {/if}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventPropertyControl.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventPropertyControl.svelte
index 0fea9a0505..9e39fd48e9 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventPropertyControl.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventPropertyControl.svelte
@@ -9,6 +9,7 @@
 
   export let value = []
   export let name
+  export let bindings
 
   let drawer
 
@@ -57,5 +58,5 @@
     Define what actions to run.
   </svelte:fragment>
   <Button cta slot="buttons" on:click={saveEventData}>Save</Button>
-  <EventEditor slot="body" bind:actions={value} eventType={name} />
+  <EventEditor slot="body" bind:actions={value} eventType={name} {bindings} />
 </Drawer>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ClearForm.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ClearForm.svelte
new file mode 100644
index 0000000000..74eae6283c
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ClearForm.svelte
@@ -0,0 +1,35 @@
+<script>
+  import { Select, Label } from "@budibase/bbui"
+  import { currentAsset, store } from "builderStore"
+  import { getActionProviderComponents } from "builderStore/dataBinding"
+
+  export let parameters
+
+  $: actionProviders = getActionProviderComponents(
+    $currentAsset,
+    $store.selectedComponentId,
+    "ClearForm"
+  )
+</script>
+
+<div class="root">
+  <Label small>Form</Label>
+  <Select
+    bind:value={parameters.componentId}
+    options={actionProviders}
+    getOptionLabel={x => x._instanceName}
+    getOptionValue={x => x._id}
+  />
+</div>
+
+<style>
+  .root {
+    display: grid;
+    column-gap: var(--spacing-l);
+    row-gap: var(--spacing-s);
+    grid-template-columns: 60px 1fr;
+    align-items: center;
+    max-width: 800px;
+    margin: 0 auto;
+  }
+</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/CloseScreenModal.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/CloseScreenModal.svelte
new file mode 100644
index 0000000000..0afb8dd46e
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/CloseScreenModal.svelte
@@ -0,0 +1,17 @@
+<script>
+  import { Body } from "@budibase/bbui"
+</script>
+
+<div class="root">
+  <Body size="S">This action doesn't require any additional settings.</Body>
+  <Body size="S">
+    This action won't do anything if there isn't a screen modal open.
+  </Body>
+</div>
+
+<style>
+  .root {
+    max-width: 800px;
+    margin: 0 auto;
+  }
+</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/DeleteRow.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/DeleteRow.svelte
index aa657beea5..35a1a6ec86 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/DeleteRow.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/DeleteRow.svelte
@@ -1,14 +1,12 @@
 <script>
   import { Select, Label, Checkbox, Input } from "@budibase/bbui"
-  import { store, currentAsset } from "builderStore"
   import { tables } from "stores/backend"
-  import { getBindableProperties } from "builderStore/dataBinding"
   import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
 
   export let parameters
+  export let bindings = []
 
   $: tableOptions = $tables.list || []
-  $: bindings = getBindableProperties($currentAsset, $store.selectedComponentId)
 </script>
 
 <div class="root">
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ExecuteQuery.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ExecuteQuery.svelte
index d4e70dac05..5dc56a7d74 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ExecuteQuery.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ExecuteQuery.svelte
@@ -1,21 +1,16 @@
 <script>
   import { Select, Layout, Input, Checkbox } from "@budibase/bbui"
-  import { store, currentAsset } from "builderStore"
   import { datasources, integrations, queries } from "stores/backend"
-  import { getBindableProperties } from "builderStore/dataBinding"
   import ParameterBuilder from "components/integration/QueryParameterBuilder.svelte"
   import IntegrationQueryEditor from "components/integration/index.svelte"
 
   export let parameters
+  export let bindings = []
 
   $: query = $queries.list.find(q => q._id === parameters.queryId)
   $: datasource = $datasources.list.find(
     ds => ds._id === parameters.datasourceId
   )
-  $: bindableProperties = getBindableProperties(
-    $currentAsset,
-    $store.selectedComponentId
-  )
 
   function fetchQueryDefinition(query) {
     const source = $datasources.list.find(
@@ -61,7 +56,7 @@
           <ParameterBuilder
             bind:customParams={parameters.queryParams}
             parameters={query.parameters}
-            bindings={bindableProperties}
+            {bindings}
           />
           <IntegrationQueryEditor
             height={200}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte
index e713ccce4a..5a0e163655 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte
@@ -1,12 +1,9 @@
 <script>
-  import { Label } from "@budibase/bbui"
-  import { getBindableProperties } from "builderStore/dataBinding"
-  import { currentAsset, store } from "builderStore"
+  import { Label, Checkbox } from "@budibase/bbui"
   import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
 
   export let parameters
-
-  $: bindings = getBindableProperties($currentAsset, $store.selectedComponentId)
+  export let bindings = []
 </script>
 
 <div class="root">
@@ -18,19 +15,17 @@
     on:change={value => (parameters.url = value.detail)}
     {bindings}
   />
+  <div />
+  <Checkbox text="Open screen in modal" bind:value={parameters.peek} />
 </div>
 
 <style>
   .root {
-    display: flex;
-    flex-direction: row;
-    align-items: baseline;
+    display: grid;
+    align-items: center;
+    gap: var(--spacing-m);
+    grid-template-columns: auto 1fr;
     max-width: 800px;
     margin: 0 auto;
   }
-
-  .root :global(> div) {
-    flex: 1;
-    margin-left: var(--spacing-l);
-  }
 </style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveFields.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveFields.svelte
index bf88ed2caf..52bd84c453 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveFields.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveFields.svelte
@@ -1,7 +1,5 @@
 <script>
   import { Label, ActionButton, Button, Select, Input } from "@budibase/bbui"
-  import { store, currentAsset } from "builderStore"
-  import { getBindableProperties } from "builderStore/dataBinding"
   import { createEventDispatcher } from "svelte"
   import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
 
@@ -11,13 +9,10 @@
   export let schemaFields
   export let fieldLabel = "Column"
   export let valueLabel = "Value"
+  export let bindings = []
 
   let fields = Object.entries(parameterFields || {})
   $: onChange(fields)
-  $: bindableProperties = getBindableProperties(
-    $currentAsset,
-    $store.selectedComponentId
-  )
 
   const addField = () => {
     fields = [...fields.filter(field => field[0]), ["", ""]]
@@ -69,7 +64,7 @@
     <DrawerBindableInput
       title={`Value for "${field[0]}"`}
       value={field[1]}
-      bindings={bindableProperties}
+      {bindings}
       on:change={event => updateFieldValue(idx, event.detail)}
     />
     <ActionButton
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveRow.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveRow.svelte
index a2c3b6d49e..791380643f 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveRow.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveRow.svelte
@@ -9,6 +9,7 @@
   import SaveFields from "./SaveFields.svelte"
 
   export let parameters
+  export let bindings = []
 
   $: dataProviderComponents = getDataProviderComponents(
     $currentAsset,
@@ -70,6 +71,7 @@
         parameterFields={parameters.fields}
         {schemaFields}
         on:change={onFieldsChanged}
+        {bindings}
       />
     </div>
   {/if}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/TriggerAutomation.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/TriggerAutomation.svelte
index 545a805cc5..e5b4c9d108 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/TriggerAutomation.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/TriggerAutomation.svelte
@@ -3,13 +3,14 @@
   import { automationStore } from "builderStore"
   import SaveFields from "./SaveFields.svelte"
 
+  export let parameters = {}
+  export let bindings = []
+
   const AUTOMATION_STATUS = {
     NEW: "new",
     EXISTING: "existing",
   }
 
-  export let parameters = {}
-
   let automationStatus = parameters.automationId
     ? AUTOMATION_STATUS.EXISTING
     : AUTOMATION_STATUS.NEW
@@ -109,6 +110,7 @@
         parameterFields={parameters.fields}
         fieldLabel="Field"
         on:change={onFieldsChanged}
+        {bindings}
       />
     {/key}
   </div>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js
index b8114461f9..c769a2300f 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js
@@ -5,6 +5,8 @@ import ExecuteQuery from "./ExecuteQuery.svelte"
 import TriggerAutomation from "./TriggerAutomation.svelte"
 import ValidateForm from "./ValidateForm.svelte"
 import LogOut from "./LogOut.svelte"
+import ClearForm from "./ClearForm.svelte"
+import CloseScreenModal from "./CloseScreenModal.svelte"
 
 // Defines which actions are available to configure in the front end.
 // Unfortunately the "name" property is used as the identifier so please don't
@@ -42,4 +44,12 @@ export default [
     name: "Log Out",
     component: LogOut,
   },
+  {
+    name: "Clear Form",
+    component: ClearForm,
+  },
+  {
+    name: "Close Screen Modal",
+    component: CloseScreenModal,
+  },
 ]
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte
index d190200044..adcf7ec29b 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte
@@ -20,6 +20,8 @@
 
   export let value = []
   export let componentInstance
+  export let bindings = []
+
   let drawer
   let tempValue = value || []
 
@@ -51,7 +53,7 @@
           constraints.
         {/if}
       </Body>
-      <LuceneFilterBuilder bind:value={tempValue} {schemaFields} />
+      <LuceneFilterBuilder bind:value={tempValue} {schemaFields} {bindings} />
     </Layout>
   </DrawerContent>
 </Drawer>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/LuceneFilterBuilder.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/LuceneFilterBuilder.svelte
index e30c7dd63d..be46169f57 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/LuceneFilterBuilder.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/LuceneFilterBuilder.svelte
@@ -7,20 +7,15 @@
     Combobox,
     Input,
   } from "@budibase/bbui"
-  import { store, currentAsset } from "builderStore"
-  import { getBindableProperties } from "builderStore/dataBinding"
   import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
   import { generate } from "shortid"
   import { OperatorOptions, getValidOperatorsForType } from "helpers/lucene"
 
   export let schemaFields
   export let value
+  export let bindings = []
 
   const BannedTypes = ["link", "attachment"]
-  $: bindableProperties = getBindableProperties(
-    $currentAsset,
-    $store.selectedComponentId
-  )
   $: fieldOptions = (schemaFields ?? [])
     .filter(field => !BannedTypes.includes(field.type))
     .map(field => field.name)
@@ -101,7 +96,7 @@
           title={`Value for "${expression.field}"`}
           value={expression.value}
           placeholder="Value"
-          bindings={bindableProperties}
+          {bindings}
           on:change={event => (expression.value = event.detail)}
         />
       {:else if ["string", "longform", "number"].includes(expression.type)}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/PropertyControl.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/PropertyControl.svelte
index 40d579e9c9..4ca7d9fc12 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/PropertyControl.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/PropertyControl.svelte
@@ -1,8 +1,6 @@
 <script>
   import { Button, Icon, Drawer, Label } from "@budibase/bbui"
-  import { store, currentAsset } from "builderStore"
   import {
-    getBindableProperties,
     readableToRuntimeBinding,
     runtimeToReadableBinding,
   } from "builderStore/dataBinding"
@@ -18,18 +16,15 @@
   export let value = null
   export let props = {}
   export let onChange = () => {}
+  export let bindings = []
 
   let bindingDrawer
   let anchor
   let valid
 
-  $: bindableProperties = getBindableProperties(
-    $currentAsset,
-    $store.selectedComponentId
-  )
-  $: safeValue = getSafeValue(value, props.defaultValue, bindableProperties)
+  $: safeValue = getSafeValue(value, props.defaultValue, bindings)
   $: tempValue = safeValue
-  $: replaceBindings = val => readableToRuntimeBinding(bindableProperties, val)
+  $: replaceBindings = val => readableToRuntimeBinding(bindings, val)
 
   const handleClose = () => {
     handleChange(tempValue)
@@ -61,8 +56,8 @@
 
   // The "safe" value is the value with any bindings made readable
   // If there is no value set, any default value is used
-  const getSafeValue = (value, defaultValue, bindableProperties) => {
-    const enriched = runtimeToReadableBinding(bindableProperties, value)
+  const getSafeValue = (value, defaultValue, bindings) => {
+    const enriched = runtimeToReadableBinding(bindings, value)
     return enriched == null && defaultValue !== undefined
       ? defaultValue
       : enriched
@@ -83,6 +78,7 @@
       updateOnChange={false}
       on:change={handleChange}
       onChange={handleChange}
+      {bindings}
       name={key}
       text={label}
       {type}
@@ -108,7 +104,7 @@
           bind:valid
           value={safeValue}
           on:change={e => (tempValue = e.detail)}
-          {bindableProperties}
+          bindableProperties={bindings}
         />
       </Drawer>
     {/if}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/URLSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/URLSelect.svelte
index 5a19c1add3..fb8b48b9ed 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/URLSelect.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/URLSelect.svelte
@@ -3,10 +3,11 @@
   import DrawerBindableCombobox from "components/common/bindings/DrawerBindableCombobox.svelte"
 
   export let value
+  export let bindings
 
   $: urlOptions = $store.screens
     .map(screen => screen.routing?.route)
     .filter(x => x != null)
 </script>
 
-<DrawerBindableCombobox {value} on:change options={urlOptions} />
+<DrawerBindableCombobox {value} {bindings} on:change options={urlOptions} />
diff --git a/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte b/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte
index 4570a05095..81c18d9f18 100644
--- a/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte
@@ -9,6 +9,7 @@
   import { FrontendTypes } from "constants"
 
   export let componentInstance
+  export let bindings
 
   function setAssetProps(name, value, parser) {
     if (parser && typeof parser === "function") {
@@ -53,6 +54,7 @@
         key={def.key}
         value={deepGet($currentAsset, def.key)}
         on:change={event => setAssetProps(def.key, event.detail, def.parser)}
+        {bindings}
       />
     {/each}
   </DetailSummary>
diff --git a/packages/builder/src/components/design/PropertiesPanel/StyleSection.svelte b/packages/builder/src/components/design/PropertiesPanel/StyleSection.svelte
index 0341c68534..18d63cfbce 100644
--- a/packages/builder/src/components/design/PropertiesPanel/StyleSection.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/StyleSection.svelte
@@ -7,6 +7,7 @@
   export let columns
   export let properties
   export let componentInstance
+  export let bindings = []
 
   $: style = componentInstance._styles.normal || {}
   $: changed = properties?.some(prop => hasPropChanged(style, prop)) ?? false
@@ -36,6 +37,7 @@
           value={style[prop.key]}
           onChange={val => store.actions.components.updateStyle(prop.key, val)}
           props={getControlProps(prop)}
+          {bindings}
         />
       </div>
     {/each}
diff --git a/packages/builder/src/components/integration/ExtraQueryConfig.svelte b/packages/builder/src/components/integration/ExtraQueryConfig.svelte
new file mode 100644
index 0000000000..303beb1e4b
--- /dev/null
+++ b/packages/builder/src/components/integration/ExtraQueryConfig.svelte
@@ -0,0 +1,48 @@
+<script>
+  import { Select, Label, Input } from "@budibase/bbui"
+
+  /**
+   * This component takes the query object and populates the 'extra' property
+   * when a datasource has specified a configuration for these fields in SCHEMA.extra
+   */
+  export let populateExtraQuery
+  export let config
+  export let query
+
+  $: extraFields = Object.keys(config).map(key => ({
+    ...config[key],
+    key,
+  }))
+
+  $: extraQueryFields = query.fields.extra || {}
+</script>
+
+{#each extraFields as { key, displayName, type }}
+  <div class="config-field">
+    <Label>{displayName}</Label>
+    {#if type === "string"}
+      <Input
+        on:change={() => populateExtraQuery(extraQueryFields)}
+        bind:value={extraQueryFields[key]}
+      />
+    {/if}
+
+    {#if type === "list"}
+      <Select
+        on:change={() => populateExtraQuery(extraQueryFields)}
+        bind:value={extraQueryFields[key]}
+        options={config[key].data[query.queryVerb]}
+        getOptionLabel={current => current}
+      />
+    {/if}
+  </div>
+{/each}
+
+<style>
+  .config-field {
+    display: grid;
+    grid-template-columns: 20% 1fr;
+    grid-gap: var(--spacing-l);
+    align-items: center;
+  }
+</style>
diff --git a/packages/builder/src/components/integration/QueryViewer.svelte b/packages/builder/src/components/integration/QueryViewer.svelte
index 5c2523d519..da93033cef 100644
--- a/packages/builder/src/components/integration/QueryViewer.svelte
+++ b/packages/builder/src/components/integration/QueryViewer.svelte
@@ -15,6 +15,7 @@
   } from "@budibase/bbui"
   import { notifications, Divider } from "@budibase/bbui"
   import api from "builderStore/api"
+  import ExtraQueryConfig from "./ExtraQueryConfig.svelte"
   import IntegrationQueryEditor from "components/integration/index.svelte"
   import ExternalDataSourceTable from "components/backend/DataTable/ExternalDataSourceTable.svelte"
   import ParameterBuilder from "components/integration/QueryParameterBuilder.svelte"
@@ -60,6 +61,14 @@
     fields = fields
   }
 
+  function resetDependentFields() {
+    if (query.fields.extra) query.fields.extra = {}
+  }
+
+  function populateExtraQuery(extraQueryFields) {
+    query.fields.extra = extraQueryFields
+  }
+
   async function previewQuery() {
     try {
       const response = await api.post(`/api/queries/preview`, {
@@ -127,11 +136,19 @@
         <Label>Function</Label>
         <Select
           bind:value={query.queryVerb}
+          on:change={resetDependentFields}
           options={Object.keys(queryConfig)}
           getOptionLabel={verb =>
             queryConfig[verb]?.displayName || capitalise(verb)}
         />
       </div>
+      {#if integrationInfo?.extra && query.queryVerb}
+        <ExtraQueryConfig
+          {query}
+          {populateExtraQuery}
+          config={integrationInfo.extra}
+        />
+      {/if}
       <ParameterBuilder bind:parameters={query.parameters} bindable={false} />
     {/if}
   </div>
diff --git a/packages/builder/src/components/start/AppCard.svelte b/packages/builder/src/components/start/AppCard.svelte
index e41ffc4469..3e19bfa022 100644
--- a/packages/builder/src/components/start/AppCard.svelte
+++ b/packages/builder/src/components/start/AppCard.svelte
@@ -15,6 +15,7 @@
   export let exportApp
   export let viewApp
   export let editApp
+  export let updateApp
   export let deleteApp
   export let unpublishApp
   export let releaseLock
@@ -53,6 +54,9 @@
           </MenuItem>
         {/if}
         {#if !app.deployed}
+          <MenuItem on:click={() => updateApp(app)} icon="Edit">
+            Update
+          </MenuItem>
           <MenuItem on:click={() => deleteApp(app)} icon="Delete">
             Delete
           </MenuItem>
diff --git a/packages/builder/src/components/start/AppRow.svelte b/packages/builder/src/components/start/AppRow.svelte
index 85bad84376..f8ecbf3320 100644
--- a/packages/builder/src/components/start/AppRow.svelte
+++ b/packages/builder/src/components/start/AppRow.svelte
@@ -14,6 +14,7 @@
   export let exportApp
   export let viewApp
   export let editApp
+  export let updateApp
   export let deleteApp
   export let unpublishApp
   export let releaseLock
@@ -82,6 +83,7 @@
       </MenuItem>
     {/if}
     {#if !app.deployed}
+      <MenuItem on:click={() => updateApp(app)} icon="Edit">Update</MenuItem>
       <MenuItem on:click={() => deleteApp(app)} icon="Delete">Delete</MenuItem>
     {/if}
   </ActionMenu>
diff --git a/packages/builder/src/components/start/UpdateAppModal.svelte b/packages/builder/src/components/start/UpdateAppModal.svelte
new file mode 100644
index 0000000000..dbbc000d1f
--- /dev/null
+++ b/packages/builder/src/components/start/UpdateAppModal.svelte
@@ -0,0 +1,111 @@
+<script>
+  import { writable, get as svelteGet } from "svelte/store"
+  import {
+    notifications,
+    Input,
+    Modal,
+    ModalContent,
+    Body,
+  } from "@budibase/bbui"
+  import { hostingStore } from "builderStore"
+  import { apps } from "stores/portal"
+  import { string, object } from "yup"
+  import { onMount } from "svelte"
+  import { capitalise } from "helpers"
+
+  const values = writable({ name: null })
+  const errors = writable({})
+  const touched = writable({})
+  const validator = {
+    name: string().required("Your application must have a name"),
+  }
+
+  export let app
+
+  let modal
+  let valid = false
+  let dirty = false
+  $: checkValidity($values, validator)
+  $: {
+    // prevent validation by setting name to undefined without an app
+    if (app) {
+      $values.name = app?.name
+    }
+  }
+
+  onMount(async () => {
+    await hostingStore.actions.fetchDeployedApps()
+    const existingAppNames = svelteGet(hostingStore).deployedAppNames
+    validator.name = string()
+      .required("Your application must have a name")
+      .test(
+        "non-existing-app-name",
+        "Another app with the same name already exists",
+        value => {
+          return !existingAppNames.some(
+            appName => dirty && appName.toLowerCase() === value.toLowerCase()
+          )
+        }
+      )
+  })
+
+  const checkValidity = async (values, validator) => {
+    const obj = object().shape(validator)
+    Object.keys(validator).forEach(key => ($errors[key] = null))
+    try {
+      await obj.validate(values, { abortEarly: false })
+    } catch (validationErrors) {
+      validationErrors.inner.forEach(error => {
+        $errors[error.path] = capitalise(error.message)
+      })
+    }
+    valid = await obj.isValid(values)
+  }
+
+  async function updateApp() {
+    try {
+      // Update App
+      await apps.update(app.instance._id, $values.name)
+      hide()
+    } catch (error) {
+      console.error(error)
+      notifications.error(error)
+    }
+  }
+
+  export const show = () => {
+    modal.show()
+  }
+  export const hide = () => {
+    modal.hide()
+  }
+
+  const onCancel = () => {
+    hide()
+  }
+
+  const onShow = () => {
+    dirty = false
+  }
+</script>
+
+<Modal bind:this={modal} on:hide={onCancel} on:show={onShow}>
+  <ModalContent
+    title={"Update app"}
+    confirmText={"Update app"}
+    onConfirm={updateApp}
+    disabled={!(valid && dirty)}
+  >
+    <Body size="S">
+      Give your new app a name, and choose which groups have access (paid plans
+      only).
+    </Body>
+    <Input
+      bind:value={$values.name}
+      error={$touched.name && $errors.name}
+      on:blur={() => ($touched.name = true)}
+      on:change={() => (dirty = true)}
+      label="Name"
+    />
+  </ModalContent>
+</Modal>
diff --git a/packages/builder/src/pages/builder/_layout.svelte b/packages/builder/src/pages/builder/_layout.svelte
index 43a5d205d9..b1f6d7e733 100644
--- a/packages/builder/src/pages/builder/_layout.svelte
+++ b/packages/builder/src/pages/builder/_layout.svelte
@@ -4,7 +4,10 @@
   import { onMount } from "svelte"
 
   let loaded = false
+
+  $: multiTenancyEnabled = $admin.multiTenancy
   $: hasAdminUser = !!$admin?.checklist?.adminUser
+  $: tenantSet = $auth.tenantSet
 
   onMount(async () => {
     await admin.init()
@@ -12,9 +15,14 @@
     loaded = true
   })
 
-  // Force creation of an admin user if one doesn't exist
   $: {
-    if (loaded && !hasAdminUser) {
+    const apiReady = $admin.loaded && $auth.loaded
+    // if tenant is not set go to it
+    if (loaded && apiReady && multiTenancyEnabled && !tenantSet) {
+      $redirect("./auth/org")
+    }
+    // Force creation of an admin user if one doesn't exist
+    else if (loaded && apiReady && !hasAdminUser) {
       $redirect("./admin")
     }
   }
@@ -29,7 +37,7 @@
       !$isActive("./invite")
     ) {
       const returnUrl = encodeURIComponent(window.location.pathname)
-      $redirect("./auth/login?", { returnUrl })
+      $redirect("./auth?", { returnUrl })
     } else if ($auth?.user?.forceResetPassword) {
       $redirect("./auth/reset")
     }
diff --git a/packages/builder/src/pages/builder/admin/index.svelte b/packages/builder/src/pages/builder/admin/index.svelte
index f8cbc21455..4d7e39db81 100644
--- a/packages/builder/src/pages/builder/admin/index.svelte
+++ b/packages/builder/src/pages/builder/admin/index.svelte
@@ -6,20 +6,25 @@
     Layout,
     Input,
     Body,
+    ActionButton,
   } from "@budibase/bbui"
   import { goto } from "@roxi/routify"
   import api from "builderStore/api"
-  import { admin } from "stores/portal"
+  import { admin, auth } from "stores/portal"
   import PasswordRepeatInput from "components/common/users/PasswordRepeatInput.svelte"
   import Logo from "assets/bb-emblem.svg"
 
   let adminUser = {}
   let error
 
+  $: tenantId = $auth.tenantId
+  $: multiTenancyEnabled = $admin.multiTenancy
+
   async function save() {
     try {
+      adminUser.tenantId = tenantId
       // Save the admin user
-      const response = await api.post(`/api/admin/users/init`, adminUser)
+      const response = await api.post(`/api/global/users/init`, adminUser)
       const json = await response.json()
       if (response.status !== 200) {
         throw new Error(json.message)
@@ -47,9 +52,22 @@
         <Input label="Email" bind:value={adminUser.email} />
         <PasswordRepeatInput bind:password={adminUser.password} bind:error />
       </Layout>
-      <Button cta disabled={error} on:click={save}>
-        Create super admin user
-      </Button>
+      <Layout gap="XS" noPadding>
+        <Button cta disabled={error} on:click={save}>
+          Create super admin user
+        </Button>
+        {#if multiTenancyEnabled}
+          <ActionButton
+            quiet
+            on:click={() => {
+              admin.unload()
+              $goto("../auth/org")
+            }}
+          >
+            Change organisation
+          </ActionButton>
+        {/if}
+      </Layout>
     </Layout>
   </div>
 </section>
diff --git a/packages/builder/src/pages/builder/app/[application]/data/datasource/[selectedDatasource]/CreateEditRelationship/CreateEditRelationship.svelte b/packages/builder/src/pages/builder/app/[application]/data/datasource/[selectedDatasource]/CreateEditRelationship/CreateEditRelationship.svelte
index 9a9b8b20b1..33ca4608ff 100644
--- a/packages/builder/src/pages/builder/app/[application]/data/datasource/[selectedDatasource]/CreateEditRelationship/CreateEditRelationship.svelte
+++ b/packages/builder/src/pages/builder/app/[application]/data/datasource/[selectedDatasource]/CreateEditRelationship/CreateEditRelationship.svelte
@@ -158,10 +158,16 @@
         fieldName: fromTable.primary[0],
       }
     } else {
+      // the relateFrom.fieldName should remain the same, as it is the foreignKey in the other
+      // table, this is due to the way that budibase represents relationships, the fieldName in a
+      // link column schema is the column linked to (FK in this case). The foreignKey column is
+      // essentially what is linked to in the from table, this is unique to SQL as this isn't a feature
+      // of Budibase internal tables.
+      // Essentially this means the fieldName is what we are linking to in the other table, and the
+      // foreignKey is what is linking out of the current table.
       relateFrom = {
         ...relateFrom,
-        foreignKey: relateFrom.fieldName,
-        fieldName: fromTable.primary[0],
+        foreignKey: fromTable.primary[0],
       }
       relateTo = {
         ...relateTo,
diff --git a/packages/builder/src/pages/builder/apps/index.svelte b/packages/builder/src/pages/builder/apps/index.svelte
index 69b6e770f6..c1bdc31cd4 100644
--- a/packages/builder/src/pages/builder/apps/index.svelte
+++ b/packages/builder/src/pages/builder/apps/index.svelte
@@ -54,7 +54,11 @@
             </Layout>
             <ActionMenu align="right">
               <div slot="control" class="avatar">
-                <Avatar size="M" initials={$auth.initials} />
+                <Avatar
+                  size="M"
+                  initials={$auth.initials}
+                  url={$auth.user.pictureUrl}
+                />
                 <Icon size="XL" name="ChevronDown" />
               </div>
               <MenuItem icon="UserEdit" on:click={() => userInfoModal.show()}>
diff --git a/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte b/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte
index c9a6aba218..0acaa127cc 100644
--- a/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte
+++ b/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte
@@ -1,14 +1,18 @@
 <script>
   import { ActionButton } from "@budibase/bbui"
   import GoogleLogo from "assets/google-logo.png"
-  import { organisation } from "stores/portal"
+  import { auth, organisation } from "stores/portal"
 
+  let show
+
+  $: tenantId = $auth.tenantId
   $: show = $organisation.google
 </script>
 
 {#if show}
   <ActionButton
-    on:click={() => window.open("/api/admin/auth/google", "_blank")}
+    on:click={() =>
+      window.open(`/api/global/auth/${tenantId}/google`, "_blank")}
   >
     <div class="inner">
       <img src={GoogleLogo} alt="google icon" />
diff --git a/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte b/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte
index 22ecad1620..bae68b6548 100644
--- a/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte
+++ b/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte
@@ -6,7 +6,7 @@
   import OktaLogo from "assets/okta-logo.png"
   import OneLoginLogo from "assets/onelogin-logo.png"
 
-  import { oidc, organisation } from "stores/portal"
+  import { oidc, organisation, auth } from "stores/portal"
   import { onMount } from "svelte"
 
   $: show = $organisation.oidc
@@ -31,7 +31,10 @@
 {#if show}
   <ActionButton
     on:click={() =>
-      window.open(`/api/admin/auth/oidc/configs/${$oidc.uuid}`, "_blank")}
+      window.open(
+        `/api/global/auth/${$auth.tenantId}/oidc/configs/${$oidc.uuid}`,
+        "_blank"
+      )}
   >
     <div class="inner">
       <img {src} alt="oidc icon" />
diff --git a/packages/builder/src/pages/builder/auth/forgot.svelte b/packages/builder/src/pages/builder/auth/forgot.svelte
index 85301b3f02..2503a99eb2 100644
--- a/packages/builder/src/pages/builder/auth/forgot.svelte
+++ b/packages/builder/src/pages/builder/auth/forgot.svelte
@@ -6,10 +6,12 @@
     Layout,
     Body,
     Heading,
+    ActionButton,
   } from "@budibase/bbui"
   import { organisation, auth } from "stores/portal"
   import Logo from "assets/bb-emblem.svg"
   import { onMount } from "svelte"
+  import { goto } from "@roxi/routify"
 
   let email = ""
 
@@ -41,9 +43,12 @@
         </Body>
         <Input label="Email" bind:value={email} />
       </Layout>
-      <Button cta on:click={forgot} disabled={!email}>
-        Reset your password
-      </Button>
+      <Layout gap="XS" nopadding>
+        <Button cta on:click={forgot} disabled={!email}>
+          Reset your password
+        </Button>
+        <ActionButton quiet on:click={() => $goto("../")}>Back</ActionButton>
+      </Layout>
     </Layout>
   </div>
 </div>
diff --git a/packages/builder/src/pages/builder/auth/index.svelte b/packages/builder/src/pages/builder/auth/index.svelte
index 12570aeeb5..a2a02e65c1 100644
--- a/packages/builder/src/pages/builder/auth/index.svelte
+++ b/packages/builder/src/pages/builder/auth/index.svelte
@@ -1,4 +1,24 @@
 <script>
   import { redirect } from "@roxi/routify"
-  $redirect("./login")
+  import { auth, admin } from "stores/portal"
+  import { onMount } from "svelte"
+
+  $: tenantSet = $auth.tenantSet
+  $: multiTenancyEnabled = $admin.multiTenancy
+
+  let loaded = false
+
+  $: {
+    if (loaded && multiTenancyEnabled && !tenantSet) {
+      $redirect("./org")
+    } else if (loaded) {
+      $redirect("./login")
+    }
+  }
+
+  onMount(async () => {
+    await admin.init()
+    await auth.checkQueryString()
+    loaded = true
+  })
 </script>
diff --git a/packages/builder/src/pages/builder/auth/login.svelte b/packages/builder/src/pages/builder/auth/login.svelte
index 8ce27b98bb..783e5a4903 100644
--- a/packages/builder/src/pages/builder/auth/login.svelte
+++ b/packages/builder/src/pages/builder/auth/login.svelte
@@ -10,7 +10,7 @@
     notifications,
   } from "@budibase/bbui"
   import { goto, params } from "@roxi/routify"
-  import { auth, organisation, oidc } from "stores/portal"
+  import { auth, organisation, oidc, admin } from "stores/portal"
   import GoogleButton from "./_components/GoogleButton.svelte"
   import OIDCButton from "./_components/OIDCButton.svelte"
   import Logo from "assets/bb-emblem.svg"
@@ -18,8 +18,10 @@
 
   let username = ""
   let password = ""
+  let loaded = false
 
   $: company = $organisation.company || "Budibase"
+  $: multiTenancyEnabled = $admin.multiTenancy
 
   async function login() {
     try {
@@ -27,7 +29,6 @@
         username,
         password,
       })
-      notifications.success("Logged in successfully")
       if ($auth?.user?.forceResetPassword) {
         $goto("./reset")
       } else {
@@ -50,6 +51,7 @@
 
   onMount(async () => {
     await organisation.init()
+    loaded = true
   })
 </script>
 
@@ -61,8 +63,10 @@
         <img alt="logo" src={$organisation.logoUrl || Logo} />
         <Heading>Sign in to {company}</Heading>
       </Layout>
-      <GoogleButton />
-      <OIDCButton oidcIcon={$oidc.logo} oidcName={$oidc.name} />
+      {#if loaded}
+        <GoogleButton />
+        <OIDCButton oidcIcon={$oidc.logo} oidcName={$oidc.name} />
+      {/if}
       <Divider noGrid />
       <Layout gap="XS" noPadding>
         <Body size="S" textAlign="center">Sign in with email</Body>
@@ -79,6 +83,17 @@
         <ActionButton quiet on:click={() => $goto("./forgot")}>
           Forgot password?
         </ActionButton>
+        {#if multiTenancyEnabled}
+          <ActionButton
+            quiet
+            on:click={() => {
+              admin.unload()
+              $goto("./org")
+            }}
+          >
+            Change organisation
+          </ActionButton>
+        {/if}
       </Layout>
     </Layout>
   </div>
diff --git a/packages/builder/src/pages/builder/auth/org.svelte b/packages/builder/src/pages/builder/auth/org.svelte
new file mode 100644
index 0000000000..785cf05914
--- /dev/null
+++ b/packages/builder/src/pages/builder/auth/org.svelte
@@ -0,0 +1,73 @@
+<script>
+  import { Body, Button, Divider, Heading, Input, Layout } from "@budibase/bbui"
+  import { goto } from "@roxi/routify"
+  import { auth, admin } from "stores/portal"
+  import Logo from "assets/bb-emblem.svg"
+  import { get } from "svelte/store"
+  import { onMount } from "svelte"
+
+  let tenantId = get(auth).tenantSet ? get(auth).tenantId : ""
+  $: multiTenancyEnabled = $admin.multiTenancy
+
+  async function setOrg() {
+    if (tenantId == null || tenantId === "") {
+      tenantId = "default"
+    }
+    await auth.setOrg(tenantId)
+    // re-init now org selected
+    await admin.init()
+    $goto("../")
+  }
+
+  function handleKeydown(evt) {
+    if (evt.key === "Enter") setOrg()
+  }
+
+  onMount(async () => {
+    await auth.checkQueryString()
+    if (!multiTenancyEnabled) {
+      $goto("../")
+    } else {
+      admin.unload()
+    }
+  })
+</script>
+
+<svelte:window on:keydown={handleKeydown} />
+<div class="login">
+  <div class="main">
+    <Layout>
+      <Layout noPadding justifyItems="center">
+        <img alt="logo" src={Logo} />
+        <Heading>Set Budibase organisation</Heading>
+      </Layout>
+      <Divider noGrid />
+      <Layout gap="XS" noPadding>
+        <Body size="S" textAlign="center">Set organisation</Body>
+        <Input label="Organisation" bind:value={tenantId} />
+      </Layout>
+      <Layout gap="XS" noPadding>
+        <Button cta on:click={setOrg}>Set organisation</Button>
+      </Layout>
+    </Layout>
+  </div>
+</div>
+
+<style>
+  .login {
+    width: 100%;
+    height: 100%;
+    display: flex;
+    flex-direction: column;
+    justify-content: center;
+    align-items: center;
+  }
+
+  .main {
+    width: 300px;
+  }
+
+  img {
+    width: 48px;
+  }
+</style>
diff --git a/packages/builder/src/pages/builder/index.svelte b/packages/builder/src/pages/builder/index.svelte
index a4fe10f10d..fba581a046 100644
--- a/packages/builder/src/pages/builder/index.svelte
+++ b/packages/builder/src/pages/builder/index.svelte
@@ -2,13 +2,15 @@
   import { redirect } from "@roxi/routify"
   import { auth } from "stores/portal"
 
+  auth.checkQueryString()
+
   $: {
     if (!$auth.user) {
-      $redirect("./auth/login")
+      $redirect(`./auth`)
     } else if ($auth.user.builder?.global) {
-      $redirect("./portal")
+      $redirect(`./portal`)
     } else {
-      $redirect("./apps")
+      $redirect(`./apps`)
     }
   }
 </script>
diff --git a/packages/builder/src/pages/builder/portal/_layout.svelte b/packages/builder/src/pages/builder/portal/_layout.svelte
index 4bc0b46167..20bdc9cb54 100644
--- a/packages/builder/src/pages/builder/portal/_layout.svelte
+++ b/packages/builder/src/pages/builder/portal/_layout.svelte
@@ -100,7 +100,11 @@
         <div />
         <ActionMenu align="right">
           <div slot="control" class="avatar">
-            <Avatar size="M" initials={$auth.initials} />
+            <Avatar
+              size="M"
+              initials={$auth.initials}
+              url={$auth.user.pictureUrl}
+            />
             <Icon size="XL" name="ChevronDown" />
           </div>
           <MenuItem icon="UserEdit" on:click={() => userInfoModal.show()}>
diff --git a/packages/builder/src/pages/builder/portal/apps/index.svelte b/packages/builder/src/pages/builder/portal/apps/index.svelte
index 6c229c1980..aafe9b60c3 100644
--- a/packages/builder/src/pages/builder/portal/apps/index.svelte
+++ b/packages/builder/src/pages/builder/portal/apps/index.svelte
@@ -14,6 +14,7 @@
     Body,
   } from "@budibase/bbui"
   import CreateAppModal from "components/start/CreateAppModal.svelte"
+  import UpdateAppModal from "components/start/UpdateAppModal.svelte"
   import api, { del } from "builderStore/api"
   import analytics from "analytics"
   import { onMount } from "svelte"
@@ -30,6 +31,7 @@
   let template
   let selectedApp
   let creationModal
+  let updatingModal
   let deletionModal
   let unpublishModal
   let creatingApp = false
@@ -164,6 +166,11 @@
     selectedApp = null
   }
 
+  const updateApp = async app => {
+    selectedApp = app
+    updatingModal.show()
+  }
+
   const releaseLock = async app => {
     try {
       const response = await del(`/api/dev/${app.devId}/lock`)
@@ -236,6 +243,7 @@
             {editApp}
             {exportApp}
             {deleteApp}
+            {updateApp}
           />
         {/each}
       </div>
@@ -289,6 +297,8 @@
   Are you sure you want to unpublish the app <b>{selectedApp?.name}</b>?
 </ConfirmDialog>
 
+<UpdateAppModal app={selectedApp} bind:this={updatingModal} />
+
 <style>
   .title,
   .filter {
diff --git a/packages/builder/src/pages/builder/portal/manage/auth/index.svelte b/packages/builder/src/pages/builder/portal/manage/auth/index.svelte
index 13a5f3e04c..be3775bb29 100644
--- a/packages/builder/src/pages/builder/portal/manage/auth/index.svelte
+++ b/packages/builder/src/pages/builder/portal/manage/auth/index.svelte
@@ -7,7 +7,6 @@
   import OneLoginLogo from "assets/onelogin-logo.png"
   import OidcLogoPng from "assets/oidc-logo.png"
   import { isEqual, cloneDeep } from "lodash/fp"
-
   import {
     Button,
     Heading,
@@ -22,36 +21,51 @@
   } from "@budibase/bbui"
   import { onMount } from "svelte"
   import api from "builderStore/api"
-  import { organisation } from "stores/portal"
+  import { organisation, auth, admin } from "stores/portal"
   import { uuid } from "builderStore/uuid"
 
+  $: tenantId = $auth.tenantId
+  $: multiTenancyEnabled = $admin.multiTenancy
+
   const ConfigTypes = {
     Google: "google",
     OIDC: "oidc",
-    // Github: "github",
-    // AzureAD: "ad",
   }
 
-  const GoogleConfigFields = {
-    Google: ["clientID", "clientSecret", "callbackURL"],
-  }
-  const GoogleConfigLabels = {
-    Google: {
-      clientID: "Client ID",
-      clientSecret: "Client secret",
-      callbackURL: "Callback URL",
-    },
+  function callbackUrl(tenantId, end) {
+    let url = `/api/global/auth`
+    if (multiTenancyEnabled && tenantId) {
+      url += `/${tenantId}`
+    }
+    url += end
+    return url
   }
 
-  const OIDCConfigFields = {
-    Oidc: ["configUrl", "clientID", "clientSecret"],
+  $: GoogleConfigFields = {
+    Google: [
+      { name: "clientID", label: "Client ID" },
+      { name: "clientSecret", label: "Client secret" },
+      {
+        name: "callbackURL",
+        label: "Callback URL",
+        readonly: true,
+        placeholder: callbackUrl(tenantId, "/google/callback"),
+      },
+    ],
   }
-  const OIDCConfigLabels = {
-    Oidc: {
-      configUrl: "Config URL",
-      clientID: "Client ID",
-      clientSecret: "Client Secret",
-    },
+
+  $: OIDCConfigFields = {
+    Oidc: [
+      { name: "configUrl", label: "Config URL" },
+      { name: "clientID", label: "Client ID" },
+      { name: "clientSecret", label: "Client Secret" },
+      {
+        name: "callbackURL",
+        label: "Callback URL",
+        readonly: true,
+        placeholder: callbackUrl(tenantId, "/oidc/callback"),
+      },
+    ],
   }
 
   let iconDropdownOptions = [
@@ -109,17 +123,13 @@
 
   // Create a flag so that it will only try to save completed forms
   $: partialGoogle =
-    providers.google?.config?.clientID ||
-    providers.google?.config?.clientSecret ||
-    providers.google?.config?.callbackURL
+    providers.google?.config?.clientID || providers.google?.config?.clientSecret
   $: partialOidc =
     providers.oidc?.config?.configs[0].configUrl ||
     providers.oidc?.config?.configs[0].clientID ||
     providers.oidc?.config?.configs[0].clientSecret
   $: googleComplete =
-    providers.google?.config?.clientID &&
-    providers.google?.config?.clientSecret &&
-    providers.google?.config?.callbackURL
+    providers.google?.config?.clientID && providers.google?.config?.clientSecret
   $: oidcComplete =
     providers.oidc?.config?.configs[0].configUrl &&
     providers.oidc?.config?.configs[0].clientID &&
@@ -129,7 +139,7 @@
     let data = new FormData()
     data.append("file", file)
     const res = await api.post(
-      `/api/admin/configs/upload/logos_oidc/${file.name}`,
+      `/api/global/configs/upload/logos_oidc/${file.name}`,
       data,
       {}
     )
@@ -149,17 +159,21 @@
     let calls = []
     docs.forEach(element => {
       if (element.type === ConfigTypes.OIDC) {
-        //Add a UUID here so each config is distinguishable when it arrives at the login page.
-        element.config.configs.forEach(config => {
-          !config.uuid && (config.uuid = uuid())
-        })
+        //Add a UUID here so each config is distinguishable when it arrives at the login page
+        for (let config of element.config.configs) {
+          if (!config.uuid) {
+            config.uuid = uuid()
+          }
+          // callback urls shouldn't be included
+          delete config.callbackURL
+        }
         if (partialOidc) {
           if (!oidcComplete) {
             notifications.error(
               `Please fill in all required ${ConfigTypes.OIDC} fields`
             )
           } else {
-            calls.push(api.post(`/api/admin/configs`, element))
+            calls.push(api.post(`/api/global/configs`, element))
             // turn the save button grey when clicked
             oidcSaveButtonDisabled = true
             originalOidcDoc = cloneDeep(providers.oidc)
@@ -173,7 +187,7 @@
               `Please fill in all required ${ConfigTypes.Google} fields`
             )
           } else {
-            calls.push(api.post(`/api/admin/configs`, element))
+            calls.push(api.post(`/api/global/configs`, element))
             googleSaveButtonDisabled = true
             originalGoogleDoc = cloneDeep(providers.google)
           }
@@ -206,7 +220,7 @@
     await organisation.init()
     // fetch the configs for oauth
     const googleResponse = await api.get(
-      `/api/admin/configs/${ConfigTypes.Google}`
+      `/api/global/configs/${ConfigTypes.Google}`
     )
     const googleDoc = await googleResponse.json()
 
@@ -227,7 +241,7 @@
 
     //Get the list of user uploaded logos and push it to the dropdown options.
     //This needs to be done before the config call so they're available when the dropdown renders
-    const res = await api.get(`/api/admin/configs/logos_oidc`)
+    const res = await api.get(`/api/global/configs/logos_oidc`)
     const configSettings = await res.json()
 
     if (configSettings.config) {
@@ -242,17 +256,16 @@
         })
       })
     }
-    const oidcResponse = await api.get(`/api/admin/configs/${ConfigTypes.OIDC}`)
+    const oidcResponse = await api.get(
+      `/api/global/configs/${ConfigTypes.OIDC}`
+    )
     const oidcDoc = await oidcResponse.json()
     if (!oidcDoc._id) {
-      console.log("hi")
-
       providers.oidc = {
         type: ConfigTypes.OIDC,
         config: { configs: [{ activated: true }] },
       }
     } else {
-      console.log("hello")
       originalOidcDoc = cloneDeep(oidcDoc)
       providers.oidc = oidcDoc
     }
@@ -295,8 +308,12 @@
     <Layout gap="XS" noPadding>
       {#each GoogleConfigFields.Google as field}
         <div class="form-row">
-          <Label size="L">{GoogleConfigLabels.Google[field]}</Label>
-          <Input bind:value={providers.google.config[field]} />
+          <Label size="L">{field.label}</Label>
+          <Input
+            bind:value={providers.google.config[field.name]}
+            readonly={field.readonly}
+            placeholder={field.placeholder}
+          />
         </div>
       {/each}
       <div class="form-row">
@@ -335,14 +352,14 @@
     <Layout gap="XS" noPadding>
       {#each OIDCConfigFields.Oidc as field}
         <div class="form-row">
-          <Label size="L">{OIDCConfigLabels.Oidc[field]}</Label>
-          <Input bind:value={providers.oidc.config.configs[0][field]} />
+          <Label size="L">{field.label}</Label>
+          <Input
+            bind:value={providers.oidc.config.configs[0][field.name]}
+            readonly={field.readonly}
+            placeholder={field.placeholder}
+          />
         </div>
       {/each}
-      <div class="form-row">
-        <Label size="L">Callback URL</Label>
-        <Input readonly placeholder="/api/admin/auth/oidc/callback" />
-      </div>
       <br />
       <Body size="S">
         To customize your login button, fill out the fields below.
diff --git a/packages/builder/src/pages/builder/portal/manage/email/index.svelte b/packages/builder/src/pages/builder/portal/manage/email/index.svelte
index 4a2b21b691..f94d2bcd0f 100644
--- a/packages/builder/src/pages/builder/portal/manage/email/index.svelte
+++ b/packages/builder/src/pages/builder/portal/manage/email/index.svelte
@@ -53,7 +53,7 @@
       delete smtp.config.auth
     }
     // Save your SMTP config
-    const response = await api.post(`/api/admin/configs`, smtp)
+    const response = await api.post(`/api/global/configs`, smtp)
 
     if (response.status !== 200) {
       const error = await response.text()
@@ -75,7 +75,9 @@
   async function fetchSmtp() {
     loading = true
     // fetch the configs for smtp
-    const smtpResponse = await api.get(`/api/admin/configs/${ConfigTypes.SMTP}`)
+    const smtpResponse = await api.get(
+      `/api/global/configs/${ConfigTypes.SMTP}`
+    )
     const smtpDoc = await smtpResponse.json()
 
     if (!smtpDoc._id) {
@@ -92,8 +94,13 @@
     requireAuth = smtpConfig.config.auth != null
     // always attach the auth for the forms purpose -
     // this will be removed later if required
-    smtpConfig.config.auth = {
-      type: "login",
+    if (!smtpDoc.config) {
+      smtpDoc.config = {}
+    }
+    if (!smtpDoc.config.auth) {
+      smtpConfig.config.auth = {
+        type: "login",
+      }
     }
   }
 
diff --git a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
index ebb01bd336..c0f21bb554 100644
--- a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
+++ b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
@@ -47,8 +47,8 @@
   })
   let selectedApp
 
-  const userFetch = fetchData(`/api/admin/users/${userId}`)
-  const apps = fetchData(`/api/admin/roles`)
+  const userFetch = fetchData(`/api/global/users/${userId}`)
+  const apps = fetchData(`/api/global/roles`)
 
   async function deleteUser() {
     const res = await users.delete(userId)
diff --git a/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte b/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte
index 59045a1198..8d139a7d66 100644
--- a/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte
+++ b/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte
@@ -48,7 +48,7 @@
     on:change
     {options}
     label="Role"
-    getOptionLabel={role => role.name}
-    getOptionValue={role => role._id}
+    getOptionLabel={role => role.label}
+    getOptionValue={role => role.value}
   />
 </ModalContent>
diff --git a/packages/builder/src/pages/builder/portal/settings/organisation.svelte b/packages/builder/src/pages/builder/portal/settings/organisation.svelte
index 682b0c4ee9..b274d3af91 100644
--- a/packages/builder/src/pages/builder/portal/settings/organisation.svelte
+++ b/packages/builder/src/pages/builder/portal/settings/organisation.svelte
@@ -37,7 +37,7 @@
   async function uploadLogo(file) {
     let data = new FormData()
     data.append("file", file)
-    const res = await post("/api/admin/configs/upload/settings/logo", data, {})
+    const res = await post("/api/global/configs/upload/settings/logo", data, {})
     return await res.json()
   }
 
diff --git a/packages/builder/src/pages/index.svelte b/packages/builder/src/pages/index.svelte
index 4c97b49763..477097f726 100644
--- a/packages/builder/src/pages/index.svelte
+++ b/packages/builder/src/pages/index.svelte
@@ -1,4 +1,11 @@
 <script>
   import { redirect } from "@roxi/routify"
-  $redirect("./builder")
+  import { auth } from "../stores/portal"
+  import { onMount } from "svelte"
+
+  auth.checkQueryString()
+
+  onMount(() => {
+    $redirect(`./builder`)
+  })
 </script>
diff --git a/packages/builder/src/stores/portal/admin.js b/packages/builder/src/stores/portal/admin.js
index 33eb23a64d..0699daf8dc 100644
--- a/packages/builder/src/stores/portal/admin.js
+++ b/packages/builder/src/stores/portal/admin.js
@@ -1,12 +1,18 @@
-import { writable } from "svelte/store"
+import { writable, get } from "svelte/store"
 import api from "builderStore/api"
+import { auth } from "stores/portal"
 
 export function createAdminStore() {
-  const { subscribe, set } = writable({})
+  const admin = writable({
+    loaded: false,
+  })
 
   async function init() {
     try {
-      const response = await api.get("/api/admin/configs/checklist")
+      const tenantId = get(auth).tenantId
+      const response = await api.get(
+        `/api/global/configs/checklist?tenantId=${tenantId}`
+      )
       const json = await response.json()
 
       const onboardingSteps = Object.keys(json)
@@ -16,20 +22,49 @@ export function createAdminStore() {
         0
       )
 
-      set({
-        checklist: json,
-        onboardingProgress: (stepsComplete / onboardingSteps.length) * 100,
+      await multiTenancyEnabled()
+      admin.update(store => {
+        store.loaded = true
+        store.checklist = json
+        store.onboardingProgress =
+          (stepsComplete / onboardingSteps.length) * 100
+        return store
       })
     } catch (err) {
-      set({
-        checklist: null,
+      admin.update(store => {
+        store.checklist = null
+        return store
       })
     }
   }
 
+  async function multiTenancyEnabled() {
+    let enabled = false
+    try {
+      const response = await api.get(`/api/system/flags`)
+      const json = await response.json()
+      enabled = json.multiTenancy
+    } catch (err) {
+      // just let it stay disabled
+    }
+    admin.update(store => {
+      store.multiTenancy = enabled
+      return store
+    })
+    return enabled
+  }
+
+  function unload() {
+    admin.update(store => {
+      store.loaded = false
+      return store
+    })
+  }
+
   return {
-    subscribe,
+    subscribe: admin.subscribe,
     init,
+    unload,
   }
 }
 
diff --git a/packages/builder/src/stores/portal/apps.js b/packages/builder/src/stores/portal/apps.js
index f0cee6147c..1b0e8becea 100644
--- a/packages/builder/src/stores/portal/apps.js
+++ b/packages/builder/src/stores/portal/apps.js
@@ -1,6 +1,7 @@
 import { writable } from "svelte/store"
 import { get } from "builderStore/api"
 import { AppStatus } from "../../constants"
+import api from "../../builderStore/api"
 
 export function createAppStore() {
   const store = writable([])
@@ -53,9 +54,29 @@ export function createAppStore() {
     }
   }
 
+  async function update(appId, name) {
+    const response = await api.put(`/api/applications/${appId}`, { name })
+    if (response.status === 200) {
+      store.update(state => {
+        const updatedAppIndex = state.findIndex(
+          app => app.instance._id === appId
+        )
+        if (updatedAppIndex !== -1) {
+          const updatedApp = state[updatedAppIndex]
+          updatedApp.name = name
+          state.apps = state.splice(updatedAppIndex, 1, updatedApp)
+        }
+        return state
+      })
+    } else {
+      throw new Error("Error updating name")
+    }
+  }
+
   return {
     subscribe: store.subscribe,
     load,
+    update,
   }
 }
 
diff --git a/packages/builder/src/stores/portal/auth.js b/packages/builder/src/stores/portal/auth.js
index ef91c114f6..fe8f87cfb2 100644
--- a/packages/builder/src/stores/portal/auth.js
+++ b/packages/builder/src/stores/portal/auth.js
@@ -1,74 +1,124 @@
 import { derived, writable, get } from "svelte/store"
 import api from "../../builderStore/api"
+import { admin } from "stores/portal"
 
 export function createAuthStore() {
-  const user = writable(null)
-  const store = derived(user, $user => {
+  const auth = writable({
+    user: null,
+    tenantId: "default",
+    tenantSet: false,
+    loaded: false,
+  })
+  const store = derived(auth, $store => {
     let initials = null
     let isAdmin = false
     let isBuilder = false
-    if ($user) {
-      if ($user.firstName) {
-        initials = $user.firstName[0]
-        if ($user.lastName) {
-          initials += $user.lastName[0]
+    if ($store.user) {
+      const user = $store.user
+      if (user.firstName) {
+        initials = user.firstName[0]
+        if (user.lastName) {
+          initials += user.lastName[0]
         }
-      } else if ($user.email) {
-        initials = $user.email[0]
+      } else if (user.email) {
+        initials = user.email[0]
       } else {
         initials = "Unknown"
       }
-      isAdmin = !!$user.admin?.global
-      isBuilder = !!$user.builder?.global
+      isAdmin = !!user.admin?.global
+      isBuilder = !!user.builder?.global
     }
     return {
-      user: $user,
+      user: $store.user,
+      tenantId: $store.tenantId,
+      tenantSet: $store.tenantSet,
+      loaded: $store.loaded,
       initials,
       isAdmin,
       isBuilder,
     }
   })
 
+  function setUser(user) {
+    auth.update(store => {
+      store.loaded = true
+      store.user = user
+      if (user) {
+        store.tenantId = user.tenantId || "default"
+        store.tenantSet = true
+      }
+      return store
+    })
+  }
+
+  async function setOrganisation(tenantId) {
+    const prevId = get(store).tenantId
+    auth.update(store => {
+      store.tenantId = tenantId
+      store.tenantSet = !!tenantId
+      return store
+    })
+    if (prevId !== tenantId) {
+      // re-init admin after setting org
+      await admin.init()
+    }
+  }
+
   return {
     subscribe: store.subscribe,
+    checkQueryString: async () => {
+      const urlParams = new URLSearchParams(window.location.search)
+      if (urlParams.has("tenantId")) {
+        const tenantId = urlParams.get("tenantId")
+        await setOrganisation(tenantId)
+      }
+    },
+    setOrg: async tenantId => {
+      await setOrganisation(tenantId)
+    },
     checkAuth: async () => {
-      const response = await api.get("/api/admin/users/self")
+      const response = await api.get("/api/global/users/self")
       if (response.status !== 200) {
-        user.set(null)
+        setUser(null)
       } else {
         const json = await response.json()
-        user.set(json)
+        setUser(json)
       }
     },
     login: async creds => {
-      const response = await api.post(`/api/admin/auth`, creds)
+      const tenantId = get(store).tenantId
+      const response = await api.post(
+        `/api/global/auth/${tenantId}/login`,
+        creds
+      )
       const json = await response.json()
       if (response.status === 200) {
-        user.set(json.user)
+        setUser(json.user)
       } else {
         throw "Invalid credentials"
       }
       return json
     },
     logout: async () => {
-      const response = await api.post(`/api/admin/auth/logout`)
+      const response = await api.post(`/api/global/auth/logout`)
       if (response.status !== 200) {
         throw "Unable to create logout"
       }
       await response.json()
-      user.set(null)
+      setUser(null)
     },
     updateSelf: async fields => {
-      const newUser = { ...get(user), ...fields }
-      const response = await api.post("/api/admin/users/self", newUser)
+      const newUser = { ...get(auth).user, ...fields }
+      const response = await api.post("/api/global/users/self", newUser)
       if (response.status === 200) {
-        user.set(newUser)
+        setUser(newUser)
       } else {
         throw "Unable to update user details"
       }
     },
     forgotPassword: async email => {
-      const response = await api.post(`/api/admin/auth/reset`, {
+      const tenantId = get(store).tenantId
+      const response = await api.post(`/api/global/auth/${tenantId}/reset`, {
         email,
       })
       if (response.status !== 200) {
@@ -77,17 +127,21 @@ export function createAuthStore() {
       await response.json()
     },
     resetPassword: async (password, code) => {
-      const response = await api.post(`/api/admin/auth/reset/update`, {
-        password,
-        resetCode: code,
-      })
+      const tenantId = get(store).tenantId
+      const response = await api.post(
+        `/api/global/auth/${tenantId}/reset/update`,
+        {
+          password,
+          resetCode: code,
+        }
+      )
       if (response.status !== 200) {
         throw "Unable to reset password"
       }
       await response.json()
     },
     createUser: async user => {
-      const response = await api.post(`/api/admin/users`, user)
+      const response = await api.post(`/api/global/users`, user)
       if (response.status !== 200) {
         throw "Unable to create user"
       }
diff --git a/packages/builder/src/stores/portal/email.js b/packages/builder/src/stores/portal/email.js
index 4ec6d72d3e..a015480141 100644
--- a/packages/builder/src/stores/portal/email.js
+++ b/packages/builder/src/stores/portal/email.js
@@ -9,11 +9,11 @@ export function createEmailStore() {
     templates: {
       fetch: async () => {
         // fetch the email template definitions
-        const response = await api.get(`/api/admin/template/definitions`)
+        const response = await api.get(`/api/global/template/definitions`)
         const definitions = await response.json()
 
         // fetch the email templates themselves
-        const templatesResponse = await api.get(`/api/admin/template/email`)
+        const templatesResponse = await api.get(`/api/global/template/email`)
         const templates = await templatesResponse.json()
 
         store.set({
@@ -23,7 +23,7 @@ export function createEmailStore() {
       },
       save: async template => {
         // Save your template config
-        const response = await api.post(`/api/admin/template`, template)
+        const response = await api.post(`/api/global/template`, template)
         const json = await response.json()
         if (response.status !== 200) throw new Error(json.message)
         template._rev = json._rev
diff --git a/packages/builder/src/stores/portal/oidc.js b/packages/builder/src/stores/portal/oidc.js
index d8d06f12a9..3e3a7048ca 100644
--- a/packages/builder/src/stores/portal/oidc.js
+++ b/packages/builder/src/stores/portal/oidc.js
@@ -1,5 +1,6 @@
-import { writable } from "svelte/store"
+import { writable, get } from "svelte/store"
 import api from "builderStore/api"
+import { auth } from "stores/portal"
 
 const OIDC_CONFIG = {
   logo: undefined,
@@ -12,10 +13,13 @@ export function createOidcStore() {
   const { set, subscribe } = store
 
   async function init() {
-    const res = await api.get(`/api/admin/configs/publicOidc`)
+    const tenantId = get(auth).tenantId
+    const res = await api.get(
+      `/api/global/configs/public/oidc?tenantId=${tenantId}`
+    )
     const json = await res.json()
 
-    if (json.status === 400) {
+    if (json.status === 400 || Object.keys(json).length === 0) {
       set(OIDC_CONFIG)
     } else {
       // Just use the first config for now. We will be support multiple logins buttons later on.
diff --git a/packages/builder/src/stores/portal/organisation.js b/packages/builder/src/stores/portal/organisation.js
index 71c0be4b4d..03bfa6ca28 100644
--- a/packages/builder/src/stores/portal/organisation.js
+++ b/packages/builder/src/stores/portal/organisation.js
@@ -1,8 +1,9 @@
 import { writable, get } from "svelte/store"
 import api from "builderStore/api"
+import { auth } from "stores/portal"
 
 const DEFAULT_CONFIG = {
-  platformUrl: "http://localhost:1000",
+  platformUrl: "http://localhost:10000",
   logoUrl: undefined,
   docsUrl: undefined,
   company: "Budibase",
@@ -15,7 +16,8 @@ export function createOrganisationStore() {
   const { subscribe, set } = store
 
   async function init() {
-    const res = await api.get(`/api/admin/configs/public`)
+    const tenantId = get(auth).tenantId
+    const res = await api.get(`/api/global/configs/public?tenantId=${tenantId}`)
     const json = await res.json()
 
     if (json.status === 400) {
@@ -26,7 +28,7 @@ export function createOrganisationStore() {
   }
 
   async function save(config) {
-    const res = await api.post("/api/admin/configs", {
+    const res = await api.post("/api/global/configs", {
       type: "settings",
       config: { ...get(store), ...config },
       _rev: get(store)._rev,
diff --git a/packages/builder/src/stores/portal/users.js b/packages/builder/src/stores/portal/users.js
index 8a19f79809..17299dc056 100644
--- a/packages/builder/src/stores/portal/users.js
+++ b/packages/builder/src/stores/portal/users.js
@@ -6,7 +6,7 @@ export function createUsersStore() {
   const { subscribe, set } = writable([])
 
   async function init() {
-    const response = await api.get(`/api/admin/users`)
+    const response = await api.get(`/api/global/users`)
     const json = await response.json()
     set(json)
   }
@@ -23,12 +23,12 @@ export function createUsersStore() {
         global: true,
       }
     }
-    const response = await api.post(`/api/admin/users/invite`, body)
+    const response = await api.post(`/api/global/users/invite`, body)
     return await response.json()
   }
 
   async function acceptInvite(inviteCode, password) {
-    const response = await api.post("/api/admin/users/invite/accept", {
+    const response = await api.post("/api/global/users/invite/accept", {
       inviteCode,
       password,
     })
@@ -47,20 +47,20 @@ export function createUsersStore() {
     if (admin) {
       body.admin = { global: true }
     }
-    const response = await api.post("/api/admin/users", body)
+    const response = await api.post("/api/global/users", body)
     await init()
     return await response.json()
   }
 
   async function del(id) {
-    const response = await api.delete(`/api/admin/users/${id}`)
+    const response = await api.delete(`/api/global/users/${id}`)
     update(users => users.filter(user => user._id !== id))
     return await response.json()
   }
 
   async function save(data) {
     try {
-      const res = await post(`/api/admin/users`, data)
+      const res = await post(`/api/global/users`, data)
       return await res.json()
     } catch (error) {
       console.log(error)
diff --git a/packages/cli/package.json b/packages/cli/package.json
index 3dab1c547b..3d5da7a067 100644
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/cli",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "description": "Budibase CLI, for developers, self hosting and migrations.",
   "main": "src/index.js",
   "bin": {
diff --git a/packages/client/package.json b/packages/client/package.json
index f80a81104a..5fe603af94 100644
--- a/packages/client/package.json
+++ b/packages/client/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/client",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "license": "MPL-2.0",
   "module": "dist/budibase-client.js",
   "main": "dist/budibase-client.js",
@@ -18,9 +18,9 @@
     "dev:builder": "rollup -cw"
   },
   "dependencies": {
-    "@budibase/bbui": "^0.9.82",
-    "@budibase/standard-components": "^0.9.82",
-    "@budibase/string-templates": "^0.9.82",
+    "@budibase/bbui": "^0.9.99-alpha.6",
+    "@budibase/standard-components": "^0.9.99-alpha.6",
+    "@budibase/string-templates": "^0.9.99-alpha.6",
     "regexparam": "^1.3.0",
     "shortid": "^2.2.15",
     "svelte-spa-router": "^3.0.5"
diff --git a/packages/client/src/api/api.js b/packages/client/src/api/api.js
index b915f14fd1..5449c3f219 100644
--- a/packages/client/src/api/api.js
+++ b/packages/client/src/api/api.js
@@ -38,15 +38,15 @@ const makeApiCall = async ({ method, url, body, json = true }) => {
       case 200:
         return response.json()
       case 401:
-        notificationStore.danger("Invalid credentials")
+        notificationStore.actions.error("Invalid credentials")
         return handleError(`Invalid credentials`)
       case 404:
-        notificationStore.danger("Not found")
+        notificationStore.actions.warning("Not found")
         return handleError(`${url}: Not Found`)
       case 400:
         return handleError(`${url}: Bad Request`)
       case 403:
-        notificationStore.danger(
+        notificationStore.actions.error(
           "Your session has expired, or you don't have permission to access that data"
         )
         return handleError(`${url}: Forbidden`)
diff --git a/packages/client/src/api/auth.js b/packages/client/src/api/auth.js
index 6ea105d9f9..68ca5dbc80 100644
--- a/packages/client/src/api/auth.js
+++ b/packages/client/src/api/auth.js
@@ -13,7 +13,7 @@ export const logIn = async ({ email, password }) => {
     return API.error("Please enter your password")
   }
   return await API.post({
-    url: "/api/admin/auth",
+    url: "/api/global/auth",
     body: { username: email, password },
   })
 }
@@ -23,7 +23,7 @@ export const logIn = async ({ email, password }) => {
  */
 export const fetchSelf = async () => {
   const user = await API.get({ url: "/api/self" })
-  if (user?._id) {
+  if (user && user._id) {
     if (user.roleId === "PUBLIC") {
       // Don't try to enrich a public user as it will 403
       return user
diff --git a/packages/client/src/api/automations.js b/packages/client/src/api/automations.js
index 4dd5958568..2b989f85ae 100644
--- a/packages/client/src/api/automations.js
+++ b/packages/client/src/api/automations.js
@@ -9,7 +9,7 @@ export const triggerAutomation = async (automationId, fields) => {
     body: { fields },
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Automation triggered")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Automation triggered")
   return res
 }
diff --git a/packages/client/src/api/queries.js b/packages/client/src/api/queries.js
index 715841f0fa..a6ef1a763f 100644
--- a/packages/client/src/api/queries.js
+++ b/packages/client/src/api/queries.js
@@ -7,7 +7,7 @@ import API from "./api"
 export const executeQuery = async ({ queryId, parameters }) => {
   const query = await API.get({ url: `/api/queries/${queryId}` })
   if (query?.datasourceId == null) {
-    notificationStore.danger("That query couldn't be found")
+    notificationStore.actions.error("That query couldn't be found")
     return
   }
   const res = await API.post({
@@ -17,9 +17,9 @@ export const executeQuery = async ({ queryId, parameters }) => {
     },
   })
   if (res.error) {
-    notificationStore.danger("An error has occurred")
+    notificationStore.actions.error("An error has occurred")
   } else if (!query.readable) {
-    notificationStore.success("Query executed successfully")
+    notificationStore.actions.success("Query executed successfully")
     dataSourceStore.actions.invalidateDataSource(query.datasourceId)
   }
   return res
diff --git a/packages/client/src/api/rows.js b/packages/client/src/api/rows.js
index 14d696351d..21f8ec1f98 100644
--- a/packages/client/src/api/rows.js
+++ b/packages/client/src/api/rows.js
@@ -27,8 +27,8 @@ export const saveRow = async row => {
     body: row,
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Row saved")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Row saved")
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(row.tableId)
@@ -48,8 +48,8 @@ export const updateRow = async row => {
     body: row,
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Row updated")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Row updated")
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(row.tableId)
@@ -72,8 +72,8 @@ export const deleteRow = async ({ tableId, rowId, revId }) => {
     },
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Row deleted")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Row deleted")
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(tableId)
@@ -95,8 +95,8 @@ export const deleteRows = async ({ tableId, rows }) => {
     },
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success(`${rows.length} row(s) deleted`)
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success(`${rows.length} row(s) deleted`)
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(tableId)
diff --git a/packages/client/src/components/ClientApp.svelte b/packages/client/src/components/ClientApp.svelte
index 1076c0f568..1afcc4594d 100644
--- a/packages/client/src/components/ClientApp.svelte
+++ b/packages/client/src/components/ClientApp.svelte
@@ -4,6 +4,7 @@
   import Component from "./Component.svelte"
   import NotificationDisplay from "./NotificationDisplay.svelte"
   import ConfirmationDisplay from "./ConfirmationDisplay.svelte"
+  import PeekScreenDisplay from "./PeekScreenDisplay.svelte"
   import Provider from "./Provider.svelte"
   import SDK from "../sdk"
   import {
@@ -93,13 +94,14 @@
       </div>
     {:else if $screenStore.activeLayout}
       <Provider key="user" data={$authStore} {actions}>
-        <div id="app-root">
+        <div id="app-root" class:preview={$builderStore.inBuilder}>
           {#key $screenStore.activeLayout._id}
             <Component instance={$screenStore.activeLayout.props} />
           {/key}
         </div>
         <NotificationDisplay />
         <ConfirmationDisplay />
+        <PeekScreenDisplay />
         <!-- Key block needs to be outside the if statement or it breaks -->
         {#key $builderStore.selectedComponentId}
           {#if $builderStore.inBuilder}
@@ -130,6 +132,8 @@
   }
   #app-root {
     position: relative;
+  }
+  #app-root.preview {
     border: 1px solid var(--spectrum-global-color-gray-300);
   }
 
diff --git a/packages/client/src/components/NotificationDisplay.svelte b/packages/client/src/components/NotificationDisplay.svelte
index 1a960c383a..f03fb692fd 100644
--- a/packages/client/src/components/NotificationDisplay.svelte
+++ b/packages/client/src/components/NotificationDisplay.svelte
@@ -1,36 +1,34 @@
 <script>
-  import { flip } from "svelte/animate"
+  import { notificationStore } from "../store"
+  import { Notification } from "@budibase/bbui"
   import { fly } from "svelte/transition"
-  import { getContext } from "svelte"
-  const { notifications } = getContext("sdk")
-
-  export let themes = {
-    danger: "#E26D69",
-    success: "#84C991",
-    warning: "#f0ad4e",
-    info: "#5bc0de",
-    default: "#aaaaaa",
-  }
 </script>
 
 <div class="notifications">
-  {#each $notifications as notification (notification.id)}
-    <div
-      animate:flip
-      class="toast"
-      style="background: {themes[notification.type]};"
-      transition:fly={{ y: -30 }}
-    >
-      <div class="content">{notification.message}</div>
-      {#if notification.icon}<i class={notification.icon} />{/if}
-    </div>
-  {/each}
+  {#if $notificationStore}
+    {#key $notificationStore.id}
+      <div
+        in:fly={{
+          duration: 300,
+          y: -20,
+          delay: $notificationStore.delay ? 300 : 0,
+        }}
+        out:fly={{ y: -20, duration: 150 }}
+      >
+        <Notification
+          type={$notificationStore.type}
+          message={$notificationStore.message}
+          icon={$notificationStore.icon}
+        />
+      </div>
+    {/key}
+  {/if}
 </div>
 
 <style>
   .notifications {
     position: fixed;
-    top: 10px;
+    top: 20px;
     left: 0;
     right: 0;
     margin: 0 auto;
@@ -42,19 +40,4 @@
     align-items: center;
     pointer-events: none;
   }
-
-  .toast {
-    flex: 0 0 auto;
-    margin-bottom: 10px;
-    border-radius: var(--border-radius-s);
-    /* The toasts now support being auto sized, so this static width could be removed */
-    width: 40vw;
-  }
-
-  .content {
-    padding: 10px;
-    display: block;
-    color: white;
-    font-weight: 600;
-  }
 </style>
diff --git a/packages/client/src/components/PeekScreenDisplay.svelte b/packages/client/src/components/PeekScreenDisplay.svelte
new file mode 100644
index 0000000000..6d6e8c39c7
--- /dev/null
+++ b/packages/client/src/components/PeekScreenDisplay.svelte
@@ -0,0 +1,120 @@
+<script>
+  import {
+    peekStore,
+    dataSourceStore,
+    notificationStore,
+    routeStore,
+  } from "../store"
+  import { Modal, ModalContent, ActionButton } from "@budibase/bbui"
+  import { onDestroy } from "svelte"
+
+  let iframe
+  let listenersAttached = false
+
+  const invalidateDataSource = event => {
+    const { dataSourceId } = event.detail
+    dataSourceStore.actions.invalidateDataSource(dataSourceId)
+  }
+
+  const proxyNotification = event => {
+    const { message, type, icon } = event.detail
+    notificationStore.actions.send(message, type, icon)
+  }
+
+  const attachListeners = () => {
+    // Mirror datasource invalidation to keep the parent window up to date
+    iframe.contentWindow.addEventListener(
+      "invalidate-datasource",
+      invalidateDataSource
+    )
+    // Listen for a close event to close the screen peek
+    iframe.contentWindow.addEventListener(
+      "close-screen-modal",
+      peekStore.actions.hidePeek
+    )
+    // Proxy notifications back to the parent window instead of iframe
+    iframe.contentWindow.addEventListener("notification", proxyNotification)
+  }
+
+  const handleCancel = () => {
+    peekStore.actions.hidePeek()
+    iframe.contentWindow.removeEventListener(
+      "invalidate-datasource",
+      invalidateDataSource
+    )
+    iframe.contentWindow.removeEventListener(
+      "close-screen-modal",
+      peekStore.actions.hidePeek
+    )
+    iframe.contentWindow.removeEventListener("notification", proxyNotification)
+  }
+
+  const handleFullscreen = () => {
+    if ($peekStore.external) {
+      window.location = $peekStore.href
+    } else {
+      routeStore.actions.navigate($peekStore.url)
+      handleCancel()
+    }
+  }
+
+  $: {
+    if (iframe && !listenersAttached) {
+      attachListeners()
+      listenersAttached = true
+    } else if (!iframe) {
+      listenersAttached = false
+    }
+  }
+
+  onDestroy(() => {
+    if (iframe) {
+      handleCancel()
+    }
+  })
+</script>
+
+{#if $peekStore.showPeek}
+  <Modal fixed on:cancel={handleCancel}>
+    <div class="actions spectrum--darkest" slot="outside">
+      <ActionButton size="S" quiet icon="OpenIn" on:click={handleFullscreen}>
+        Full screen
+      </ActionButton>
+      <ActionButton size="S" quiet icon="Close" on:click={handleCancel}>
+        Close
+      </ActionButton>
+    </div>
+    <ModalContent
+      showCancelButton={false}
+      showConfirmButton={false}
+      size="L"
+      showDivider={false}
+      showCloseIcon={false}
+    >
+      <iframe title="Peek" bind:this={iframe} src={$peekStore.href} />
+    </ModalContent>
+  </Modal>
+{/if}
+
+<style>
+  iframe {
+    margin: -40px;
+    border: none;
+    width: calc(100% + 80px);
+    height: 640px;
+    max-height: calc(100vh - 120px);
+    transition: width 1s ease, height 1s ease, top 1s ease, left 1s ease;
+    border-radius: var(--spectrum-global-dimension-size-100);
+  }
+
+  .actions {
+    display: flex;
+    flex-direction: row;
+    justify-content: flex-end;
+    align-items: center;
+    position: absolute;
+    top: 0;
+    width: 640px;
+    max-width: 100%;
+  }
+</style>
diff --git a/packages/client/src/components/Router.svelte b/packages/client/src/components/Router.svelte
index f3af2e94a4..5632d812b5 100644
--- a/packages/client/src/components/Router.svelte
+++ b/packages/client/src/components/Router.svelte
@@ -1,6 +1,6 @@
 <script>
   import { setContext, getContext } from "svelte"
-  import Router from "svelte-spa-router"
+  import Router, { querystring } from "svelte-spa-router"
   import { routeStore } from "../store"
   import Screen from "./Screen.svelte"
 
@@ -16,6 +16,18 @@
     id: $routeStore.routeSessionId,
   }
 
+  // Keep query params up to date
+  $: {
+    let queryParams = {}
+    if ($querystring) {
+      const urlSearchParams = new URLSearchParams($querystring)
+      for (const [key, value] of urlSearchParams) {
+        queryParams[key] = value
+      }
+    }
+    routeStore.actions.setQueryParams(queryParams)
+  }
+
   const getRouterConfig = routes => {
     let config = {}
     routes.forEach(route => {
diff --git a/packages/client/src/constants.js b/packages/client/src/constants.js
index e0595c0ce9..7204b8c951 100644
--- a/packages/client/src/constants.js
+++ b/packages/client/src/constants.js
@@ -6,6 +6,7 @@ export const ActionTypes = {
   ValidateForm: "ValidateForm",
   RefreshDatasource: "RefreshDatasource",
   SetDataProviderQuery: "SetDataProviderQuery",
+  ClearForm: "ClearForm",
 }
 
 export const ApiVersion = "1"
diff --git a/packages/client/src/sdk.js b/packages/client/src/sdk.js
index 70b5509a83..32b9441849 100644
--- a/packages/client/src/sdk.js
+++ b/packages/client/src/sdk.js
@@ -15,7 +15,7 @@ import { ActionTypes } from "./constants"
 export default {
   API,
   authStore,
-  notifications: notificationStore,
+  notificationStore,
   routeStore,
   screenStore,
   builderStore,
diff --git a/packages/client/src/store/dataSource.js b/packages/client/src/store/dataSource.js
index 2645c949a2..963548158d 100644
--- a/packages/client/src/store/dataSource.js
+++ b/packages/client/src/store/dataSource.js
@@ -1,5 +1,4 @@
 import { writable, get } from "svelte/store"
-import { notificationStore } from "./notification"
 
 export const createDataSourceStore = () => {
   const store = writable([])
@@ -67,12 +66,17 @@ export const createDataSourceStore = () => {
     const relatedInstances = get(store).filter(instance => {
       return instance.dataSourceId === dataSourceId
     })
-    if (relatedInstances?.length) {
-      notificationStore.blockNotifications(1000)
-    }
     relatedInstances?.forEach(instance => {
       instance.refresh()
     })
+
+    // Emit this as a window event, so parent screens which are iframing us in
+    // can also invalidate the same datasource
+    window.dispatchEvent(
+      new CustomEvent("invalidate-datasource", {
+        detail: { dataSourceId },
+      })
+    )
   }
 
   return {
diff --git a/packages/client/src/store/index.js b/packages/client/src/store/index.js
index 9a6c74e028..43de7bb6da 100644
--- a/packages/client/src/store/index.js
+++ b/packages/client/src/store/index.js
@@ -6,6 +6,7 @@ export { screenStore } from "./screens"
 export { builderStore } from "./builder"
 export { dataSourceStore } from "./dataSource"
 export { confirmationStore } from "./confirmation"
+export { peekStore } from "./peek"
 
 // Context stores are layered and duplicated, so it is not a singleton
 export { createContextStore } from "./context"
diff --git a/packages/client/src/store/notification.js b/packages/client/src/store/notification.js
index 6c40ca275f..e3af9aacd1 100644
--- a/packages/client/src/store/notification.js
+++ b/packages/client/src/store/notification.js
@@ -1,56 +1,63 @@
-import { writable } from "svelte/store"
+import { writable, get } from "svelte/store"
+import { generate } from "shortid"
+import { routeStore } from "./routes"
 
 const NOTIFICATION_TIMEOUT = 3000
 
 const createNotificationStore = () => {
-  const timeoutIds = new Set()
-  const _notifications = writable([], () => {
+  let timeout
+  let block = false
+
+  const store = writable(null, () => {
     return () => {
-      // clear all the timers
-      timeoutIds.forEach(timeoutId => {
-        clearTimeout(timeoutId)
-      })
-      _notifications.set([])
+      clearTimeout(timeout)
     }
   })
-  let block = false
 
   const blockNotifications = (timeout = 1000) => {
     block = true
     setTimeout(() => (block = false), timeout)
   }
 
-  const send = (message, type = "default") => {
+  const send = (message, type = "info", icon) => {
     if (block) {
       return
     }
-    let _id = id()
-    _notifications.update(state => {
-      return [...state, { id: _id, type, message }]
-    })
-    const timeoutId = setTimeout(() => {
-      _notifications.update(state => {
-        return state.filter(({ id }) => id !== _id)
-      })
-    }, NOTIFICATION_TIMEOUT)
-    timeoutIds.add(timeoutId)
-  }
 
-  const { subscribe } = _notifications
+    // If peeking, pass notifications back to parent window
+    if (get(routeStore).queryParams?.peek) {
+      window.dispatchEvent(
+        new CustomEvent("notification", {
+          detail: { message, type, icon },
+        })
+      )
+      return
+    }
+
+    store.set({
+      id: generate(),
+      type,
+      message,
+      icon,
+      delay: get(store) != null,
+    })
+    clearTimeout(timeout)
+    timeout = setTimeout(() => {
+      store.set(null)
+    }, NOTIFICATION_TIMEOUT)
+  }
 
   return {
-    subscribe,
-    send,
-    danger: msg => send(msg, "danger"),
-    warning: msg => send(msg, "warning"),
-    info: msg => send(msg, "info"),
-    success: msg => send(msg, "success"),
-    blockNotifications,
+    subscribe: store.subscribe,
+    actions: {
+      send,
+      info: msg => send(msg, "info", "Info"),
+      success: msg => send(msg, "success", "CheckmarkCircle"),
+      warning: msg => send(msg, "warning", "Alert"),
+      error: msg => send(msg, "error", "Alert"),
+      blockNotifications,
+    },
   }
 }
 
-function id() {
-  return "_" + Math.random().toString(36).substr(2, 9)
-}
-
 export const notificationStore = createNotificationStore()
diff --git a/packages/client/src/store/peek.js b/packages/client/src/store/peek.js
new file mode 100644
index 0000000000..df41f5daff
--- /dev/null
+++ b/packages/client/src/store/peek.js
@@ -0,0 +1,36 @@
+import { writable } from "svelte/store"
+
+const initialState = {
+  showPeek: false,
+  url: null,
+  href: null,
+  external: false,
+}
+
+const createPeekStore = () => {
+  const store = writable(initialState)
+
+  const showPeek = url => {
+    let href = url
+    let external = !url.startsWith("/")
+    if (!external) {
+      href = `${window.location.href.split("#")[0]}#${url}?peek=true`
+    }
+    store.set({
+      showPeek: true,
+      url,
+      href,
+      external,
+    })
+  }
+  const hidePeek = () => {
+    store.set(initialState)
+  }
+
+  return {
+    subscribe: store.subscribe,
+    actions: { showPeek, hidePeek },
+  }
+}
+
+export const peekStore = createPeekStore()
diff --git a/packages/client/src/store/routes.js b/packages/client/src/store/routes.js
index d0e848b68e..e6473fb40c 100644
--- a/packages/client/src/store/routes.js
+++ b/packages/client/src/store/routes.js
@@ -9,6 +9,7 @@ const createRouteStore = () => {
     activeRoute: null,
     routeSessionId: Math.random(),
     routerLoaded: false,
+    queryParams: {},
   }
   const store = writable(initialState)
 
@@ -41,6 +42,17 @@ const createRouteStore = () => {
       return state
     })
   }
+  const setQueryParams = queryParams => {
+    store.update(state => {
+      state.queryParams = {
+        ...queryParams,
+        // Never unset the peek param - screen peek modals should always be
+        // in a peek state, even if they navigate to a different page
+        peek: queryParams.peek || state.queryParams?.peek,
+      }
+      return state
+    })
+  }
   const setActiveRoute = route => {
     store.update(state => {
       state.activeRoute = state.routes.find(x => x.path === route)
@@ -58,6 +70,7 @@ const createRouteStore = () => {
       fetchRoutes,
       navigate,
       setRouteParams,
+      setQueryParams,
       setActiveRoute,
       setRouterLoaded,
     },
diff --git a/packages/client/src/utils/buttonActions.js b/packages/client/src/utils/buttonActions.js
index 98ba9dc214..408b35a705 100644
--- a/packages/client/src/utils/buttonActions.js
+++ b/packages/client/src/utils/buttonActions.js
@@ -4,6 +4,7 @@ import {
   builderStore,
   confirmationStore,
   authStore,
+  peekStore,
 } from "../store"
 import { saveRow, deleteRow, executeQuery, triggerAutomation } from "../api"
 import { ActionTypes } from "../constants"
@@ -39,13 +40,17 @@ const triggerAutomationHandler = async action => {
 }
 
 const navigationHandler = action => {
-  const { url } = action.parameters
+  const { url, peek } = action.parameters
   if (url) {
-    const external = !url.startsWith("/")
-    if (external) {
-      window.location.href = url
+    if (peek) {
+      peekStore.actions.showPeek(url)
     } else {
-      routeStore.actions.navigate(action.parameters.url)
+      const external = !url.startsWith("/")
+      if (external) {
+        window.location.href = url
+      } else {
+        routeStore.actions.navigate(action.parameters.url)
+      }
     }
   }
 }
@@ -86,6 +91,20 @@ const logoutHandler = async () => {
   await authStore.actions.logOut()
 }
 
+const clearFormHandler = async (action, context) => {
+  return await executeActionHandler(
+    context,
+    action.parameters.componentId,
+    ActionTypes.ClearForm
+  )
+}
+
+const closeScreenModalHandler = () => {
+  // Emit this as a window event, so parent screens which are iframing us in
+  // can close the modal
+  window.dispatchEvent(new Event("close-screen-modal"))
+}
+
 const handlerMap = {
   ["Save Row"]: saveRowHandler,
   ["Delete Row"]: deleteRowHandler,
@@ -95,6 +114,8 @@ const handlerMap = {
   ["Validate Form"]: validateFormHandler,
   ["Refresh Datasource"]: refreshDatasourceHandler,
   ["Log Out"]: logoutHandler,
+  ["Clear Form"]: clearFormHandler,
+  ["Close Screen Modal"]: closeScreenModalHandler,
 }
 
 const confirmTextMap = {
diff --git a/packages/server/.gitignore b/packages/server/.gitignore
index e8589f631d..48207e3dd4 100644
--- a/packages/server/.gitignore
+++ b/packages/server/.gitignore
@@ -7,3 +7,4 @@ public/
 db/dev.db/
 dist
 coverage/
+watchtower-hook.json
\ No newline at end of file
diff --git a/packages/server/Dockerfile b/packages/server/Dockerfile
index 253bcb339d..b2e4efadb9 100644
--- a/packages/server/Dockerfile
+++ b/packages/server/Dockerfile
@@ -1,5 +1,10 @@
 FROM node:12-alpine
 
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-check="scripts/watchtower-hooks/pre-check.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-update="scripts/watchtower-hooks/pre-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-update="scripts/watchtower-hooks/post-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-check="scripts/watchtower-hooks/post-check.sh"
+
 WORKDIR /app
 
 ENV PORT=4001
diff --git a/packages/server/__mocks__/mongodb.ts b/packages/server/__mocks__/mongodb.ts
index d7d8f852c1..06eefefea6 100644
--- a/packages/server/__mocks__/mongodb.ts
+++ b/packages/server/__mocks__/mongodb.ts
@@ -5,11 +5,26 @@ module MongoMock {
     this.connect = jest.fn()
     this.close = jest.fn()
     this.insertOne = jest.fn()
+    this.insertMany = jest.fn(() => ({toArray: () => []}))
     this.find = jest.fn(() => ({toArray: () => []}))
+    this.findOne = jest.fn()
+    this.count = jest.fn()
+    this.deleteOne = jest.fn()
+    this.deleteMany = jest.fn(() => ({toArray: () => []}))
+    this.updateOne = jest.fn()
+    this.updateMany = jest.fn(() => ({toArray: () => []}))
+
 
     this.collection = jest.fn(() => ({
       insertOne: this.insertOne,
       find: this.find,
+      insertMany: this.insertMany,
+      findOne: this.findOne,
+      count: this.count,
+      deleteOne: this.deleteOne,
+      deleteMany: this.deleteMany,
+      updateOne: this.updateOne,
+      updateMany: this.updateMany,
     }))
 
     this.db = () => ({
diff --git a/packages/server/__mocks__/node-fetch.ts b/packages/server/__mocks__/node-fetch.ts
index eaac412854..dfb839fe85 100644
--- a/packages/server/__mocks__/node-fetch.ts
+++ b/packages/server/__mocks__/node-fetch.ts
@@ -16,7 +16,7 @@ module FetchMock {
       }
     }
 
-    if (url.includes("/api/admin")) {
+    if (url.includes("/api/global")) {
       return json({
         email: "test@test.com",
         _id: "us_test@test.com",
diff --git a/packages/server/package.json b/packages/server/package.json
index 75b305f68e..270f6d4cad 100644
--- a/packages/server/package.json
+++ b/packages/server/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@budibase/server",
   "email": "hi@budibase.com",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "description": "Budibase Web Server",
   "main": "src/index.js",
   "repository": {
@@ -23,7 +23,9 @@
     "format": "prettier --config ../../.prettierrc.json 'src/**/*.ts' --write",
     "lint": "eslint --fix src/",
     "lint:fix": "yarn run format && yarn run lint",
-    "initialise": "node scripts/initialise.js"
+    "initialise": "node scripts/initialise.js",
+    "multi:enable": "node scripts/multiTenancy.js enable",
+    "multi:disable": "node scripts/multiTenancy.js disable"
   },
   "jest": {
     "preset": "ts-jest",
@@ -60,9 +62,9 @@
   "author": "Budibase",
   "license": "AGPL-3.0-or-later",
   "dependencies": {
-    "@budibase/auth": "^0.9.82",
-    "@budibase/client": "^0.9.82",
-    "@budibase/string-templates": "^0.9.82",
+    "@budibase/auth": "^0.9.99-alpha.6",
+    "@budibase/client": "^0.9.99-alpha.6",
+    "@budibase/string-templates": "^0.9.99-alpha.6",
     "@elastic/elasticsearch": "7.10.0",
     "@koa/router": "8.0.0",
     "@sendgrid/mail": "7.1.1",
@@ -115,7 +117,7 @@
   "devDependencies": {
     "@babel/core": "^7.14.3",
     "@babel/preset-env": "^7.14.4",
-    "@budibase/standard-components": "^0.9.82",
+    "@budibase/standard-components": "^0.9.99-alpha.6",
     "@jest/test-sequencer": "^24.8.0",
     "@types/bull": "^3.15.1",
     "@types/jest": "^26.0.23",
@@ -136,7 +138,8 @@
     "supertest": "^4.0.2",
     "ts-jest": "^27.0.3",
     "ts-node": "^10.0.0",
-    "typescript": "^4.3.4"
+    "typescript": "^4.3.4",
+    "update-dotenv": "^1.1.1"
   },
   "gitHead": "d1836a898cab3f8ab80ee6d8f42be1a9eed7dcdc"
 }
diff --git a/packages/server/scripts/dev/manage.js b/packages/server/scripts/dev/manage.js
index ffd8c6b9e3..e0801bc9df 100644
--- a/packages/server/scripts/dev/manage.js
+++ b/packages/server/scripts/dev/manage.js
@@ -33,26 +33,29 @@ async function init() {
   fs.writeFileSync(envoyOutputPath, processStringSync(contents, config))
 
   const envFilePath = path.join(process.cwd(), ".env")
-  const envFileJson = {
-    PORT: 4001,
-    MINIO_URL: "http://localhost:10000/",
-    COUCH_DB_URL: "http://budibase:budibase@localhost:10000/db/",
-    REDIS_URL: "localhost:6379",
-    WORKER_URL: "http://localhost:4002",
-    INTERNAL_API_KEY: "budibase",
-    JWT_SECRET: "testsecret",
-    REDIS_PASSWORD: "budibase",
-    MINIO_ACCESS_KEY: "budibase",
-    MINIO_SECRET_KEY: "budibase",
-    COUCH_DB_PASSWORD: "budibase",
-    COUCH_DB_USER: "budibase",
-    SELF_HOSTED: 1,
+  if (!fs.existsSync(envFilePath)) {
+    const envFileJson = {
+      PORT: 4001,
+      MINIO_URL: "http://localhost:10000/",
+      COUCH_DB_URL: "http://budibase:budibase@localhost:10000/db/",
+      REDIS_URL: "localhost:6379",
+      WORKER_URL: "http://localhost:4002",
+      INTERNAL_API_KEY: "budibase",
+      JWT_SECRET: "testsecret",
+      REDIS_PASSWORD: "budibase",
+      MINIO_ACCESS_KEY: "budibase",
+      MINIO_SECRET_KEY: "budibase",
+      COUCH_DB_PASSWORD: "budibase",
+      COUCH_DB_USER: "budibase",
+      SELF_HOSTED: 1,
+      MULTI_TENANCY: "",
+    }
+    let envFile = ""
+    Object.keys(envFileJson).forEach(key => {
+      envFile += `${key}=${envFileJson[key]}\n`
+    })
+    fs.writeFileSync(envFilePath, envFile)
   }
-  let envFile = ""
-  Object.keys(envFileJson).forEach(key => {
-    envFile += `${key}=${envFileJson[key]}\n`
-  })
-  fs.writeFileSync(envFilePath, envFile)
 }
 
 async function up() {
diff --git a/packages/server/scripts/integrations/postgres/init.sql b/packages/server/scripts/integrations/postgres/init.sql
index 5a99520c1e..cc2fc734f8 100644
--- a/packages/server/scripts/integrations/postgres/init.sql
+++ b/packages/server/scripts/integrations/postgres/init.sql
@@ -10,10 +10,11 @@ CREATE TABLE Persons (
 CREATE TABLE Tasks (
     TaskID SERIAL PRIMARY KEY,
     PersonID INT,
+    Completed BOOLEAN,
     TaskName varchar(255),
     CONSTRAINT fkPersons
         FOREIGN KEY(PersonID)
-	    REFERENCES Persons(PersonID)
+            REFERENCES Persons(PersonID)
 );
 CREATE TABLE Products (
     ProductID SERIAL PRIMARY KEY,
@@ -24,15 +25,15 @@ CREATE TABLE Products_Tasks (
     TaskID INT NOT NULL,
     CONSTRAINT fkProducts
         FOREIGN KEY(ProductID)
-	    REFERENCES Products(ProductID),
+            REFERENCES Products(ProductID),
     CONSTRAINT fkTasks
         FOREIGN KEY(TaskID)
-	    REFERENCES Tasks(TaskID),
+            REFERENCES Tasks(TaskID),
     PRIMARY KEY (ProductID, TaskID)
 );
 INSERT INTO Persons (FirstName, LastName, Address, City) VALUES ('Mike', 'Hughes', '123 Fake Street', 'Belfast');
-INSERT INTO Tasks (PersonID, TaskName) VALUES (1, 'assembling');
-INSERT INTO Tasks (PersonID, TaskName) VALUES (1, 'processing');
+INSERT INTO Tasks (PersonID, TaskName, Completed) VALUES (1, 'assembling', TRUE);
+INSERT INTO Tasks (PersonID, TaskName, Completed) VALUES (1, 'processing', FALSE);
 INSERT INTO Products (ProductName) VALUES ('Computers');
 INSERT INTO Products (ProductName) VALUES ('Laptops');
 INSERT INTO Products (ProductName) VALUES ('Chairs');
diff --git a/packages/server/scripts/multiTenancy.js b/packages/server/scripts/multiTenancy.js
new file mode 100644
index 0000000000..89ee7398f3
--- /dev/null
+++ b/packages/server/scripts/multiTenancy.js
@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+const updateDotEnv = require("update-dotenv")
+
+const arg = process.argv.slice(2)[0]
+
+updateDotEnv({
+  MULTI_TENANCY: arg === "enable" ? "1" : "",
+}).then(() => console.log("Updated server!"))
diff --git a/packages/server/scripts/watchtower-hooks/post-check.sh b/packages/server/scripts/watchtower-hooks/post-check.sh
new file mode 100755
index 0000000000..df95917d98
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/post-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/scripts/watchtower-hooks/post-update.sh b/packages/server/scripts/watchtower-hooks/post-update.sh
new file mode 100755
index 0000000000..fe57719781
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/post-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/scripts/watchtower-hooks/pre-check.sh b/packages/server/scripts/watchtower-hooks/pre-check.sh
new file mode 100755
index 0000000000..ffaa41ad5f
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/pre-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/scripts/watchtower-hooks/pre-update.sh b/packages/server/scripts/watchtower-hooks/pre-update.sh
new file mode 100755
index 0000000000..4584d96fc9
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/pre-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/src/api/controllers/apikeys.js b/packages/server/src/api/controllers/apikeys.js
index 55422ee603..9b1ddee4c4 100644
--- a/packages/server/src/api/controllers/apikeys.js
+++ b/packages/server/src/api/controllers/apikeys.js
@@ -1,8 +1,30 @@
-const builderDB = require("../../db/builder")
+const { StaticDatabases } = require("@budibase/auth/db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
+
+const KEYS_DOC = StaticDatabases.GLOBAL.docs.apiKeys
+
+async function getBuilderMainDoc() {
+  const db = getGlobalDB()
+  try {
+    return await db.get(KEYS_DOC)
+  } catch (err) {
+    // doesn't exist yet, nothing to get
+    return {
+      _id: KEYS_DOC,
+    }
+  }
+}
+
+async function setBuilderMainDoc(doc) {
+  // make sure to override the ID
+  doc._id = KEYS_DOC
+  const db = getGlobalDB()
+  return db.put(doc)
+}
 
 exports.fetch = async function (ctx) {
   try {
-    const mainDoc = await builderDB.getBuilderMainDoc()
+    const mainDoc = await getBuilderMainDoc()
     ctx.body = mainDoc.apiKeys ? mainDoc.apiKeys : {}
   } catch (err) {
     /* istanbul ignore next */
@@ -15,12 +37,12 @@ exports.update = async function (ctx) {
   const value = ctx.request.body.value
 
   try {
-    const mainDoc = await builderDB.getBuilderMainDoc()
+    const mainDoc = await getBuilderMainDoc()
     if (mainDoc.apiKeys == null) {
       mainDoc.apiKeys = {}
     }
     mainDoc.apiKeys[key] = value
-    const resp = await builderDB.setBuilderMainDoc(mainDoc)
+    const resp = await setBuilderMainDoc(mainDoc)
     ctx.body = {
       _id: resp.id,
       _rev: resp.rev,
diff --git a/packages/server/src/api/controllers/application.js b/packages/server/src/api/controllers/application.js
index a2e254461a..d0de611d74 100644
--- a/packages/server/src/api/controllers/application.js
+++ b/packages/server/src/api/controllers/application.js
@@ -25,7 +25,7 @@ const { BASE_LAYOUTS } = require("../../constants/layouts")
 const { createHomeScreen } = require("../../constants/screens")
 const { cloneDeep } = require("lodash/fp")
 const { processObject } = require("@budibase/string-templates")
-const { getAllApps } = require("../../utilities")
+const { getAllApps } = require("@budibase/auth/db")
 const { USERS_TABLE_SCHEMA } = require("../../constants")
 const {
   getDeployedApps,
@@ -38,6 +38,7 @@ const {
   backupClientLibrary,
   revertClientLibrary,
 } = require("../../utilities/fileSystem/clientLibrary")
+const { getTenantId, isMultiTenant } = require("@budibase/auth/tenancy")
 
 const URL_REGEX_SLASH = /\/|\\/g
 
@@ -93,7 +94,8 @@ async function getAppUrlIfNotInUse(ctx) {
 }
 
 async function createInstance(template) {
-  const baseAppId = generateAppID()
+  const tenantId = isMultiTenant() ? getTenantId() : null
+  const baseAppId = generateAppID(tenantId)
   const appId = generateDevAppID(baseAppId)
 
   const db = new CouchDB(appId)
@@ -128,7 +130,7 @@ async function createInstance(template) {
 exports.fetch = async function (ctx) {
   const dev = ctx.query && ctx.query.status === AppStatus.DEV
   const all = ctx.query && ctx.query.status === AppStatus.ALL
-  const apps = await getAllApps({ CouchDB, dev, all })
+  const apps = await getAllApps(CouchDB, { dev, all })
 
   // get the locks for all the dev apps
   if (dev || all) {
@@ -220,10 +222,12 @@ exports.create = async function (ctx) {
     url: url,
     template: ctx.request.body.template,
     instance: instance,
+    tenantId: getTenantId(),
     updatedAt: new Date().toISOString(),
     createdAt: new Date().toISOString(),
   }
-  await db.put(newApplication, { force: true })
+  const response = await db.put(newApplication, { force: true })
+  newApplication._rev = response.rev
 
   await createEmptyAppPackage(ctx, newApplication)
   /* istanbul ignore next */
@@ -295,7 +299,7 @@ exports.delete = async function (ctx) {
     await deleteApp(ctx.params.appId)
   }
   // make sure the app/role doesn't stick around after the app has been deleted
-  await removeAppFromUserRoles(ctx.params.appId)
+  await removeAppFromUserRoles(ctx, ctx.params.appId)
 
   ctx.status = 200
   ctx.body = result
diff --git a/packages/server/src/api/controllers/auth.js b/packages/server/src/api/controllers/auth.js
index da863f5493..5078218fc7 100644
--- a/packages/server/src/api/controllers/auth.js
+++ b/packages/server/src/api/controllers/auth.js
@@ -22,7 +22,7 @@ exports.fetchSelf = async ctx => {
       const userTable = await db.get(InternalTables.USER_METADATA)
       const metadata = await db.get(userId)
       // specifically needs to make sure is enriched
-      ctx.body = await outputProcessing(appId, userTable, {
+      ctx.body = await outputProcessing(ctx, userTable, {
         ...user,
         ...metadata,
       })
diff --git a/packages/server/src/api/controllers/deploy/index.js b/packages/server/src/api/controllers/deploy/index.js
index f5db81e6e8..4608ca6342 100644
--- a/packages/server/src/api/controllers/deploy/index.js
+++ b/packages/server/src/api/controllers/deploy/index.js
@@ -1,6 +1,6 @@
-const PouchDB = require("../../../db")
+const CouchDB = require("../../../db")
 const Deployment = require("./Deployment")
-const { Replication, StaticDatabases } = require("@budibase/auth/db")
+const { Replication } = require("@budibase/auth/db")
 const { DocumentTypes } = require("../../../db/utils")
 
 // the max time we can wait for an invalidation to complete before considering it failed
@@ -31,13 +31,14 @@ async function checkAllDeployments(deployments) {
 async function storeDeploymentHistory(deployment) {
   const appId = deployment.getAppId()
   const deploymentJSON = deployment.getJSON()
-  const db = new PouchDB(StaticDatabases.DEPLOYMENTS.name)
+  const db = new CouchDB(appId)
 
   let deploymentDoc
   try {
-    deploymentDoc = await db.get(appId)
+    // theres only one deployment doc per app database
+    deploymentDoc = await db.get(DocumentTypes.DEPLOYMENTS)
   } catch (err) {
-    deploymentDoc = { _id: appId, history: {} }
+    deploymentDoc = { _id: DocumentTypes.DEPLOYMENTS, history: {} }
   }
 
   const deploymentId = deploymentJSON._id
@@ -67,7 +68,7 @@ async function deployApp(deployment) {
     })
 
     await replication.replicate()
-    const db = new PouchDB(productionAppId)
+    const db = new CouchDB(productionAppId)
     const appDoc = await db.get(DocumentTypes.APP_METADATA)
     appDoc.appId = productionAppId
     appDoc.instance._id = productionAppId
@@ -98,8 +99,9 @@ async function deployApp(deployment) {
 
 exports.fetchDeployments = async function (ctx) {
   try {
-    const db = new PouchDB(StaticDatabases.DEPLOYMENTS.name)
-    const deploymentDoc = await db.get(ctx.appId)
+    const appId = ctx.appId
+    const db = new CouchDB(appId)
+    const deploymentDoc = await db.get(DocumentTypes.DEPLOYMENTS)
     const { updated, deployments } = await checkAllDeployments(
       deploymentDoc,
       ctx.user
@@ -115,8 +117,9 @@ exports.fetchDeployments = async function (ctx) {
 
 exports.deploymentProgress = async function (ctx) {
   try {
-    const db = new PouchDB(StaticDatabases.DEPLOYMENTS.name)
-    const deploymentDoc = await db.get(ctx.appId)
+    const appId = ctx.appId
+    const db = new CouchDB(appId)
+    const deploymentDoc = await db.get(DocumentTypes.DEPLOYMENTS)
     ctx.body = deploymentDoc[ctx.params.deploymentId]
   } catch (err) {
     ctx.throw(
diff --git a/packages/server/src/api/controllers/dev.js b/packages/server/src/api/controllers/dev.js
index 6dcd5727fb..d75c4032d7 100644
--- a/packages/server/src/api/controllers/dev.js
+++ b/packages/server/src/api/controllers/dev.js
@@ -9,8 +9,9 @@ const { DocumentTypes } = require("../../db/utils")
 
 async function redirect(ctx, method) {
   const { devPath } = ctx.params
+  const queryString = ctx.originalUrl.split("?")[1] || ""
   const response = await fetch(
-    checkSlashesInUrl(`${env.WORKER_URL}/api/admin/${devPath}`),
+    checkSlashesInUrl(`${env.WORKER_URL}/api/global/${devPath}?${queryString}`),
     request(
       ctx,
       {
diff --git a/packages/server/src/api/controllers/row/ExternalRequest.ts b/packages/server/src/api/controllers/row/ExternalRequest.ts
index c5fad441bf..92a3838f51 100644
--- a/packages/server/src/api/controllers/row/ExternalRequest.ts
+++ b/packages/server/src/api/controllers/row/ExternalRequest.ts
@@ -165,6 +165,10 @@ module External {
         if (!row[key] || newRow[key] || field.autocolumn) {
           continue
         }
+        // parse floats/numbers
+        if (field.type === FieldTypes.NUMBER && !isNaN(parseFloat(row[key]))) {
+          newRow[key] = parseFloat(row[key])
+        }
         // if its not a link then just copy it over
         if (field.type !== FieldTypes.LINK) {
           newRow[key] = row[key]
diff --git a/packages/server/src/api/controllers/row/internal.js b/packages/server/src/api/controllers/row/internal.js
index 25ebb5375b..28c88c1eac 100644
--- a/packages/server/src/api/controllers/row/internal.js
+++ b/packages/server/src/api/controllers/row/internal.js
@@ -161,7 +161,7 @@ exports.fetchView = async ctx => {
         schema: {},
       }
     }
-    rows = await outputProcessing(appId, table, response.rows)
+    rows = await outputProcessing(ctx, table, response.rows)
   }
 
   if (calculation === CALCULATION_TYPES.STATS) {
@@ -204,7 +204,7 @@ exports.fetch = async ctx => {
     )
     rows = response.rows.map(row => row.doc)
   }
-  return outputProcessing(appId, table, rows)
+  return outputProcessing(ctx, table, rows)
 }
 
 exports.find = async ctx => {
@@ -212,7 +212,7 @@ exports.find = async ctx => {
   const db = new CouchDB(appId)
   const table = await db.get(ctx.params.tableId)
   let row = await findRow(ctx, db, ctx.params.tableId, ctx.params.rowId)
-  row = await outputProcessing(appId, table, row)
+  row = await outputProcessing(ctx, table, row)
   return row
 }
 
@@ -291,7 +291,7 @@ exports.search = async ctx => {
   // Enrich search results with relationships
   if (response.rows && response.rows.length) {
     const table = await db.get(tableId)
-    response.rows = await outputProcessing(appId, table, response.rows)
+    response.rows = await outputProcessing(ctx, table, response.rows)
   }
 
   return response
@@ -328,7 +328,7 @@ exports.fetchEnrichedRow = async ctx => {
   })
   // need to include the IDs in these rows for any links they may have
   let linkedRows = await outputProcessing(
-    appId,
+    ctx,
     table,
     response.rows.map(row => row.doc)
   )
diff --git a/packages/server/src/api/controllers/user.js b/packages/server/src/api/controllers/user.js
index 6778f983c2..935ead38b6 100644
--- a/packages/server/src/api/controllers/user.js
+++ b/packages/server/src/api/controllers/user.js
@@ -17,7 +17,7 @@ function removeGlobalProps(user) {
 
 exports.fetchMetadata = async function (ctx) {
   const database = new CouchDB(ctx.appId)
-  const global = await getGlobalUsers(ctx.appId)
+  const global = await getGlobalUsers(ctx, ctx.appId)
   const metadata = (
     await database.allDocs(
       getUserMetadataParams(null, {
diff --git a/packages/server/src/api/index.js b/packages/server/src/api/index.js
index 6c4188a5dc..81601eea1a 100644
--- a/packages/server/src/api/index.js
+++ b/packages/server/src/api/index.js
@@ -1,5 +1,6 @@
 const Router = require("@koa/router")
-const { buildAuthMiddleware, auditLog } = require("@budibase/auth").auth
+const { buildAuthMiddleware, auditLog, buildTenancyMiddleware } =
+  require("@budibase/auth").auth
 const currentApp = require("../middleware/currentapp")
 const compress = require("koa-compress")
 const zlib = require("zlib")
@@ -9,6 +10,13 @@ const env = require("../environment")
 
 const router = new Router()
 
+const NO_TENANCY_ENDPOINTS = [
+  {
+    route: "/api/analytics",
+    method: "GET",
+  },
+]
+
 router
   .use(
     compress({
@@ -36,6 +44,8 @@ router
       publicAllowed: true,
     })
   )
+  // nothing in the server should allow query string tenants
+  .use(buildTenancyMiddleware(null, NO_TENANCY_ENDPOINTS))
   .use(currentApp)
   .use(auditLog)
 
diff --git a/packages/server/src/api/routes/application.js b/packages/server/src/api/routes/application.js
index c2eb19e101..c1d39acbd5 100644
--- a/packages/server/src/api/routes/application.js
+++ b/packages/server/src/api/routes/application.js
@@ -6,11 +6,11 @@ const { BUILDER } = require("@budibase/auth/permissions")
 const router = Router()
 
 router
+  .post("/api/applications", authorized(BUILDER), controller.create)
   .get("/api/applications/:appId/definition", controller.fetchAppDefinition)
   .get("/api/applications", controller.fetch)
   .get("/api/applications/:appId/appPackage", controller.fetchAppPackage)
   .put("/api/applications/:appId", authorized(BUILDER), controller.update)
-  .post("/api/applications", authorized(BUILDER), controller.create)
   .post(
     "/api/applications/:appId/client/update",
     authorized(BUILDER),
diff --git a/packages/server/src/api/routes/dev.js b/packages/server/src/api/routes/dev.js
index cd4c6e8fde..7612d332dd 100644
--- a/packages/server/src/api/routes/dev.js
+++ b/packages/server/src/api/routes/dev.js
@@ -8,9 +8,9 @@ const router = Router()
 
 if (env.isDev() || env.isTest()) {
   router
-    .get("/api/admin/:devPath(.*)", controller.redirectGet)
-    .post("/api/admin/:devPath(.*)", controller.redirectPost)
-    .delete("/api/admin/:devPath(.*)", controller.redirectDelete)
+    .get("/api/global/:devPath(.*)", controller.redirectGet)
+    .post("/api/global/:devPath(.*)", controller.redirectPost)
+    .delete("/api/global/:devPath(.*)", controller.redirectDelete)
 }
 
 router
diff --git a/packages/server/src/api/routes/hosting.js b/packages/server/src/api/routes/hosting.js
index 0ebb4bb0e4..29e229f843 100644
--- a/packages/server/src/api/routes/hosting.js
+++ b/packages/server/src/api/routes/hosting.js
@@ -1,7 +1,6 @@
 const Router = require("@koa/router")
 const controller = require("../controllers/hosting")
 const authorized = require("../../middleware/authorized")
-const selfhost = require("../../middleware/selfhost")
 const { BUILDER } = require("@budibase/auth/permissions")
 
 const router = Router()
@@ -9,6 +8,6 @@ const router = Router()
 router
   .get("/api/hosting/urls", authorized(BUILDER), controller.fetchUrls)
   // this isn't risky, doesn't return anything about apps other than names and URLs
-  .get("/api/hosting/apps", selfhost, controller.getDeployedApps)
+  .get("/api/hosting/apps", controller.getDeployedApps)
 
 module.exports = router
diff --git a/packages/server/src/api/routes/query.js b/packages/server/src/api/routes/query.js
index dd307c9444..2bbadcb40a 100644
--- a/packages/server/src/api/routes/query.js
+++ b/packages/server/src/api/routes/query.js
@@ -30,6 +30,7 @@ function generateQueryValidation() {
       default: Joi.string().allow(""),
     })),
     queryVerb: Joi.string().allow().required(),
+    extra: Joi.object().optional(),
     schema: Joi.object({}).required().unknown(true)
   }))
 }
@@ -39,6 +40,7 @@ function generateQueryPreviewValidation() {
   return joiValidator.body(Joi.object({
     fields: Joi.object().required(),
     queryVerb: Joi.string().allow().required(),
+    extra: Joi.object().optional(),
     datasourceId: Joi.string().required(),
     parameters: Joi.object({}).required().unknown(true)
   }))
diff --git a/packages/server/src/api/routes/tests/row.spec.js b/packages/server/src/api/routes/tests/row.spec.js
index 9515384608..d089d7775d 100644
--- a/packages/server/src/api/routes/tests/row.spec.js
+++ b/packages/server/src/api/routes/tests/row.spec.js
@@ -387,7 +387,7 @@ describe("/rows", () => {
       })
       // the environment needs configured for this
       await setup.switchToSelfHosted(async () => {
-        const enriched = await outputProcessing(config.getAppId(), table, [row])
+        const enriched = await outputProcessing({ appId: config.getAppId() }, table, [row])
         expect(enriched[0].attachment[0].url).toBe(
           `/prod-budi-app-assets/${config.getAppId()}/attachments/test/thing.csv`
         )
diff --git a/packages/server/src/api/routes/tests/utilities/TestFunctions.js b/packages/server/src/api/routes/tests/utilities/TestFunctions.js
index 3ba5b4d694..944d2ac527 100644
--- a/packages/server/src/api/routes/tests/utilities/TestFunctions.js
+++ b/packages/server/src/api/routes/tests/utilities/TestFunctions.js
@@ -3,6 +3,7 @@ const appController = require("../../../controllers/application")
 const CouchDB = require("../../../../db")
 const { AppStatus } = require("../../../../db/utils")
 const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
+const { TENANT_ID } = require("../../../../tests/utilities/structures")
 
 function Request(appId, params) {
   this.appId = appId
@@ -16,8 +17,8 @@ exports.getAllTableRows = async config => {
   return req.body
 }
 
-exports.clearAllApps = async () => {
-  const req = { query: { status: AppStatus.DEV } }
+exports.clearAllApps = async (tenantId = TENANT_ID) => {
+  const req = { query: { status: AppStatus.DEV }, user: { tenantId } }
   await appController.fetch(req)
   const apps = req.body
   if (!apps || apps.length <= 0) {
diff --git a/packages/server/src/automations/steps/outgoingWebhook.js b/packages/server/src/automations/steps/outgoingWebhook.js
index 269e075018..c1edde7b4e 100644
--- a/packages/server/src/automations/steps/outgoingWebhook.js
+++ b/packages/server/src/automations/steps/outgoingWebhook.js
@@ -27,6 +27,7 @@ module.exports.definition = {
     requestMethod: "POST",
     url: "http://",
     requestBody: "{}",
+    headers: "{}",
   },
   schema: {
     inputs: {
@@ -45,6 +46,11 @@ module.exports.definition = {
           title: "JSON Body",
           customType: "wide",
         },
+        headers: {
+          type: "string",
+          title: "Headers",
+          customType: "wide",
+        },
       },
       required: ["requestMethod", "url"],
     },
@@ -65,7 +71,7 @@ module.exports.definition = {
 }
 
 module.exports.run = async function ({ inputs }) {
-  let { requestMethod, url, requestBody } = inputs
+  let { requestMethod, url, requestBody, headers } = inputs
   if (!url.startsWith("http")) {
     url = `http://${url}`
   }
@@ -84,6 +90,15 @@ module.exports.run = async function ({ inputs }) {
     request.headers = {
       "Content-Type": "application/json",
     }
+
+    if (headers && headers.length !== 0) {
+      try {
+        const customHeaders = JSON.parse(headers)
+        request.headers = { ...request.headers, ...customHeaders }
+      } catch (err) {
+        console.error(err)
+      }
+    }
   }
 
   try {
diff --git a/packages/server/src/automations/steps/serverLog.js b/packages/server/src/automations/steps/serverLog.js
index c28309c5c8..7389b65f54 100644
--- a/packages/server/src/automations/steps/serverLog.js
+++ b/packages/server/src/automations/steps/serverLog.js
@@ -19,7 +19,7 @@ module.exports.definition = {
       properties: {
         text: {
           type: "string",
-          title: "URL",
+          title: "Log",
         },
       },
       required: ["text"],
diff --git a/packages/server/src/automations/thread.js b/packages/server/src/automations/thread.js
index 7b6d969a98..aada0ca0ca 100644
--- a/packages/server/src/automations/thread.js
+++ b/packages/server/src/automations/thread.js
@@ -3,6 +3,10 @@ const logic = require("./logic")
 const automationUtils = require("./automationUtils")
 const AutomationEmitter = require("../events/AutomationEmitter")
 const { processObject } = require("@budibase/string-templates")
+const { DEFAULT_TENANT_ID } = require("@budibase/auth").constants
+const CouchDB = require("../db")
+const { DocumentTypes } = require("../db/utils")
+const { doInTenant } = require("@budibase/auth/tenancy")
 
 const FILTER_STEP_ID = logic.BUILTIN_DEFINITIONS.FILTER.stepId
 
@@ -16,6 +20,7 @@ class Orchestrator {
     this._metadata = triggerOutput.metadata
     this._chainCount = this._metadata ? this._metadata.automationChainCount : 0
     this._appId = triggerOutput.appId
+    this._app = null
     // remove from context
     delete triggerOutput.appId
     delete triggerOutput.metadata
@@ -40,8 +45,19 @@ class Orchestrator {
     return step
   }
 
+  async getApp() {
+    const appId = this._appId
+    if (this._app) {
+      return this._app
+    }
+    const db = new CouchDB(appId)
+    this._app = await db.get(DocumentTypes.APP_METADATA)
+    return this._app
+  }
+
   async execute() {
     let automation = this._automation
+    const app = await this.getApp()
     for (let step of automation.definition.steps) {
       let stepFn = await this.getStepFunctionality(step.type, step.stepId)
       step.inputs = await processObject(step.inputs, this._context)
@@ -51,12 +67,15 @@ class Orchestrator {
       )
       // appId is always passed
       try {
-        const outputs = await stepFn({
-          inputs: step.inputs,
-          appId: this._appId,
-          apiKey: automation.apiKey,
-          emitter: this._emitter,
-          context: this._context,
+        let tenantId = app.tenantId || DEFAULT_TENANT_ID
+        const outputs = await doInTenant(tenantId, () => {
+          return stepFn({
+            inputs: step.inputs,
+            appId: this._appId,
+            apiKey: automation.apiKey,
+            emitter: this._emitter,
+            context: this._context,
+          })
         })
         if (step.stepId === FILTER_STEP_ID && !outputs.success) {
           break
diff --git a/packages/server/src/db/builder.js b/packages/server/src/db/builder.js
deleted file mode 100644
index d2bbcd404b..0000000000
--- a/packages/server/src/db/builder.js
+++ /dev/null
@@ -1,38 +0,0 @@
-const CouchDB = require("./index")
-const { StaticDatabases } = require("./utils")
-const env = require("../environment")
-
-const SELF_HOST_ERR = "Unable to access builder DB/doc - not self hosted."
-const BUILDER_DB = StaticDatabases.BUILDER
-
-/**
- * This is the builder database, right now this is a single, static database
- * that is present across the whole system and determines some core functionality
- * for the builder (e.g. storage of API keys). This has been limited to self hosting
- * as it doesn't make as much sense against the currently design Cloud system.
- */
-
-exports.getBuilderMainDoc = async () => {
-  if (!env.SELF_HOSTED) {
-    throw SELF_HOST_ERR
-  }
-  const db = new CouchDB(BUILDER_DB.name)
-  try {
-    return await db.get(BUILDER_DB.baseDoc)
-  } catch (err) {
-    // doesn't exist yet, nothing to get
-    return {
-      _id: BUILDER_DB.baseDoc,
-    }
-  }
-}
-
-exports.setBuilderMainDoc = async doc => {
-  if (!env.SELF_HOSTED) {
-    throw SELF_HOST_ERR
-  }
-  // make sure to override the ID
-  doc._id = BUILDER_DB.baseDoc
-  const db = new CouchDB(BUILDER_DB.name)
-  return db.put(doc)
-}
diff --git a/packages/server/src/db/linkedRows/index.js b/packages/server/src/db/linkedRows/index.js
index 754340046d..dece78dcff 100644
--- a/packages/server/src/db/linkedRows/index.js
+++ b/packages/server/src/db/linkedRows/index.js
@@ -60,7 +60,7 @@ async function getLinksForRows(appId, rows) {
   )
 }
 
-async function getFullLinkedDocs(appId, links) {
+async function getFullLinkedDocs(ctx, appId, links) {
   // create DBs
   const db = new CouchDB(appId)
   const linkedRowIds = links.map(link => link.id)
@@ -71,7 +71,7 @@ async function getFullLinkedDocs(appId, links) {
   let [users, other] = partition(linked, linkRow =>
     linkRow._id.startsWith(USER_METDATA_PREFIX)
   )
-  const globalUsers = await getGlobalUsers(appId, users)
+  const globalUsers = await getGlobalUsers(ctx, appId, users)
   users = users.map(user => {
     const globalUser = globalUsers.find(
       globalUser => globalUser && user._id.includes(globalUser._id)
@@ -166,12 +166,13 @@ exports.attachLinkIDs = async (appId, rows) => {
 /**
  * Given a table and a list of rows this will retrieve all of the attached docs and enrich them into the row.
  * This is required for formula fields, this may only be utilised internally (for now).
- * @param {string} appId The app in which the tables/rows/links exist.
+ * @param {object} ctx The request which is looking for rows.
  * @param {object} table The table from which the rows originated.
  * @param {array<object>} rows The rows which are to be enriched.
  * @return {Promise<*>} returns the rows with all of the enriched relationships on it.
  */
-exports.attachFullLinkedDocs = async (appId, table, rows) => {
+exports.attachFullLinkedDocs = async (ctx, table, rows) => {
+  const appId = ctx.appId
   const linkedTableIds = getLinkedTableIDs(table)
   if (linkedTableIds.length === 0) {
     return rows
@@ -182,7 +183,7 @@ exports.attachFullLinkedDocs = async (appId, table, rows) => {
   const links = (await getLinksForRows(appId, rows)).filter(link =>
     rows.some(row => row._id === link.thisId)
   )
-  let linked = await getFullLinkedDocs(appId, links)
+  let linked = await getFullLinkedDocs(ctx, appId, links)
   const linkedTables = []
   for (let row of rows) {
     for (let link of links.filter(link => link.thisId === row._id)) {
diff --git a/packages/server/src/db/utils.js b/packages/server/src/db/utils.js
index 74ddf87176..92734c5e7b 100644
--- a/packages/server/src/db/utils.js
+++ b/packages/server/src/db/utils.js
@@ -34,6 +34,7 @@ const DocumentTypes = {
   DATASOURCE: "datasource",
   DATASOURCE_PLUS: "datasource_plus",
   QUERY: "query",
+  DEPLOYMENTS: "deployments",
 }
 
 const ViewNames = {
@@ -49,13 +50,7 @@ const SearchIndexes = {
   ROWS: "rows",
 }
 
-exports.StaticDatabases = {
-  BUILDER: {
-    name: "builder-db",
-    baseDoc: "builder-doc",
-  },
-  ...StaticDatabases,
-}
+exports.StaticDatabases = StaticDatabases
 
 const BudibaseInternalDB = {
   _id: "bb_internal",
@@ -230,8 +225,12 @@ exports.getLinkParams = (otherProps = {}) => {
  * Generates a new app ID.
  * @returns {string} The new app ID which the app doc can be stored under.
  */
-exports.generateAppID = () => {
-  return `${DocumentTypes.APP}${SEPARATOR}${newid()}`
+exports.generateAppID = (tenantId = null) => {
+  let id = `${DocumentTypes.APP}${SEPARATOR}`
+  if (tenantId) {
+    id += `${tenantId}${SEPARATOR}`
+  }
+  return `${id}${newid()}`
 }
 
 /**
@@ -240,8 +239,8 @@ exports.generateAppID = () => {
  */
 exports.generateDevAppID = appId => {
   const prefix = `${DocumentTypes.APP}${SEPARATOR}`
-  const uuid = appId.split(prefix)[1]
-  return `${DocumentTypes.APP_DEV}${SEPARATOR}${uuid}`
+  const rest = appId.split(prefix)[1]
+  return `${DocumentTypes.APP_DEV}${SEPARATOR}${rest}`
 }
 
 /**
diff --git a/packages/server/src/definitions/datasource.ts b/packages/server/src/definitions/datasource.ts
index 90270dd113..ec6a0db9c9 100644
--- a/packages/server/src/definitions/datasource.ts
+++ b/packages/server/src/definitions/datasource.ts
@@ -49,6 +49,15 @@ export interface QueryDefinition {
   urlDisplay?: boolean
 }
 
+export interface ExtraQueryConfig {
+  [key: string]: {
+    displayName: string
+    type: string
+    required: boolean
+    data?: object
+  }
+}
+
 export interface Integration {
   docs: string
   plus?: boolean
@@ -58,6 +67,7 @@ export interface Integration {
   query: {
     [key: string]: QueryDefinition
   }
+  extra?: ExtraQueryConfig
 }
 
 export interface SearchFilters {
diff --git a/packages/server/src/environment.js b/packages/server/src/environment.js
index 52c680f65a..9f69664ffb 100644
--- a/packages/server/src/environment.js
+++ b/packages/server/src/environment.js
@@ -35,6 +35,7 @@ module.exports = {
   REDIS_URL: process.env.REDIS_URL,
   REDIS_PASSWORD: process.env.REDIS_PASSWORD,
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
+  MULTI_TENANCY: process.env.MULTI_TENANCY,
   // environment
   NODE_ENV: process.env.NODE_ENV,
   JEST_WORKER_ID: process.env.JEST_WORKER_ID,
diff --git a/packages/server/src/integrations/base/sql.ts b/packages/server/src/integrations/base/sql.ts
index 66dd269412..ea48eab793 100644
--- a/packages/server/src/integrations/base/sql.ts
+++ b/packages/server/src/integrations/base/sql.ts
@@ -19,8 +19,6 @@ function parseBody(body: any) {
     }
     if (isIsoDateString(value)) {
       body[key] = new Date(value)
-    } else if (!isNaN(parseFloat(value))) {
-      body[key] = parseFloat(value)
     }
   }
   return body
diff --git a/packages/server/src/integrations/mongodb.ts b/packages/server/src/integrations/mongodb.ts
index af7b49153d..bbab9a0d84 100644
--- a/packages/server/src/integrations/mongodb.ts
+++ b/packages/server/src/integrations/mongodb.ts
@@ -10,7 +10,6 @@ module MongoDBModule {
   interface MongoDBConfig {
     connectionString: string
     db: string
-    collection: string
   }
 
   const SCHEMA: Integration = {
@@ -28,10 +27,6 @@ module MongoDBModule {
         type: DatasourceFieldTypes.STRING,
         required: true,
       },
-      collection: {
-        type: DatasourceFieldTypes.STRING,
-        required: true,
-      },
     },
     query: {
       create: {
@@ -40,6 +35,30 @@ module MongoDBModule {
       read: {
         type: QueryTypes.JSON,
       },
+      update: {
+        type: QueryTypes.JSON,
+      },
+      delete: {
+        type: QueryTypes.JSON,
+      },
+    },
+    extra: {
+      collection: {
+        displayName: "Collection",
+        type: DatasourceFieldTypes.STRING,
+        required: true,
+      },
+      actionTypes: {
+        displayName: "Action Types",
+        type: DatasourceFieldTypes.LIST,
+        required: true,
+        data: {
+          read: ["find", "findOne", "findOneAndUpdate", "count", "distinct"],
+          create: ["insertOne", "insertMany"],
+          update: ["updateOne", "updateMany"],
+          delete: ["deleteOne", "deleteMany"],
+        },
+      },
     },
   }
 
@@ -56,12 +75,27 @@ module MongoDBModule {
       return this.client.connect()
     }
 
-    async create(query: { json: object }) {
+    async create(query: { json: object; extra: { [key: string]: string } }) {
       try {
         await this.connect()
         const db = this.client.db(this.config.db)
-        const collection = db.collection(this.config.collection)
-        return collection.insertOne(query.json)
+        const collection = db.collection(query.extra.collection)
+
+        // For mongodb we add an extra actionType to specify
+        // which method we want to call on the collection
+        switch (query.extra.actionTypes) {
+          case "insertOne": {
+            return collection.insertOne(query.json)
+          }
+          case "insertMany": {
+            return collection.insertOne(query.json).toArray()
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for create`
+            )
+          }
+        }
       } catch (err) {
         console.error("Error writing to mongodb", err)
         throw err
@@ -70,12 +104,34 @@ module MongoDBModule {
       }
     }
 
-    async read(query: { json: object }) {
+    async read(query: { json: object; extra: { [key: string]: string } }) {
       try {
         await this.connect()
         const db = this.client.db(this.config.db)
-        const collection = db.collection(this.config.collection)
-        return collection.find(query.json).toArray()
+        const collection = db.collection(query.extra.collection)
+
+        switch (query.extra.actionTypes) {
+          case "find": {
+            return collection.find(query.json).toArray()
+          }
+          case "findOne": {
+            return collection.findOne(query.json)
+          }
+          case "findOneAndUpdate": {
+            return collection.findOneAndUpdate(query.json)
+          }
+          case "count": {
+            return collection.countDocuments(query.json)
+          }
+          case "distinct": {
+            return collection.distinct(query.json)
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for read`
+            )
+          }
+        }
       } catch (err) {
         console.error("Error querying mongodb", err)
         throw err
@@ -83,6 +139,60 @@ module MongoDBModule {
         await this.client.close()
       }
     }
+
+    async update(query: { json: object; extra: { [key: string]: string } }) {
+      try {
+        await this.connect()
+        const db = this.client.db(this.config.db)
+        const collection = db.collection(query.extra.collection)
+
+        switch (query.extra.actionTypes) {
+          case "updateOne": {
+            return collection.updateOne(query.json)
+          }
+          case "updateMany": {
+            return collection.updateMany(query.json).toArray()
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for update`
+            )
+          }
+        }
+      } catch (err) {
+        console.error("Error writing to mongodb", err)
+        throw err
+      } finally {
+        await this.client.close()
+      }
+    }
+
+    async delete(query: { json: object; extra: { [key: string]: string } }) {
+      try {
+        await this.connect()
+        const db = this.client.db(this.config.db)
+        const collection = db.collection(query.extra.collection)
+
+        switch (query.extra.actionTypes) {
+          case "deleteOne": {
+            return collection.deleteOne(query.json)
+          }
+          case "deleteMany": {
+            return collection.deleteMany(query.json).toArray()
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for delete`
+            )
+          }
+        }
+      } catch (err) {
+        console.error("Error writing to mongodb", err)
+        throw err
+      } finally {
+        await this.client.close()
+      }
+    }
   }
 
   module.exports = {
diff --git a/packages/server/src/integrations/tests/mongo.spec.js b/packages/server/src/integrations/tests/mongo.spec.js
index 1e37d5dd70..ce44617eb1 100644
--- a/packages/server/src/integrations/tests/mongo.spec.js
+++ b/packages/server/src/integrations/tests/mongo.spec.js
@@ -8,6 +8,13 @@ class TestConfiguration {
   }
 }
 
+function disableConsole() {
+  jest.spyOn(console, 'error');
+  console.error.mockImplementation(() => {});
+
+  return console.error.mockRestore;
+}
+
 describe("MongoDB Integration", () => {
   let config 
   let indexName = "Users"
@@ -22,7 +29,8 @@ describe("MongoDB Integration", () => {
     }
     const response = await config.integration.create({ 
       index: indexName,
-      json: body
+      json: body,
+      extra: { collection: 'testCollection', actionTypes: 'insertOne'}
     })
     expect(config.integration.client.insertOne).toHaveBeenCalledWith(body)
   })
@@ -31,10 +39,46 @@ describe("MongoDB Integration", () => {
     const query = {
       json: {
         address: "test"
-      }
+      },
+      extra: { collection: 'testCollection', actionTypes: 'find'}
     }
     const response = await config.integration.read(query)
     expect(config.integration.client.find).toHaveBeenCalledWith(query.json)
     expect(response).toEqual(expect.any(Array))
   })
+
+  it("calls the delete method with the correct params", async () => {
+    const query = {
+      json: {
+        id: "test"
+      },
+      extra: { collection: 'testCollection', actionTypes: 'deleteOne'}
+    }
+    const response = await config.integration.delete(query)
+    expect(config.integration.client.deleteOne).toHaveBeenCalledWith(query.json)
+  })
+
+  it("calls the update method with the correct params", async () => {
+    const query = {
+      json: {
+        id: "test"
+      },
+      extra: { collection: 'testCollection', actionTypes: 'updateOne'}
+    }
+    const response = await config.integration.update(query)
+    expect(config.integration.client.updateOne).toHaveBeenCalledWith(query.json)
+  })
+
+  it("throws an error when an invalid query.extra.actionType is passed for each method", async () => {
+    const restore = disableConsole()
+
+    const query = {
+      extra: { collection: 'testCollection', actionTypes: 'deleteOne'}
+    }
+    // Weird, need to do an IIFE for jest to recognize that it throws
+    expect(() => config.integration.read(query)()).toThrow(expect.any(Object))
+
+    restore()
+  })
+
 })
\ No newline at end of file
diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js
index 7169a36320..8f2403cc37 100644
--- a/packages/server/src/middleware/currentapp.js
+++ b/packages/server/src/middleware/currentapp.js
@@ -68,5 +68,6 @@ module.exports = async (ctx, next) => {
   ) {
     setCookie(ctx, { appId }, Cookies.CurrentApp)
   }
+
   return next()
 }
diff --git a/packages/server/src/tests/utilities/TestConfiguration.js b/packages/server/src/tests/utilities/TestConfiguration.js
index 4b9fe73424..0eb3851d98 100644
--- a/packages/server/src/tests/utilities/TestConfiguration.js
+++ b/packages/server/src/tests/utilities/TestConfiguration.js
@@ -10,16 +10,19 @@ const {
   basicScreen,
   basicLayout,
   basicWebhook,
+  TENANT_ID,
 } = require("./structures")
 const controllers = require("./controllers")
 const supertest = require("supertest")
 const { cleanup } = require("../../utilities/fileSystem")
 const { Cookies, Headers } = require("@budibase/auth").constants
 const { jwt } = require("@budibase/auth").auth
-const { StaticDatabases } = require("@budibase/auth/db")
+const auth = require("@budibase/auth")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 const { createASession } = require("@budibase/auth/sessions")
 const { user: userCache } = require("@budibase/auth/cache")
 const CouchDB = require("../../db")
+auth.init(CouchDB)
 
 const GLOBAL_USER_ID = "us_uuid1"
 const EMAIL = "babs@babs.com"
@@ -52,7 +55,7 @@ class TestConfiguration {
     request.cookies = { set: () => {}, get: () => {} }
     request.config = { jwtSecret: env.JWT_SECRET }
     request.appId = this.appId
-    request.user = { appId: this.appId }
+    request.user = { appId: this.appId, tenantId: TENANT_ID }
     request.query = {}
     request.request = {
       body: config,
@@ -65,7 +68,7 @@ class TestConfiguration {
   }
 
   async globalUser(id = GLOBAL_USER_ID, builder = true, roles) {
-    const db = new CouchDB(StaticDatabases.GLOBAL.name)
+    const db = getGlobalDB(TENANT_ID)
     let existing
     try {
       existing = await db.get(id)
@@ -76,8 +79,9 @@ class TestConfiguration {
       _id: id,
       ...existing,
       roles: roles || {},
+      tenantId: TENANT_ID,
     }
-    await createASession(id, "sessionid")
+    await createASession(id, { sessionId: "sessionid", tenantId: TENANT_ID })
     if (builder) {
       user.builder = { global: true }
     }
@@ -107,6 +111,7 @@ class TestConfiguration {
     const auth = {
       userId: GLOBAL_USER_ID,
       sessionId: "sessionid",
+      tenantId: TENANT_ID,
     }
     const app = {
       roleId: BUILTIN_ROLE_IDS.ADMIN,
@@ -333,11 +338,15 @@ class TestConfiguration {
     if (!email || !password) {
       await this.createUser()
     }
-    await createASession(userId, "sessionid")
+    await createASession(userId, {
+      sessionId: "sessionid",
+      tenantId: TENANT_ID,
+    })
     // have to fake this
     const auth = {
       userId,
       sessionId: "sessionid",
+      tenantId: TENANT_ID,
     }
     const app = {
       roleId: roleId,
diff --git a/packages/server/src/tests/utilities/structures.js b/packages/server/src/tests/utilities/structures.js
index 91996a7804..e4b2c7e1f0 100644
--- a/packages/server/src/tests/utilities/structures.js
+++ b/packages/server/src/tests/utilities/structures.js
@@ -4,6 +4,8 @@ const { createHomeScreen } = require("../../constants/screens")
 const { EMPTY_LAYOUT } = require("../../constants/layouts")
 const { cloneDeep } = require("lodash/fp")
 
+exports.TENANT_ID = "default"
+
 exports.basicTable = () => {
   return {
     name: "TestTable",
diff --git a/packages/server/src/utilities/global.js b/packages/server/src/utilities/global.js
index 3ce794b406..2757398586 100644
--- a/packages/server/src/utilities/global.js
+++ b/packages/server/src/utilities/global.js
@@ -1,13 +1,12 @@
-const CouchDB = require("../db")
 const {
   getMultiIDParams,
   getGlobalIDFromUserMetadataID,
-  StaticDatabases,
 } = require("../db/utils")
 const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
 const { getDeployedAppID } = require("@budibase/auth/db")
 const { getGlobalUserParams } = require("@budibase/auth/db")
 const { user: userCache } = require("@budibase/auth/cache")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.updateAppRole = (appId, user) => {
   if (!user.roles) {
@@ -34,18 +33,20 @@ function processUser(appId, user) {
 }
 
 exports.getCachedSelf = async (ctx, appId) => {
+  // this has to be tenant aware, can't depend on the context to find it out
+  // running some middlewares before the tenancy causes context to break
   const user = await userCache.getUser(ctx.user._id)
   return processUser(appId, user)
 }
 
-exports.getGlobalUser = async (appId, userId) => {
-  const db = CouchDB(StaticDatabases.GLOBAL.name)
+exports.getGlobalUser = async (ctx, appId, userId) => {
+  const db = getGlobalDB()
   let user = await db.get(getGlobalIDFromUserMetadataID(userId))
   return processUser(appId, user)
 }
 
-exports.getGlobalUsers = async (appId = null, users = null) => {
-  const db = CouchDB(StaticDatabases.GLOBAL.name)
+exports.getGlobalUsers = async (ctx, appId = null, users = null) => {
+  const db = getGlobalDB()
   let globalUsers
   if (users) {
     const globalIds = users.map(user => getGlobalIDFromUserMetadataID(user._id))
diff --git a/packages/server/src/utilities/index.js b/packages/server/src/utilities/index.js
index 320d4a3eb5..182ad51828 100644
--- a/packages/server/src/utilities/index.js
+++ b/packages/server/src/utilities/index.js
@@ -1,6 +1,5 @@
 const env = require("../environment")
 const { OBJ_STORE_DIRECTORY, ObjectStoreBuckets } = require("../constants")
-const { getAllApps } = require("@budibase/auth/db")
 const { sanitizeKey } = require("@budibase/auth/src/objectStore")
 
 const BB_CDN = "https://cdn.app.budi.live/assets"
@@ -8,7 +7,6 @@ const BB_CDN = "https://cdn.app.budi.live/assets"
 exports.wait = ms => new Promise(resolve => setTimeout(resolve, ms))
 
 exports.isDev = env.isDev
-exports.getAllApps = getAllApps
 
 /**
  * Makes sure that a URL has the correct number of slashes, while maintaining the
diff --git a/packages/server/src/utilities/redis.js b/packages/server/src/utilities/redis.js
index e1fa632003..6f1cf46606 100644
--- a/packages/server/src/utilities/redis.js
+++ b/packages/server/src/utilities/redis.js
@@ -7,8 +7,10 @@ let devAppClient, debounceClient
 // we init this as we want to keep the connection open all the time
 // reduces the performance hit
 exports.init = async () => {
-  devAppClient = await new Client(utils.Databases.DEV_LOCKS).init()
-  debounceClient = await new Client(utils.Databases.DEBOUNCE).init()
+  devAppClient = new Client(utils.Databases.DEV_LOCKS)
+  debounceClient = new Client(utils.Databases.DEBOUNCE)
+  await devAppClient.init()
+  await debounceClient.init()
 }
 
 exports.shutdown = async () => {
diff --git a/packages/server/src/utilities/rowProcessor.js b/packages/server/src/utilities/rowProcessor.js
index 766bc09b2f..618897383b 100644
--- a/packages/server/src/utilities/rowProcessor.js
+++ b/packages/server/src/utilities/rowProcessor.js
@@ -193,20 +193,21 @@ exports.inputProcessing = (user = {}, table, row) => {
 /**
  * This function enriches the input rows with anything they are supposed to contain, for example
  * link records or attachment links.
- * @param {string} appId the ID of the application for which rows are being enriched.
+ * @param {object} ctx the request which is looking for enriched rows.
  * @param {object} table the table from which these rows came from originally, this is used to determine
  * the schema of the rows and then enrich.
  * @param {object[]} rows the rows which are to be enriched.
  * @returns {object[]} the enriched rows will be returned.
  */
-exports.outputProcessing = async (appId, table, rows) => {
+exports.outputProcessing = async (ctx, table, rows) => {
+  const appId = ctx.appId
   let wasArray = true
   if (!(rows instanceof Array)) {
     rows = [rows]
     wasArray = false
   }
   // attach any linked row information
-  let enriched = await linkRows.attachFullLinkedDocs(appId, table, rows)
+  let enriched = await linkRows.attachFullLinkedDocs(ctx, table, rows)
 
   // process formulas
   enriched = processFormulas(table, enriched)
diff --git a/packages/server/src/utilities/users.js b/packages/server/src/utilities/users.js
index 6144397bf1..64fbfb7ea2 100644
--- a/packages/server/src/utilities/users.js
+++ b/packages/server/src/utilities/users.js
@@ -3,7 +3,7 @@ const { InternalTables } = require("../db/utils")
 const { getGlobalUser } = require("../utilities/global")
 
 exports.getFullUser = async (ctx, userId) => {
-  const global = await getGlobalUser(ctx.appId, userId)
+  const global = await getGlobalUser(ctx, ctx.appId, userId)
   let metadata
   try {
     // this will throw an error if the db doesn't exist, or there is no appId
diff --git a/packages/server/src/utilities/workerRequests.js b/packages/server/src/utilities/workerRequests.js
index 4a8d10ecb8..066f6e23d4 100644
--- a/packages/server/src/utilities/workerRequests.js
+++ b/packages/server/src/utilities/workerRequests.js
@@ -4,13 +4,17 @@ const { checkSlashesInUrl } = require("./index")
 const { getDeployedAppID } = require("@budibase/auth/db")
 const { updateAppRole, getGlobalUser } = require("./global")
 const { Headers } = require("@budibase/auth/constants")
+const { getTenantId, isTenantIdSet } = require("@budibase/auth/tenancy")
 
-function request(ctx, request, noApiKey) {
+function request(ctx, request) {
   if (!request.headers) {
     request.headers = {}
   }
-  if (!noApiKey) {
+  if (!ctx) {
     request.headers[Headers.API_KEY] = env.INTERNAL_API_KEY
+    if (isTenantIdSet()) {
+      request.headers[Headers.TENANT_ID] = getTenantId()
+    }
   }
   if (request.body && Object.keys(request.body).length > 0) {
     request.headers["Content-Type"] = "application/json"
@@ -29,9 +33,11 @@ function request(ctx, request, noApiKey) {
 
 exports.request = request
 
+// have to pass in the tenant ID as this could be coming from an automation
 exports.sendSmtpEmail = async (to, from, subject, contents) => {
+  // tenant ID will be set in header
   const response = await fetch(
-    checkSlashesInUrl(env.WORKER_URL + `/api/admin/email/send`),
+    checkSlashesInUrl(env.WORKER_URL + `/api/global/email/send`),
     request(null, {
       method: "POST",
       body: {
@@ -74,11 +80,11 @@ exports.getDeployedApps = async ctx => {
 }
 
 exports.getGlobalSelf = async (ctx, appId = null) => {
-  const endpoint = `/api/admin/users/self`
+  const endpoint = `/api/global/users/self`
   const response = await fetch(
     checkSlashesInUrl(env.WORKER_URL + endpoint),
     // we don't want to use API key when getting self
-    request(ctx, { method: "GET" }, true)
+    request(ctx, { method: "GET" })
   )
   if (response.status !== 200) {
     ctx.throw(400, "Unable to get self globally.")
@@ -96,11 +102,11 @@ exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {
     body = {}
   if (!userId) {
     user = await exports.getGlobalSelf(ctx)
-    endpoint = `/api/admin/users/self`
+    endpoint = `/api/global/users/self`
   } else {
-    user = await getGlobalUser(appId, userId)
+    user = await getGlobalUser(ctx, appId, userId)
     body._id = userId
-    endpoint = `/api/admin/users`
+    endpoint = `/api/global/users`
   }
   body = {
     ...body,
@@ -122,11 +128,11 @@ exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {
   return response.json()
 }
 
-exports.removeAppFromUserRoles = async appId => {
+exports.removeAppFromUserRoles = async (ctx, appId) => {
   const deployedAppId = getDeployedAppID(appId)
   const response = await fetch(
-    checkSlashesInUrl(env.WORKER_URL + `/api/admin/roles/${deployedAppId}`),
-    request(null, {
+    checkSlashesInUrl(env.WORKER_URL + `/api/global/roles/${deployedAppId}`),
+    request(ctx, {
       method: "DELETE",
     })
   )
diff --git a/packages/server/yarn.lock b/packages/server/yarn.lock
index c4be7d4512..c7f7bca0a1 100644
--- a/packages/server/yarn.lock
+++ b/packages/server/yarn.lock
@@ -1146,12 +1146,11 @@
   resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
   integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
 
-"@budibase/auth@^0.9.80-alpha.7":
-  version "0.9.80-alpha.7"
-  resolved "https://registry.yarnpkg.com/@budibase/auth/-/auth-0.9.80-alpha.7.tgz#6fb4c40a5f437bb9f7e49c9acafbc601b0dffa49"
-  integrity sha512-9KZy8hqdpaWRY2n3pRAThP4Jb9TsrfJsJFdfDndJtPO1tTNKtDw2LGEwrT5Kym0a0SBHEzVrXq1Vw/sg72ACIQ==
+"@budibase/auth@^0.9.79-alpha.4":
+  version "0.9.79"
+  resolved "https://registry.yarnpkg.com/@budibase/auth/-/auth-0.9.79.tgz#416271ffc55e84116550469656bf151a7734a90f"
+  integrity sha512-ENh099tYeUfVExsAeoxwMh2ODioKQGPteK9LJiU5hMdM4Oi7pyImu287BgKpTIheB+WtadT4e21VpPaJ62APEw==
   dependencies:
-    "@techpass/passport-openidconnect" "^0.3.0"
     aws-sdk "^2.901.0"
     bcryptjs "^2.4.3"
     ioredis "^4.27.1"
@@ -1168,10 +1167,10 @@
     uuid "^8.3.2"
     zlib "^1.0.5"
 
-"@budibase/bbui@^0.9.80-alpha.7":
-  version "0.9.80-alpha.7"
-  resolved "https://registry.yarnpkg.com/@budibase/bbui/-/bbui-0.9.80-alpha.7.tgz#5fbb7a6617a35a560151377fdc67a845f5620803"
-  integrity sha512-VJPP6A3BhxsLQzEfKPz3alCiT0nMqeM75P/reT1jsRxZsOCJ8vFn7g2c8aH2bEIcCqOWeUaaxVDuj8ghbzByUw==
+"@budibase/bbui@^0.9.79":
+  version "0.9.79"
+  resolved "https://registry.yarnpkg.com/@budibase/bbui/-/bbui-0.9.79.tgz#c033ba0af41cb584d2657a8353f9887328f6633f"
+  integrity sha512-XxUJSPGd2FZDFdbNOeMUXohhID5h3DVq9XyKTe6WhYax4m2da/2WTENJ16UFvmfA+yxLN1qSDeweq9vw2zCahQ==
   dependencies:
     "@adobe/spectrum-css-workflow-icons" "^1.2.1"
     "@spectrum-css/actionbutton" "^1.0.1"
@@ -1216,14 +1215,14 @@
     svelte-flatpickr "^3.1.0"
     svelte-portal "^1.0.0"
 
-"@budibase/client@^0.9.80-alpha.7":
-  version "0.9.80-alpha.7"
-  resolved "https://registry.yarnpkg.com/@budibase/client/-/client-0.9.80-alpha.7.tgz#9d2e98b90cd9fdcfc659826d19b5dc206cdcfe7d"
-  integrity sha512-szLz2JpWI9ZMyVz7IPap1fQ7e+uphuthOkOsERplmq4EXbv914/YILdEfUm01s4aeOEOdkeogz31t8t75es6Dg==
+"@budibase/client@^0.9.79-alpha.4":
+  version "0.9.79"
+  resolved "https://registry.yarnpkg.com/@budibase/client/-/client-0.9.79.tgz#d1c8d51e9121f81902cfb31d3b685c8061f272a2"
+  integrity sha512-//Yqm5Qki6BmBe5W2Tz8GONdkFjdD1jkIU7pcLYKqdZJWEQIrX6T/xNvYvZVhw7Dx5bwSZRjFwzm7jLoiyHBIA==
   dependencies:
-    "@budibase/bbui" "^0.9.80-alpha.7"
-    "@budibase/standard-components" "^0.9.80-alpha.7"
-    "@budibase/string-templates" "^0.9.80-alpha.7"
+    "@budibase/bbui" "^0.9.79"
+    "@budibase/standard-components" "^0.9.79"
+    "@budibase/string-templates" "^0.9.79"
     regexparam "^1.3.0"
     shortid "^2.2.15"
     svelte-spa-router "^3.0.5"
@@ -1256,26 +1255,24 @@
     to-gfm-code-block "^0.1.1"
     year "^0.2.1"
 
-"@budibase/standard-components@^0.9.80-alpha.7":
-  version "0.9.80-alpha.7"
-  resolved "https://registry.yarnpkg.com/@budibase/standard-components/-/standard-components-0.9.80-alpha.7.tgz#17f13a25bfcda873f44d1460493325adcfe6f188"
-  integrity sha512-ohEVqhRxp2FeOlEnJtfBhyqtwmRGI/qPGs0K9FQfLQglMYJtPN5FgMrJ1gtN0W3zn7TOfNFnTcQIxIdLxSLwyA==
+"@budibase/standard-components@^0.9.79", "@budibase/standard-components@^0.9.79-alpha.4":
+  version "0.9.79"
+  resolved "https://registry.yarnpkg.com/@budibase/standard-components/-/standard-components-0.9.79.tgz#24206642e0cdc655ea3a99ed5e9402ec4f6b3ba8"
+  integrity sha512-ZWhmBZ1iG+CjGMEvT/jtugMMgA1n88UYcOfP3BSP2P3eA16DubyU9hH9OyJHbGPzDHLoBF6vuS/5ZPZCkOKppw==
   dependencies:
-    "@budibase/bbui" "^0.9.80-alpha.7"
-    "@spectrum-css/card" "^3.0.3"
+    "@budibase/bbui" "^0.9.79"
     "@spectrum-css/link" "^3.1.3"
     "@spectrum-css/page" "^3.0.1"
-    "@spectrum-css/typography" "^3.0.2"
     "@spectrum-css/vars" "^3.0.1"
     apexcharts "^3.22.1"
     dayjs "^1.10.5"
     svelte-apexcharts "^1.0.2"
     svelte-flatpickr "^3.1.0"
 
-"@budibase/string-templates@^0.9.80-alpha.7":
-  version "0.9.80-alpha.7"
-  resolved "https://registry.yarnpkg.com/@budibase/string-templates/-/string-templates-0.9.80-alpha.7.tgz#10b06fc8652c00065f8928caebfcd0d143660078"
-  integrity sha512-lD3BSWXW6PrdAbZcpVXSsr/fA8NdwvQ8W7T4chQ661UUMKVOYLnGwAvvAOArGpkdzSOAfSEuzgIB0+pBc92qWQ==
+"@budibase/string-templates@^0.9.79", "@budibase/string-templates@^0.9.79-alpha.4":
+  version "0.9.79"
+  resolved "https://registry.yarnpkg.com/@budibase/string-templates/-/string-templates-0.9.79.tgz#bb75a7433a7cfda1fc488283f35e47879b799fcc"
+  integrity sha512-hkAne5mx7mj8+osXFt45VwgLKSa94uQOGOb4R8uv9WNzvk4RzcjBfRzJxggv29FUemItrAeZpSh+Um6yugFI+w==
   dependencies:
     "@budibase/handlebars-helpers" "^0.11.4"
     dayjs "^1.10.4"
@@ -2114,11 +2111,6 @@
   resolved "https://registry.yarnpkg.com/@spectrum-css/buttongroup/-/buttongroup-3.0.3.tgz#719d868845ac9d2c4f939c1b9f6044507902d5aa"
   integrity sha512-eXl8U4QWMWXqyTu654FdQdEGnmczgOYlpIFSHyCMVjhtPqZp2xwnLFiGh6LKw+bLio6eeOZ0L+vpk1GcoYqgkw==
 
-"@spectrum-css/card@^3.0.3":
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/@spectrum-css/card/-/card-3.0.3.tgz#56b2e2da6b80c1583228baa279de7407383bfb6b"
-  integrity sha512-+oKLUI2a0QmQP9EzySeq/G4FpUkkdaDNbuEbqCj2IkPMc/2v/nwzsPhh1fj2UIghGAiiUwXfPpzax1e8fyhQUg==
-
 "@spectrum-css/checkbox@^3.0.2":
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/@spectrum-css/checkbox/-/checkbox-3.0.3.tgz#8577067fc8b97e4609f92bd242364937a533a7bb"
@@ -2278,7 +2270,7 @@
   resolved "https://registry.yarnpkg.com/@spectrum-css/treeview/-/treeview-3.0.3.tgz#aeda5175158b9f8d7529cb2b394428eb2a428046"
   integrity sha512-D5gGzZC/KtRArdx86Mesc9+99W9nTbUOeyYGqoJoAfJSOttoT6Tk5CrDvlCmAqjKf5rajemAkGri1ChqvUIwkw==
 
-"@spectrum-css/typography@^3.0.1", "@spectrum-css/typography@^3.0.2":
+"@spectrum-css/typography@^3.0.1":
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/typography/-/typography-3.0.2.tgz#ea3ca0a60e18064527819d48c8c4364cab4fcd38"
   integrity sha512-5ZOLmQe0edzsDMyhghUd4hBb5uxGsFrxzf+WasfcUw9klSfTsRZ09n1BsaaWbgrLjlMQ+EEHS46v5VNo0Ms2CA==
@@ -2300,17 +2292,6 @@
   dependencies:
     defer-to-connect "^1.0.1"
 
-"@techpass/passport-openidconnect@^0.3.0":
-  version "0.3.0"
-  resolved "https://registry.yarnpkg.com/@techpass/passport-openidconnect/-/passport-openidconnect-0.3.0.tgz#a60b2bbf3f262649a5a02d5d186219944acc3010"
-  integrity sha512-bVsPwl66s7J7GHxTPlW/RJYhZol9SshNznQsx83OOh9G+JWFGoeWxh+xbX+FTdJNoUvGIGbJnpWPY2wC6NOHPw==
-  dependencies:
-    base64url "^3.0.1"
-    oauth "^0.9.15"
-    passport-strategy "^1.0.0"
-    request "^2.88.0"
-    webfinger "^0.4.2"
-
 "@tootallnate/once@1":
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.1.2.tgz#ccb91445360179a04e7fe6aff78c00ffc1eeaf82"
@@ -3305,7 +3286,7 @@ base64-js@^1.0.2, base64-js@^1.3.1:
   resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a"
   integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==
 
-base64url@3.x.x, base64url@^3.0.1:
+base64url@3.x.x:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/base64url/-/base64url-3.0.1.tgz#6399d572e2bc3f90a9a8b22d5dbb0a32d33f788d"
   integrity sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==
@@ -8726,7 +8707,7 @@ oauth-sign@~0.9.0:
   resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.9.0.tgz#47a7b016baa68b5fa0ecf3dee08a85c679ac6455"
   integrity sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==
 
-oauth@0.9.x, oauth@^0.9.15:
+oauth@0.9.x:
   version "0.9.15"
   resolved "https://registry.yarnpkg.com/oauth/-/oauth-0.9.15.tgz#bd1fefaf686c96b75475aed5196412ff60cfb9c1"
   integrity sha1-vR/vr2hslrdUda7VGWQS/2DPucE=
@@ -10100,7 +10081,7 @@ request-promise-native@^1.0.5:
     stealthy-require "^1.1.1"
     tough-cookie "^2.3.3"
 
-"request@>= 2.52.0", request@^2.72.0, request@^2.74.0, request@^2.87.0, request@^2.88.0:
+"request@>= 2.52.0", request@^2.72.0, request@^2.74.0, request@^2.87.0:
   version "2.88.2"
   resolved "https://registry.yarnpkg.com/request/-/request-2.88.2.tgz#d73c918731cb5a87da047e207234146f664d12b3"
   integrity sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==
@@ -10224,7 +10205,7 @@ rimraf@2.6.3:
   dependencies:
     glob "^7.1.3"
 
-rimraf@^3.0.0, rimraf@^3.0.2:
+rimraf@^3.0.0:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-3.0.2.tgz#f1a5402ba6220ad52cc1282bac1ae3aa49fd061a"
   integrity sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==
@@ -10309,7 +10290,7 @@ sax@1.2.1:
   resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.1.tgz#7b8e656190b228e81a66aea748480d828cd2d37a"
   integrity sha1-e45lYZCyKOgaZq6nSEgNgozS03o=
 
-sax@>=0.1.1, sax@>=0.6.0, sax@^1.2.4:
+sax@>=0.6.0, sax@^1.2.4:
   version "1.2.4"
   resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
   integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
@@ -10764,11 +10745,6 @@ stealthy-require@^1.1.1:
   resolved "https://registry.yarnpkg.com/stealthy-require/-/stealthy-require-1.1.1.tgz#35b09875b4ff49f26a777e509b3090a3226bf24b"
   integrity sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=
 
-step@0.0.x:
-  version "0.0.6"
-  resolved "https://registry.yarnpkg.com/step/-/step-0.0.6.tgz#143e7849a5d7d3f4a088fe29af94915216eeede2"
-  integrity sha1-FD54SaXX0/SgiP4pr5SRUhbu7eI=
-
 strict-uri-encode@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz#279b225df1d582b1f54e65addd4352e18faa0713"
@@ -11624,6 +11600,11 @@ untildify@^4.0.0:
   resolved "https://registry.yarnpkg.com/untildify/-/untildify-4.0.0.tgz#2bc947b953652487e4600949fb091e3ae8cd919b"
   integrity sha512-KK8xQ1mkzZeg9inewmFVDNkg3l5LUhoq9kN6iWYB/CC9YMG8HA+c1Q8HwDe6dEX7kErrEVNVBO3fWsVq5iDgtw==
 
+update-dotenv@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/update-dotenv/-/update-dotenv-1.1.1.tgz#17146f302f216c3c92419d5a327a45be910050ca"
+  integrity sha512-3cIC18In/t0X/yH793c00qqxcKD8jVCgNOPif/fGQkFpYMGecM9YAc+kaAKXuZsM2dE9I9wFI7KvAuNX22SGMQ==
+
 update-notifier@^4.1.0:
   version "4.1.3"
   resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-4.1.3.tgz#be86ee13e8ce48fb50043ff72057b5bd598e1ea3"
@@ -11805,14 +11786,6 @@ walker@^1.0.7, walker@~1.0.5:
   dependencies:
     makeerror "1.0.x"
 
-webfinger@^0.4.2:
-  version "0.4.2"
-  resolved "https://registry.yarnpkg.com/webfinger/-/webfinger-0.4.2.tgz#3477a6d97799461896039fcffc650b73468ee76d"
-  integrity sha1-NHem2XeZRhiWA5/P/GULc0aO520=
-  dependencies:
-    step "0.0.x"
-    xml2js "0.1.x"
-
 webidl-conversions@^4.0.2:
   version "4.0.2"
   resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-4.0.2.tgz#a855980b1f0b6b359ba1d5d9fb39ae941faa63ad"
@@ -12019,13 +11992,6 @@ xml-parse-from-string@^1.0.0:
   resolved "https://registry.yarnpkg.com/xml-parse-from-string/-/xml-parse-from-string-1.0.1.tgz#a9029e929d3dbcded169f3c6e28238d95a5d5a28"
   integrity sha1-qQKekp09vN7RafPG4oI42VpdWig=
 
-xml2js@0.1.x:
-  version "0.1.14"
-  resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.1.14.tgz#5274e67f5a64c5f92974cd85139e0332adc6b90c"
-  integrity sha1-UnTmf1pkxfkpdM2FE54DMq3GuQw=
-  dependencies:
-    sax ">=0.1.1"
-
 xml2js@0.4.19:
   version "0.4.19"
   resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.19.tgz#686c20f213209e94abf0d1bcf1efaa291c7827a7"
diff --git a/packages/standard-components/manifest.json b/packages/standard-components/manifest.json
index 2410ba56b5..692e23802a 100644
--- a/packages/standard-components/manifest.json
+++ b/packages/standard-components/manifest.json
@@ -312,6 +312,39 @@
       }
     ]
   },
+  "divider": {
+    "name": "Divider",
+    "description": "A basic divider",
+    "icon": "Separator",
+    "illegalChildren": ["section"],
+    "settings": [
+      {
+        "type": "select",
+        "label": "Size",
+        "key": "size",
+        "options": [
+          {
+            "label": "Small",
+            "value": "S"
+          },
+          {
+            "label": "Medium",
+            "value": "M"
+          },
+          {
+            "label": "Large",
+            "value": "L"
+          }
+        ],
+        "defaultValue": "M"
+      },
+      {
+        "type": "boolean",
+        "label": "Vertical",
+        "key": "vertical"
+      }
+    ]
+  },
   "repeater": {
     "name": "Repeater",
     "description": "A configurable data list that attaches to your backend tables.",
@@ -331,11 +364,6 @@
         "key": "noRowsMessage",
         "defaultValue": "No rows found"
       },
-      {
-        "type": "filter",
-        "label": "Filtering",
-        "key": "filter"
-      },
       {
         "type": "select",
         "label": "Direction",
@@ -1647,7 +1675,8 @@
     "hasChildren": true,
     "illegalChildren": ["section"],
     "actions": [
-      "ValidateForm"
+      "ValidateForm",
+      "ClearForm"
     ],
     "styles": ["size"],
     "settings": [
@@ -1678,6 +1707,7 @@
     "name": "Field Group",
     "icon": "Group",
     "illegalChildren": ["section"],
+    "styles": ["size"],
     "hasChildren": true,
     "settings": [
       {
@@ -1706,6 +1736,7 @@
     "name": "Text Field",
     "icon": "Text",
     "illegalChildren": ["section"],
+    "styles": ["size"],
     "settings": [
       {
         "type": "field/string",
@@ -1733,6 +1764,7 @@
   "numberfield": {
     "name": "Number Field",
     "icon": "123",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1761,6 +1793,7 @@
   "passwordfield": {
     "name": "Password Field",
     "icon": "LockClosed",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1789,6 +1822,7 @@
   "optionsfield": {
     "name": "Options Picker",
     "icon": "ViewList",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1807,6 +1841,22 @@
         "key": "placeholder",
         "placeholder": "Choose an option"
       },
+      {
+        "type": "select",
+        "label": "Type",
+        "key": "optionsType",
+        "placeholder": "Pick an options type",
+        "options": [
+          {
+            "label": "Select",
+            "value": "select"
+          },
+          {
+            "label": "Radio buttons",
+            "value": "radio"
+          }
+        ]
+      },
       {
         "type": "boolean",
         "label": "Disabled",
@@ -1835,6 +1885,30 @@
         "label": "Text",
         "key": "text"
       },
+      {
+        "type": "select",
+        "label": "Size",
+        "key": "size",
+        "options": [
+          {
+            "label": "Small",
+            "value": "S"
+          },
+          {
+            "label": "Medium",
+            "value": "M"
+          },
+          {
+            "label": "Large",
+            "value": "L"
+          },
+          {
+            "label": "Extra large",
+            "value": "XL"
+          }
+        ],
+        "defaultValue": "M"
+      },
       {
         "type": "boolean",
         "label": "Disabled",
@@ -1846,6 +1920,7 @@
   "longformfield": {
     "name": "Rich Text",
     "icon": "TextParagraph",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1875,6 +1950,7 @@
   "datetimefield": {
     "name": "Date Picker",
     "icon": "DateInput",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1909,6 +1985,7 @@
   "attachmentfield": {
     "name": "Attachment",
     "icon": "Attach",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1932,6 +2009,7 @@
   "relationshipfield": {
     "name": "Relationship Picker",
     "icon": "TaskList",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -2065,6 +2143,7 @@
   "daterangepicker": {
     "name": "Date Range",
     "icon": "Date",
+    "styles": ["size"],
     "hasChildren": false,
     "info": "Your data provider will be automatically filtered to the given date range.",
     "settings": [
diff --git a/packages/standard-components/package.json b/packages/standard-components/package.json
index 2950a9bedd..aefefe88dc 100644
--- a/packages/standard-components/package.json
+++ b/packages/standard-components/package.json
@@ -29,11 +29,13 @@
   "keywords": [
     "svelte"
   ],
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "license": "MIT",
   "gitHead": "d1836a898cab3f8ab80ee6d8f42be1a9eed7dcdc",
   "dependencies": {
-    "@budibase/bbui": "^0.9.82",
+    "@budibase/bbui": "^0.9.99-alpha.6",
+    "@spectrum-css/card": "^3.0.3",
+    "@spectrum-css/divider": "^1.0.3",
     "@spectrum-css/link": "^3.1.3",
     "@spectrum-css/page": "^3.0.1",
     "@spectrum-css/typography": "^3.0.2",
diff --git a/packages/standard-components/src/Divider.svelte b/packages/standard-components/src/Divider.svelte
new file mode 100644
index 0000000000..97ec9b620c
--- /dev/null
+++ b/packages/standard-components/src/Divider.svelte
@@ -0,0 +1,18 @@
+<script>
+  import { getContext } from "svelte"
+  import "@spectrum-css/divider/dist/index-vars.css"
+
+  const { styleable } = getContext("sdk")
+  const component = getContext("component")
+
+  export let size = "M"
+
+  export let vertical = false
+</script>
+
+<hr
+  use:styleable={$component.styles}
+  class="spectrum-Divider spectrum-Divider--{vertical
+    ? 'vertical'
+    : 'horizontal'} spectrum-Dialog-divider spectrum-Divider--size{size}"
+/>
diff --git a/packages/standard-components/src/Layout.svelte b/packages/standard-components/src/Layout.svelte
index 24c9709895..08e0f290fe 100644
--- a/packages/standard-components/src/Layout.svelte
+++ b/packages/standard-components/src/Layout.svelte
@@ -1,6 +1,7 @@
 <script>
   import { getContext } from "svelte"
   import { Heading, Icon } from "@budibase/bbui"
+  import { routeStore } from "../../client/src/store"
 
   const { styleable, linkable, builderStore } = getContext("sdk")
   const component = getContext("component")
@@ -26,6 +27,14 @@
     Small: "s",
   }
 
+  // Permanently go into peek mode if we ever get the peek flag
+  let isPeeking = false
+  $: {
+    if ($routeStore.queryParams?.peek) {
+      isPeeking = true
+    }
+  }
+
   $: validLinks = links?.filter(link => link.text && link.url) || []
   $: typeClass = navigationClasses[navigation] || "none"
   $: widthClass = widthClasses[width] || "l"
@@ -51,7 +60,7 @@
 
 <div class="layout layout--{typeClass}" use:styleable={$component.styles}>
   {#if typeClass !== "none"}
-    <div class="nav-wrapper" class:sticky>
+    <div class="nav-wrapper" class:sticky class:hidden={isPeeking}>
       <div class="nav nav--{typeClass} size--{widthClass}">
         <div class="nav-header">
           {#if validLinks?.length}
@@ -139,6 +148,9 @@
     border-bottom: 1px solid var(--spectrum-global-color-gray-300);
     box-shadow: 0 0 10px 0 rgba(0, 0, 0, 0.05);
   }
+  .nav-wrapper.hidden {
+    display: none;
+  }
   .layout--top .nav-wrapper.sticky {
     position: sticky;
     top: 0;
diff --git a/packages/standard-components/src/Link.svelte b/packages/standard-components/src/Link.svelte
index 7498311e46..be1c8fa8f0 100644
--- a/packages/standard-components/src/Link.svelte
+++ b/packages/standard-components/src/Link.svelte
@@ -14,7 +14,7 @@
   export let underline
   export let size
 
-  $: external = url && !url.startsWith("/")
+  $: external = url && typeof url === "string" && !url.startsWith("/")
   $: target = openInNewTab ? "_blank" : "_self"
   $: placeholder = $builderStore.inBuilder && !text
   $: componentText = $builderStore.inBuilder
diff --git a/packages/standard-components/src/forms/AttachmentField.svelte b/packages/standard-components/src/forms/AttachmentField.svelte
index fbc36faeca..0b454f9800 100644
--- a/packages/standard-components/src/forms/AttachmentField.svelte
+++ b/packages/standard-components/src/forms/AttachmentField.svelte
@@ -10,12 +10,12 @@
   let fieldState
   let fieldApi
 
-  const { API, notifications } = getContext("sdk")
+  const { API, notificationStore } = getContext("sdk")
   const formContext = getContext("form")
   const BYTES_IN_MB = 1000000
 
   const handleFileTooLarge = fileSizeLimit => {
-    notifications.warning(
+    notificationStore.actions.warning(
       `Files cannot exceed ${
         fileSizeLimit / BYTES_IN_MB
       } MB. Please try again with smaller files.`
diff --git a/packages/standard-components/src/forms/BooleanField.svelte b/packages/standard-components/src/forms/BooleanField.svelte
index 17a3c563bc..60d2ee72e2 100644
--- a/packages/standard-components/src/forms/BooleanField.svelte
+++ b/packages/standard-components/src/forms/BooleanField.svelte
@@ -6,7 +6,7 @@
   export let label
   export let text
   export let disabled = false
-
+  export let size
   let fieldState
   let fieldApi
 </script>
@@ -26,6 +26,7 @@
       disabled={$fieldState.disabled}
       error={$fieldState.error}
       id={$fieldState.fieldId}
+      {size}
       on:change={e => fieldApi.setValue(e.detail)}
       {text}
     />
diff --git a/packages/standard-components/src/forms/InnerForm.svelte b/packages/standard-components/src/forms/InnerForm.svelte
index 3a63b63bdc..f6fadfa5cb 100644
--- a/packages/standard-components/src/forms/InnerForm.svelte
+++ b/packages/standard-components/src/forms/InnerForm.svelte
@@ -64,6 +64,13 @@
       })
       return get(formState).valid
     },
+    clear: () => {
+      const fields = Object.keys(fieldMap)
+      fields.forEach(field => {
+        const { fieldApi } = fieldMap[field]
+        fieldApi.clearValue()
+      })
+    },
   }
 
   // Provide both form API and state to children
@@ -72,6 +79,7 @@
   // Action context to pass to children
   const actions = [
     { type: ActionTypes.ValidateForm, callback: formApi.validate },
+    { type: ActionTypes.ClearForm, callback: formApi.clear },
   ]
 
   // Creates an API for a specific field
@@ -108,8 +116,27 @@
 
       return !newError
     }
+
+    const clearValue = () => {
+      const { fieldState } = fieldMap[field]
+      const newValue = initialValues[field] ?? defaultValue
+      fieldState.update(state => {
+        state.value = newValue
+        state.error = null
+        return state
+      })
+
+      formState.update(state => {
+        state.values = { ...state.values, [field]: newValue }
+        delete state.errors[field]
+        state.valid = Object.keys(state.errors).length === 0
+        return state
+      })
+    }
+
     return {
       setValue,
+      clearValue,
       validate: () => {
         const { fieldState } = fieldMap[field]
         setValue(get(fieldState).value, true)
diff --git a/packages/standard-components/src/forms/OptionsField.svelte b/packages/standard-components/src/forms/OptionsField.svelte
index 3955839fd0..659326bb34 100644
--- a/packages/standard-components/src/forms/OptionsField.svelte
+++ b/packages/standard-components/src/forms/OptionsField.svelte
@@ -1,11 +1,12 @@
 <script>
-  import { CoreSelect } from "@budibase/bbui"
+  import { CoreSelect, RadioGroup } from "@budibase/bbui"
   import Field from "./Field.svelte"
 
   export let field
   export let label
   export let placeholder
   export let disabled = false
+  export let optionsType = "select"
 
   let fieldState
   let fieldApi
@@ -22,14 +23,25 @@
   bind:fieldSchema
 >
   {#if fieldState}
-    <CoreSelect
-      value={$fieldState.value}
-      id={$fieldState.fieldId}
-      disabled={$fieldState.disabled}
-      error={$fieldState.error}
-      options={fieldSchema?.constraints?.inclusion ?? []}
-      {placeholder}
-      on:change={e => fieldApi.setValue(e.detail)}
-    />
+    {#if optionsType === "select"}
+      <CoreSelect
+        value={$fieldState.value}
+        id={$fieldState.fieldId}
+        disabled={$fieldState.disabled}
+        error={$fieldState.error}
+        options={fieldSchema?.constraints?.inclusion ?? []}
+        {placeholder}
+        on:change={e => fieldApi.setValue(e.detail)}
+      />
+    {:else if optionsType === "radio"}
+      <RadioGroup
+        value={$fieldState.value}
+        id={$fieldState.fieldId}
+        disabled={$fieldState.disabled}
+        error={$fieldState.error}
+        options={fieldSchema?.constraints?.inclusion ?? []}
+        on:change={e => fieldApi.setValue(e.detail)}
+      />
+    {/if}
   {/if}
 </Field>
diff --git a/packages/standard-components/src/index.js b/packages/standard-components/src/index.js
index a137c8c3dc..ace3b907c6 100644
--- a/packages/standard-components/src/index.js
+++ b/packages/standard-components/src/index.js
@@ -17,6 +17,7 @@ export { default as Placeholder } from "./Placeholder.svelte"
 export { default as container } from "./Container.svelte"
 export { default as section } from "./Section.svelte"
 export { default as dataprovider } from "./DataProvider.svelte"
+export { default as divider } from "./Divider.svelte"
 export { default as screenslot } from "./ScreenSlot.svelte"
 export { default as button } from "./Button.svelte"
 export { default as repeater } from "./Repeater.svelte"
diff --git a/packages/standard-components/yarn.lock b/packages/standard-components/yarn.lock
index ee036d6a67..81963a00fa 100644
--- a/packages/standard-components/yarn.lock
+++ b/packages/standard-components/yarn.lock
@@ -2,6 +2,59 @@
 # yarn lockfile v1
 
 
+"@adobe/spectrum-css-workflow-icons@^1.2.1":
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/@adobe/spectrum-css-workflow-icons/-/spectrum-css-workflow-icons-1.2.1.tgz#7e2cb3fcfb5c8b12d7275afafbb6ec44913551b4"
+  integrity sha512-uVgekyBXnOVkxp+CUssjN/gefARtudZC8duEn1vm0lBQFwGRZFlDEzU1QC+aIRWCrD1Z8OgRpmBYlSZ7QS003w==
+
+"@budibase/bbui@^0.9.98":
+  version "0.9.98"
+  resolved "https://registry.yarnpkg.com/@budibase/bbui/-/bbui-0.9.98.tgz#8fe80cc573df204d1a4147ebda5c20322f4616df"
+  integrity sha512-T03xRq/Kz0/goMNfqsfXymvqhm9jHJQbzWx4oqPtgwIJlb/spx4kEgHS7MWuf3uyagAaFbW2x56Lauoiha8uLQ==
+  dependencies:
+    "@adobe/spectrum-css-workflow-icons" "^1.2.1"
+    "@spectrum-css/actionbutton" "^1.0.1"
+    "@spectrum-css/actiongroup" "^1.0.1"
+    "@spectrum-css/avatar" "^3.0.2"
+    "@spectrum-css/button" "^3.0.1"
+    "@spectrum-css/buttongroup" "^3.0.2"
+    "@spectrum-css/checkbox" "^3.0.2"
+    "@spectrum-css/dialog" "^3.0.1"
+    "@spectrum-css/divider" "^1.0.1"
+    "@spectrum-css/dropzone" "^3.0.2"
+    "@spectrum-css/fieldgroup" "^3.0.2"
+    "@spectrum-css/fieldlabel" "^3.0.1"
+    "@spectrum-css/icon" "^3.0.1"
+    "@spectrum-css/illustratedmessage" "^3.0.2"
+    "@spectrum-css/inputgroup" "^3.0.2"
+    "@spectrum-css/label" "^2.0.10"
+    "@spectrum-css/link" "^3.1.1"
+    "@spectrum-css/menu" "^3.0.1"
+    "@spectrum-css/modal" "^3.0.1"
+    "@spectrum-css/pagination" "^3.0.3"
+    "@spectrum-css/picker" "^1.0.1"
+    "@spectrum-css/popover" "^3.0.1"
+    "@spectrum-css/progressbar" "^1.0.2"
+    "@spectrum-css/progresscircle" "^1.0.2"
+    "@spectrum-css/radio" "^3.0.2"
+    "@spectrum-css/search" "^3.0.2"
+    "@spectrum-css/sidenav" "^3.0.2"
+    "@spectrum-css/statuslight" "^3.0.2"
+    "@spectrum-css/switch" "^1.0.2"
+    "@spectrum-css/table" "^3.0.1"
+    "@spectrum-css/tabs" "^3.0.1"
+    "@spectrum-css/tags" "^3.0.2"
+    "@spectrum-css/textfield" "^3.0.1"
+    "@spectrum-css/toast" "^3.0.1"
+    "@spectrum-css/tooltip" "^3.0.3"
+    "@spectrum-css/treeview" "^3.0.2"
+    "@spectrum-css/typography" "^3.0.1"
+    "@spectrum-css/underlay" "^2.0.9"
+    "@spectrum-css/vars" "^3.0.1"
+    dayjs "^1.10.4"
+    svelte-flatpickr "^3.1.0"
+    svelte-portal "^1.0.0"
+
 "@rollup/pluginutils@^4.1.0":
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/@rollup/pluginutils/-/pluginutils-4.1.0.tgz#0dcc61c780e39257554feb7f77207dceca13c838"
@@ -10,16 +63,103 @@
     estree-walker "^2.0.1"
     picomatch "^2.2.2"
 
+"@spectrum-css/actionbutton@^1.0.1":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/actionbutton/-/actionbutton-1.0.3.tgz#8f7342a69b303c5acdcfa0a59f5e9267b9f3cb30"
+  integrity sha512-P9qoCPSiZ1SB6ZYqK5hub0vGty00YYqonQE0KTjtb1i+T1nYR/87vWqVPERx9j63uhgZncjwFYaThTvRqye7eQ==
+
+"@spectrum-css/actiongroup@^1.0.1":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/actiongroup/-/actiongroup-1.0.3.tgz#4713ce65e6f5c72c404a7b638fbc3b4fd7e3874f"
+  integrity sha512-NlB9Q4ZlWixXxymoPIYG6g2hkwAGKFodHWPFfxHD8ddkjXWRB9G2akUP7cfsJ4DcYn4VisUORCOYQwqDiSmboQ==
+
+"@spectrum-css/avatar@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/avatar/-/avatar-3.0.2.tgz#4f1826223eae330e64b6d3cc899e9bc2e98dac95"
+  integrity sha512-wEczvSqxttTWSiL3cOvXV/RmGRwSkw2w6+slcHhnf0kb7ovymMM+9oz8vvEpEsSeo5u598bc+7ktrKFpAd6soQ==
+
+"@spectrum-css/button@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/button/-/button-3.0.3.tgz#2df1efaab6c7e0b3b06cb4b59e1eae59c7f1fc84"
+  integrity sha512-6CnLPqqtaU/PcSSIGeGRi0iFIIxIUByYLKFO6zn5NEUc12KQ28dJ4PLwB6WBa0L8vRoAGlnWWH2ZZweTijbXgg==
+
+"@spectrum-css/buttongroup@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/buttongroup/-/buttongroup-3.0.3.tgz#719d868845ac9d2c4f939c1b9f6044507902d5aa"
+  integrity sha512-eXl8U4QWMWXqyTu654FdQdEGnmczgOYlpIFSHyCMVjhtPqZp2xwnLFiGh6LKw+bLio6eeOZ0L+vpk1GcoYqgkw==
+
 "@spectrum-css/card@^3.0.3":
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/@spectrum-css/card/-/card-3.0.3.tgz#56b2e2da6b80c1583228baa279de7407383bfb6b"
   integrity sha512-+oKLUI2a0QmQP9EzySeq/G4FpUkkdaDNbuEbqCj2IkPMc/2v/nwzsPhh1fj2UIghGAiiUwXfPpzax1e8fyhQUg==
 
-"@spectrum-css/link@^3.1.3":
+"@spectrum-css/checkbox@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/checkbox/-/checkbox-3.0.3.tgz#8577067fc8b97e4609f92bd242364937a533a7bb"
+  integrity sha512-QVG9uMHq+lh70Dh6mDNnY+vEvNz2p7VC6xgLfDYfijp2qeiqYPq72fQK6p/SiyqPk96ZACzNRwgeROU6Xf6Wgg==
+
+"@spectrum-css/dialog@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/dialog/-/dialog-3.0.3.tgz#7715a4ea435e753afb623d99ca5917ed1bcd6f34"
+  integrity sha512-AhmKgfRIVyTe3ABiJ8lLUQL34VB/H6fN16na2LlbDRJvyRMzkdN1Xf2i6U3f4OMd3qQ8Gm5xat4BvMxIQPBAUQ==
+
+"@spectrum-css/divider@^1.0.1", "@spectrum-css/divider@^1.0.3":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/divider/-/divider-1.0.3.tgz#639e2ebaa0834efa40f42397668bbd5c153ea385"
+  integrity sha512-Zy4Rn40w8UtzMh3wx/U9+CepSCpm1aOCGftHgWDub0XZuVTzh0c1WwyzTuLCx2Hf21z5VRGNiDh8bGEEzSbtNA==
+  dependencies:
+    "@spectrum-css/vars" "^3.0.2"
+
+"@spectrum-css/dropzone@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/dropzone/-/dropzone-3.0.3.tgz#aee71697a2c195947599d7541b858c3c198741dc"
+  integrity sha512-ujrswdtB6bHigklyHsm6zomFd6rUnKJ3xVVRjroVF4+ouK4DxK5tX0iVd0EW6AOfOjx4Cc28uyFot3fpxp+MQw==
+
+"@spectrum-css/fieldgroup@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/fieldgroup/-/fieldgroup-3.0.3.tgz#85d85da048d08200f25ceab378026dd2b11e0bb2"
+  integrity sha512-wXUXTXN1CPnR7M4Ltd+3uh7BfcNGUV1+Xe0/h0tCpq/j+S2Sd4xo7/pUMdU19sIDrAAtpEFp1tt+nouHcU5HGQ==
+
+"@spectrum-css/fieldlabel@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/fieldlabel/-/fieldlabel-3.0.3.tgz#f73c04d20734d4718ffb620dc46458904685b449"
+  integrity sha512-nEvIkEXCD5n4fW67Unq6Iu7VXoauEd/JGpfTY02VsC5p4FJLnwKfPDbJUuUsqClAxqw7nAsmXVKtn4zQFf5yPQ==
+
+"@spectrum-css/icon@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/icon/-/icon-3.0.3.tgz#5c612822380927087aebd526855d82ed2c3e2cba"
+  integrity sha512-hyloKOejPCXhP3MBNsm3SjR9j8xT1R1S19p32KW/0Qhj+VMUtfyEPmevyFptpn7wcovQccdl/vZVIVDuML/imw==
+
+"@spectrum-css/illustratedmessage@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/illustratedmessage/-/illustratedmessage-3.0.2.tgz#6a480be98b027e050b086e7899e40d87adb0a8c0"
+  integrity sha512-dqnE8X27bGcO0HN8+dYx8O4o0dNNIAqeivOzDHhe2El+V4dTzMrNIerF6G0NLm3GjVf6XliwmitsZK+K6FmbtA==
+
+"@spectrum-css/inputgroup@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/inputgroup/-/inputgroup-3.0.3.tgz#00c9a370ddc2c55cf0f37dd6069faa9501fd7eb5"
+  integrity sha512-FqRJTiLL7jiGfzDVXWUGVLqHryJjCcqQIrqAi+Tq0oenapzsBe2qc/zIrKgh2wtMI+NTIBLXTECvij3L1HlqAg==
+
+"@spectrum-css/label@^2.0.10":
+  version "2.0.10"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/label/-/label-2.0.10.tgz#2368651d7636a19385b5d300cdf6272db1916001"
+  integrity sha512-xCbtEiQkZIlLdWFikuw7ifDCC21DOC/KMgVrrVJHXFc4KRQe9LTZSqmGF3tovm+CSq1adE59mYoTbojVQ9YuEQ==
+
+"@spectrum-css/link@^3.1.1", "@spectrum-css/link@^3.1.3":
   version "3.1.3"
   resolved "https://registry.yarnpkg.com/@spectrum-css/link/-/link-3.1.3.tgz#b0e560a7e0acdb4a2b329b6669696aa3438f5993"
   integrity sha512-8Pmy5d73MwKcATTPaj+fSrZYnIw7GmfX40AvpC1xx5LauOxsbUb4AVNp1kn2H8rrOBmxF7czyhoBBhEiv66QUg==
 
+"@spectrum-css/menu@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/menu/-/menu-3.0.3.tgz#46a9b221bb5f470a2f8a934bdfd512d84d2fdc4d"
+  integrity sha512-qKA9J/MrikNKIpCEHsAazG2vY3im5tjGCmo6p9Pdnu8/aQMsiuZDHZayukeCttJUZkrb9guDVL9OIHlK5RZvcQ==
+
+"@spectrum-css/modal@^3.0.1":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/modal/-/modal-3.0.2.tgz#58b6621cab65f90788d310374f40df1f7090473f"
+  integrity sha512-YnIivJhoaao7Otu+HV7sgebPyFbO6sd/oMvTN/Rb2wwgnaMnIIuIRdGandSrcgotN2uNgs+P0knG6mv/xA1/dg==
+
 "@spectrum-css/page@^3.0.1":
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/page/-/page-3.0.2.tgz#8f0c03d25f5565fb13115541a8fcaf0e1d3a8ee0"
@@ -27,11 +167,101 @@
   dependencies:
     "@spectrum-css/vars" "^3.0.2"
 
-"@spectrum-css/typography@^3.0.2":
+"@spectrum-css/pagination@^3.0.3":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/pagination/-/pagination-3.0.3.tgz#b204c3ada384c4af751a354bc428346d82eeea65"
+  integrity sha512-OJ/v9GeNXJOZ9Yr9LDBYPrR2NCiLOWP9wANT/a5sqFuugRnQbn/HYMnRp9TBxwpDY6ihaPo0T/wi7kLiAJFdDw==
+
+"@spectrum-css/picker@^1.0.1":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/picker/-/picker-1.0.3.tgz#21379bcf8ae94277deeb6ad65dcd9e2bbfacb487"
+  integrity sha512-oHLGxBx5BwVCSGo7/T1C9PTHX1+/5AmVjyLiTJ4UoIdSJmOERw9YcRZbcGZgBJNWbxcjr4TyGtwj1EcSjEy97w==
+
+"@spectrum-css/popover@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/popover/-/popover-3.0.3.tgz#6fb69873474fb968afb738eacb9e121f93e83a09"
+  integrity sha512-KvmXv4TV19FBx39KfmgVlDYtvtBqv/8RRK7RRLDDHGViTxZtShjVsVpwIgfkfgn4iJztCnXpWzFqRXWUu2XCpQ==
+
+"@spectrum-css/progressbar@^1.0.2":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/progressbar/-/progressbar-1.0.3.tgz#f70bcc38a2a21cff2f422ec825724ebbb9455e67"
+  integrity sha512-vJHplefUuy8+NjCw1X7fLbqHVGNVBpvGFXNAeaIj4SFf4ygxiUq/5c9iRhhsCQixEsJlfD/b7BnGXU7BUDkr6Q==
+
+"@spectrum-css/progresscircle@^1.0.2":
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/progresscircle/-/progresscircle-1.0.2.tgz#258ea9170fb70f795edda03e38a61d93bef4487c"
+  integrity sha512-JLULpyzjIY95lzlWR1yE1gv4l1K6p+scQ+edmuZZUHBzwM3pUtkvHJmUlA9TYdResUYW6Uka60VRdY6lZ8gnFQ==
+
+"@spectrum-css/radio@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/radio/-/radio-3.0.3.tgz#25c3bc5e9c30a8a8ae728717b7c7fb736cdae640"
+  integrity sha512-LaLGfz/eGNR2iyqouXYILIA+pKRqF769iPdwM0REm5RpWvMQDD7rPZ/kWlg18owjaFsyllEp25gEjmhRJIIVOw==
+
+"@spectrum-css/search@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/search/-/search-3.0.3.tgz#3415dc106aca0d5dd996e87084a1b47c2b95a882"
+  integrity sha512-kdLpKTt0obljuhS1q1tukujRlvSs8sBwij76D4Qp8KpMzwePfZyvv1kYzuWPNZfTeISxWsmyZ6Wxd1uvzjn+UA==
+
+"@spectrum-css/sidenav@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/sidenav/-/sidenav-3.0.3.tgz#132141fbd2500a927c312fa4e1d712c438b3d597"
+  integrity sha512-cQ+CgwjxGftrcc79i1XnGd66QTl7H7zopSU0UTV4Qq7hvqfrjjWxfZ6b+3tezrrhNlDope1ff9o8sm67PsPXtg==
+
+"@spectrum-css/statuslight@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/statuslight/-/statuslight-3.0.2.tgz#dc54b6cd113413dcdb909c486b5d7bae60db65c5"
+  integrity sha512-xodB8g8vGJH20XmUj9ZsPlM1jHrGeRbvmVXkz0q7YvQrYAhim8pP3W+XKKZAletPFAuu8cmUOc6SWn6i4X4z6w==
+
+"@spectrum-css/switch@^1.0.2":
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/switch/-/switch-1.0.2.tgz#f0b4c69271964573e02b08e90998096e49e1de44"
+  integrity sha512-zqmHpgWPNg1gEwdUNFYV3CBX5JaeALfIqcJIxE0FLZqr9d1C4+oLE0ItIFzt1bwr4bFAOmkEpvtiY+amluzGxQ==
+
+"@spectrum-css/table@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/table/-/table-3.0.3.tgz#7f7f19905ef3275cbf907ce3a5818e63c30b2caf"
+  integrity sha512-nxwzVjLPsXoY/v4sdxOVYLcC+cEbGgJyLcLclT5LT9MGSbngFeUMJzzVR4EvehzuN4dH7hrATG7Mbuq29Mf0Hg==
+
+"@spectrum-css/tabs@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/tabs/-/tabs-3.0.3.tgz#51dd6f168c897b0fdc3a7e9f901df7bd2288b4fc"
+  integrity sha512-iLP1I72bJWz9APdQB1jiw+pOv5a7N+hYOCJvRoc56Us/hJKVzowkyGRe3uH+8v36nCG9bHxiAQNLoU8eXisVrg==
+
+"@spectrum-css/tags@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/tags/-/tags-3.0.3.tgz#fc76d2735cdc442de91b7eb3bee49a928c0767ac"
+  integrity sha512-SL8vPxVDfWcY5VdIuyl0TImEXcOU1I7yCyXkk7MudMwfnYs81FaIyY32hFV9OHj0Tz/36UzRzc7AVMSuRQ53pw==
+
+"@spectrum-css/textfield@^3.0.1":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/textfield/-/textfield-3.0.2.tgz#907f62d2dc82852dd6236a820be99e252b531631"
+  integrity sha512-nkFgAb0cP4jUodkUBErMNfyF78jJLtgL1Mrr9/rvGpGobo10IAbb8zZY4CkZ64o8XmMy/85+wZTKcx+KHatqpg==
+
+"@spectrum-css/toast@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/toast/-/toast-3.0.3.tgz#97c1527384707600832ecda35643ed304615250f"
+  integrity sha512-CjLeaMs+cjUXojCCRtbj0YkD2BoZW16kjj2o5omkEpUTjA34IJ8xJ1a+CCtDILWekhXvN0MBN4sbumcnwcnx8w==
+
+"@spectrum-css/tooltip@^3.0.3":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/tooltip/-/tooltip-3.0.3.tgz#26b8ca3b3d30e29630244d85eb4fc11d0c841281"
+  integrity sha512-ztRF7WW1FzyNavXBRc+80z67UoOrY9wl3cMYsVD3MpDnyxdzP8cjza1pCcolKBaFqRTcQKkxKw3GWtGICRKR5A==
+
+"@spectrum-css/treeview@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/treeview/-/treeview-3.0.3.tgz#aeda5175158b9f8d7529cb2b394428eb2a428046"
+  integrity sha512-D5gGzZC/KtRArdx86Mesc9+99W9nTbUOeyYGqoJoAfJSOttoT6Tk5CrDvlCmAqjKf5rajemAkGri1ChqvUIwkw==
+
+"@spectrum-css/typography@^3.0.1", "@spectrum-css/typography@^3.0.2":
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/typography/-/typography-3.0.2.tgz#ea3ca0a60e18064527819d48c8c4364cab4fcd38"
   integrity sha512-5ZOLmQe0edzsDMyhghUd4hBb5uxGsFrxzf+WasfcUw9klSfTsRZ09n1BsaaWbgrLjlMQ+EEHS46v5VNo0Ms2CA==
 
+"@spectrum-css/underlay@^2.0.9":
+  version "2.0.10"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/underlay/-/underlay-2.0.10.tgz#8b75b646605a311850f6620caa18d4996cd64ed7"
+  integrity sha512-PmsmkzeGD/rY4pp3ILXHt9w8BW7uaEqXe08hQRS7rGki7wqCpG4mE0/8N3yEcA3QxWQclmG9gdkg5uz6wMmYzA==
+
 "@spectrum-css/vars@^3.0.1", "@spectrum-css/vars@^3.0.2":
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/vars/-/vars-3.0.2.tgz#ea9062c3c98dfc6ba59e5df14a03025ad8969999"
@@ -95,6 +325,11 @@ colorette@^1.2.2:
   resolved "https://registry.yarnpkg.com/colorette/-/colorette-1.2.2.tgz#cbcc79d5e99caea2dbf10eb3a26fd8b3e6acfa94"
   integrity sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==
 
+dayjs@^1.10.4:
+  version "1.10.6"
+  resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.10.6.tgz#288b2aa82f2d8418a6c9d4df5898c0737ad02a63"
+  integrity sha512-AztC/IOW4L1Q41A86phW5Thhcrco3xuAA+YX/BLpLWWjRcTj5TOt/QImBLmCKlrF7u7k47arTnOyL6GnbG8Hvw==
+
 dayjs@^1.10.5:
   version "1.10.5"
   resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.10.5.tgz#5600df4548fc2453b3f163ebb2abbe965ccfb986"
@@ -246,6 +481,11 @@ svelte-hmr@^0.14.2:
   resolved "https://registry.yarnpkg.com/svelte-hmr/-/svelte-hmr-0.14.4.tgz#b7ef2bfeef23916e0e912828c50645ca572ac355"
   integrity sha512-kItFF7vqzStckSigoFmMnxJpTOdB9TWnQAW6Js+yAB4277tLbJIIE5KBlGHNmJNpA7MguqidsPB27Uw5UzQPCA==
 
+svelte-portal@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/svelte-portal/-/svelte-portal-1.0.0.tgz#36a47c5578b1a4d9b4dc60fa32a904640ec4cdd3"
+  integrity sha512-nHf+DS/jZ6jjnZSleBMSaZua9JlG5rZv9lOGKgJuaZStfevtjIlUJrkLc3vbV8QdBvPPVmvcjTlazAzfKu0v3Q==
+
 svelte@^3.38.2:
   version "3.38.2"
   resolved "https://registry.yarnpkg.com/svelte/-/svelte-3.38.2.tgz#55e5c681f793ae349b5cc2fe58e5782af4275ef5"
diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json
index d63e8c8282..3f901a6af3 100644
--- a/packages/string-templates/package.json
+++ b/packages/string-templates/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/string-templates",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "description": "Handlebars wrapper for Budibase templating.",
   "main": "src/index.cjs",
   "module": "dist/bundle.mjs",
diff --git a/packages/worker/.gitignore b/packages/worker/.gitignore
index 713d5006da..0467f6a505 100644
--- a/packages/worker/.gitignore
+++ b/packages/worker/.gitignore
@@ -1,2 +1,3 @@
 node_modules/
 .env
+watchtower-hook.json
\ No newline at end of file
diff --git a/packages/worker/Dockerfile b/packages/worker/Dockerfile
index 76b35dfdd0..517e24678f 100644
--- a/packages/worker/Dockerfile
+++ b/packages/worker/Dockerfile
@@ -1,5 +1,10 @@
 FROM node:12-alpine
 
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-check="scripts/watchtower-hooks/pre-check.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-update="scripts/watchtower-hooks/pre-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-update="scripts/watchtower-hooks/post-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-check="scripts/watchtower-hooks/post-check.sh"
+
 WORKDIR /app
 
 # copy files and install dependencies
diff --git a/packages/worker/package.json b/packages/worker/package.json
index 9b6eb7bab9..3527858b0f 100644
--- a/packages/worker/package.json
+++ b/packages/worker/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@budibase/worker",
   "email": "hi@budibase.com",
-  "version": "0.9.82",
+  "version": "0.9.99-alpha.6",
   "description": "Budibase background service",
   "main": "src/index.js",
   "repository": {
@@ -16,13 +16,15 @@
     "build:docker": "docker build . -t worker-service",
     "dev:stack:init": "node ./scripts/dev/manage.js init",
     "dev:builder": "npm run dev:stack:init && nodemon src/index.js",
-    "test": "jest --runInBand"
+    "test": "jest --runInBand",
+    "multi:enable": "node scripts/multiTenancy.js enable",
+    "multi:disable": "node scripts/multiTenancy.js disable"
   },
   "author": "Budibase",
   "license": "AGPL-3.0-or-later",
   "dependencies": {
-    "@budibase/auth": "^0.9.82",
-    "@budibase/string-templates": "^0.9.82",
+    "@budibase/auth": "^0.9.99-alpha.6",
+    "@budibase/string-templates": "^0.9.99-alpha.6",
     "@koa/router": "^8.0.0",
     "@techpass/passport-openidconnect": "^0.3.0",
     "aws-sdk": "^2.811.0",
@@ -52,7 +54,8 @@
     "jest": "^26.6.3",
     "nodemon": "^2.0.7",
     "pouchdb-adapter-memory": "^7.2.2",
-    "supertest": "^6.1.3"
+    "supertest": "^6.1.3",
+    "update-dotenv": "^1.1.1"
   },
   "jest": {
     "testEnvironment": "node",
diff --git a/packages/worker/scripts/dev/manage.js b/packages/worker/scripts/dev/manage.js
index b9d28b6278..281c677ed7 100644
--- a/packages/worker/scripts/dev/manage.js
+++ b/packages/worker/scripts/dev/manage.js
@@ -4,26 +4,28 @@ const fs = require("fs")
 
 async function init() {
   const envFilePath = path.join(process.cwd(), ".env")
-  const envFileJson = {
-    SELF_HOSTED: 1,
-    PORT: 4002,
-    CLUSTER_PORT: 10000,
-    JWT_SECRET: "testsecret",
-    INTERNAL_API_KEY: "budibase",
-    MINIO_ACCESS_KEY: "budibase",
-    MINIO_SECRET_KEY: "budibase",
-    COUCH_DB_USER: "budibase",
-    COUCH_DB_PASSWORD: "budibase",
-    REDIS_URL: "localhost:6379",
-    REDIS_PASSWORD: "budibase",
-    MINIO_URL: "http://localhost:10000/",
-    COUCH_DB_URL: "http://budibase:budibase@localhost:10000/db/",
+  if (!fs.existsSync(envFilePath)) {
+    const envFileJson = {
+      SELF_HOSTED: 1,
+      PORT: 4002,
+      CLUSTER_PORT: 10000,
+      JWT_SECRET: "testsecret",
+      INTERNAL_API_KEY: "budibase",
+      MINIO_ACCESS_KEY: "budibase",
+      MINIO_SECRET_KEY: "budibase",
+      REDIS_URL: "localhost:6379",
+      REDIS_PASSWORD: "budibase",
+      MINIO_URL: "http://localhost:10000/",
+      COUCH_DB_URL: "http://budibase:budibase@localhost:10000/db/",
+      // empty string is false
+      MULTI_TENANCY: "",
+    }
+    let envFile = ""
+    Object.keys(envFileJson).forEach(key => {
+      envFile += `${key}=${envFileJson[key]}\n`
+    })
+    fs.writeFileSync(envFilePath, envFile)
   }
-  let envFile = ""
-  Object.keys(envFileJson).forEach(key => {
-    envFile += `${key}=${envFileJson[key]}\n`
-  })
-  fs.writeFileSync(envFilePath, envFile)
 }
 
 // if more than init required use this to determine the command type
diff --git a/packages/worker/scripts/jestSetup.js b/packages/worker/scripts/jestSetup.js
index 07648f693f..374edfb946 100644
--- a/packages/worker/scripts/jestSetup.js
+++ b/packages/worker/scripts/jestSetup.js
@@ -3,3 +3,4 @@ const env = require("../src/environment")
 env._set("NODE_ENV", "jest")
 env._set("JWT_SECRET", "test-jwtsecret")
 env._set("LOG_LEVEL", "silent")
+env._set("MULTI_TENANCY", true)
diff --git a/packages/worker/scripts/multiTenancy.js b/packages/worker/scripts/multiTenancy.js
new file mode 100644
index 0000000000..3921a78979
--- /dev/null
+++ b/packages/worker/scripts/multiTenancy.js
@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+const updateDotEnv = require("update-dotenv")
+
+const arg = process.argv.slice(2)[0]
+
+updateDotEnv({
+  MULTI_TENANCY: arg === "enable" ? "1" : "",
+}).then(() => console.log("Updated worker!"))
diff --git a/packages/worker/scripts/watchtower-hooks/post-check.sh b/packages/worker/scripts/watchtower-hooks/post-check.sh
new file mode 100755
index 0000000000..df95917d98
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/post-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/scripts/watchtower-hooks/post-update.sh b/packages/worker/scripts/watchtower-hooks/post-update.sh
new file mode 100755
index 0000000000..fe57719781
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/post-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/scripts/watchtower-hooks/pre-check.sh b/packages/worker/scripts/watchtower-hooks/pre-check.sh
new file mode 100755
index 0000000000..ffaa41ad5f
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/pre-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/scripts/watchtower-hooks/pre-update.sh b/packages/worker/scripts/watchtower-hooks/pre-update.sh
new file mode 100755
index 0000000000..4584d96fc9
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/pre-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/src/api/controllers/app.js b/packages/worker/src/api/controllers/app.js
index ff9692a5ec..a7b6c5032c 100644
--- a/packages/worker/src/api/controllers/app.js
+++ b/packages/worker/src/api/controllers/app.js
@@ -1,18 +1,12 @@
-const { DocumentTypes } = require("@budibase/auth").db
+const { getAllApps } = require("@budibase/auth/db")
 const CouchDB = require("../../db")
 
-const APP_PREFIX = "app_"
 const URL_REGEX_SLASH = /\/|\\/g
 
 exports.getApps = async ctx => {
-  // allDbs call of CouchDB is very inaccurate in production
-  const allDbs = await CouchDB.allDbs()
-  const appDbNames = allDbs.filter(dbName => dbName.startsWith(APP_PREFIX))
-  const appPromises = appDbNames.map(db =>
-    new CouchDB(db).get(DocumentTypes.APP_METADATA)
-  )
+  const tenantId = ctx.user.tenantId
+  const apps = await getAllApps(CouchDB, { tenantId })
 
-  const apps = await Promise.allSettled(appPromises)
   const body = {}
   for (let app of apps) {
     if (app.status !== "fulfilled") {
diff --git a/packages/worker/src/api/controllers/admin/auth.js b/packages/worker/src/api/controllers/global/auth.js
similarity index 80%
rename from packages/worker/src/api/controllers/admin/auth.js
rename to packages/worker/src/api/controllers/global/auth.js
index 3cdfc1b774..2ae0bbafea 100644
--- a/packages/worker/src/api/controllers/admin/auth.js
+++ b/packages/worker/src/api/controllers/global/auth.js
@@ -2,15 +2,31 @@ const authPkg = require("@budibase/auth")
 const { google } = require("@budibase/auth/src/middleware")
 const { oidc } = require("@budibase/auth/src/middleware")
 const { Configs, EmailTemplatePurpose } = require("../../../constants")
-const CouchDB = require("../../../db")
 const { sendEmail, isEmailConfigured } = require("../../../utilities/email")
 const { setCookie, getCookie, clearCookie, getGlobalUserByEmail, hash } =
   authPkg.utils
 const { Cookies } = authPkg.constants
 const { passport } = authPkg.auth
 const { checkResetPasswordCode } = require("../../../utilities/redis")
+const {
+  getGlobalDB,
+  getTenantId,
+  isMultiTenant,
+} = require("@budibase/auth/tenancy")
+const env = require("../../../environment")
 
-const GLOBAL_DB = authPkg.StaticDatabases.GLOBAL.name
+function googleCallbackUrl(config) {
+  // incase there is a callback URL from before
+  if (config && config.callbackURL) {
+    return config.callbackURL
+  }
+  let callbackUrl = `/api/global/auth`
+  if (isMultiTenant()) {
+    callbackUrl += `/${getTenantId()}`
+  }
+  callbackUrl += `/google/callback`
+  return callbackUrl
+}
 
 async function authInternal(ctx, user, err = null, info = null) {
   if (err) {
@@ -66,6 +82,7 @@ exports.reset = async ctx => {
       })
     }
   } catch (err) {
+    console.log(err)
     // don't throw any kind of error to the user, this might give away something
   }
   ctx.body = {
@@ -80,7 +97,7 @@ exports.resetUpdate = async ctx => {
   const { resetCode, password } = ctx.request.body
   try {
     const userId = await checkResetPasswordCode(resetCode)
-    const db = new CouchDB(GLOBAL_DB)
+    const db = getGlobalDB()
     const user = await db.get(userId)
     user.password = await hash(password)
     await db.put(user)
@@ -102,12 +119,14 @@ exports.logout = async ctx => {
  * On a successful login, you will be redirected to the googleAuth callback route.
  */
 exports.googlePreAuth = async (ctx, next) => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
+
   const config = await authPkg.db.getScopedConfig(db, {
     type: Configs.GOOGLE,
-    group: ctx.query.group,
+    workspace: ctx.query.workspace,
   })
-  const strategy = await google.strategyFactory(config)
+  let callbackUrl = googleCallbackUrl(config)
+  const strategy = await google.strategyFactory(config, callbackUrl)
 
   return passport.authenticate(strategy, {
     scope: ["profile", "email"],
@@ -115,13 +134,14 @@ exports.googlePreAuth = async (ctx, next) => {
 }
 
 exports.googleAuth = async (ctx, next) => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
   const config = await authPkg.db.getScopedConfig(db, {
     type: Configs.GOOGLE,
-    group: ctx.query.group,
+    workspace: ctx.query.workspace,
   })
-  const strategy = await google.strategyFactory(config)
+  const callbackUrl = googleCallbackUrl(config)
+  const strategy = await google.strategyFactory(config, callbackUrl)
 
   return passport.authenticate(
     strategy,
@@ -135,8 +155,7 @@ exports.googleAuth = async (ctx, next) => {
 }
 
 async function oidcStrategyFactory(ctx, configId) {
-  const db = new CouchDB(GLOBAL_DB)
-
+  const db = getGlobalDB()
   const config = await authPkg.db.getScopedConfig(db, {
     type: Configs.OIDC,
     group: ctx.query.group,
@@ -144,9 +163,12 @@ async function oidcStrategyFactory(ctx, configId) {
 
   const chosenConfig = config.configs.filter(c => c.uuid === configId)[0]
 
-  // require https callback in production
-  const protocol = process.env.NODE_ENV === "production" ? "https" : "http"
-  const callbackUrl = `${protocol}://${ctx.host}/api/admin/auth/oidc/callback`
+  const protocol = env.NODE_ENV === "production" ? "https" : "http"
+  let callbackUrl = `${protocol}://${ctx.host}/api/global/auth`
+  if (isMultiTenant()) {
+    callbackUrl += `/${getTenantId()}`
+  }
+  callbackUrl += `/oidc/callback`
 
   return oidc.strategyFactory(chosenConfig, callbackUrl)
 }
diff --git a/packages/worker/src/api/controllers/admin/configs.js b/packages/worker/src/api/controllers/global/configs.js
similarity index 74%
rename from packages/worker/src/api/controllers/admin/configs.js
rename to packages/worker/src/api/controllers/global/configs.js
index 78caa817b2..8b4807b684 100644
--- a/packages/worker/src/api/controllers/admin/configs.js
+++ b/packages/worker/src/api/controllers/global/configs.js
@@ -1,28 +1,25 @@
-const CouchDB = require("../../../db")
 const {
   generateConfigID,
-  StaticDatabases,
   getConfigParams,
   getGlobalUserParams,
   getScopedFullConfig,
-} = require("@budibase/auth").db
+  getAllApps,
+} = require("@budibase/auth/db")
 const { Configs } = require("../../../constants")
 const email = require("../../../utilities/email")
 const { upload, ObjectStoreBuckets } = require("@budibase/auth").objectStore
-
-const APP_PREFIX = "app_"
-
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const CouchDB = require("../../../db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.save = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
-  const { type, group, user, config } = ctx.request.body
+  const db = getGlobalDB()
+  const { type, workspace, user, config } = ctx.request.body
 
   // Config does not exist yet
   if (!ctx.request.body._id) {
     ctx.request.body._id = generateConfigID({
       type,
-      group,
+      workspace,
       user,
     })
   }
@@ -51,7 +48,7 @@ exports.save = async function (ctx) {
 }
 
 exports.fetch = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const response = await db.allDocs(
     getConfigParams(
       { type: ctx.params.type },
@@ -65,17 +62,19 @@ exports.fetch = async function (ctx) {
 
 /**
  * Gets the most granular config for a particular configuration type.
- * The hierarchy is type -> group -> user.
+ * The hierarchy is type -> workspace -> user.
  */
 exports.find = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
-  const { userId, groupId } = ctx.query
-  if (groupId && userId) {
-    const group = await db.get(groupId)
-    const userInGroup = group.users.some(groupUser => groupUser === userId)
-    if (!ctx.user.admin && !userInGroup) {
-      ctx.throw(400, `User is not in specified group: ${group}.`)
+  const { userId, workspaceId } = ctx.query
+  if (workspaceId && userId) {
+    const workspace = await db.get(workspaceId)
+    const userInWorkspace = workspace.users.some(
+      workspaceUser => workspaceUser === userId
+    )
+    if (!ctx.user.admin && !userInWorkspace) {
+      ctx.throw(400, `User is not in specified workspace: ${workspace}.`)
     }
   }
 
@@ -84,7 +83,7 @@ exports.find = async function (ctx) {
     const scopedConfig = await getScopedFullConfig(db, {
       type: ctx.params.type,
       user: userId,
-      group: groupId,
+      workspace: workspaceId,
     })
 
     if (scopedConfig) {
@@ -99,7 +98,7 @@ exports.find = async function (ctx) {
 }
 
 exports.publicOidc = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   try {
     // Find the config with the most granular scope based on context
     const oidcConfig = await getScopedFullConfig(db, {
@@ -109,14 +108,11 @@ exports.publicOidc = async function (ctx) {
     if (!oidcConfig) {
       ctx.body = {}
     } else {
-      const partialOidcCofig = oidcConfig.config.configs.map(config => {
-        return {
-          logo: config.logo,
-          name: config.name,
-          uuid: config.uuid,
-        }
-      })
-      ctx.body = partialOidcCofig
+      ctx.body = oidcConfig.config.configs.map(config => ({
+        logo: config.logo,
+        name: config.name,
+        uuid: config.uuid,
+      }))
     }
   } catch (err) {
     ctx.throw(err.status, err)
@@ -124,7 +120,7 @@ exports.publicOidc = async function (ctx) {
 }
 
 exports.publicSettings = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
   try {
     // Find the config with the most granular scope based on context
@@ -140,7 +136,7 @@ exports.publicSettings = async function (ctx) {
       type: Configs.OIDC,
     })
 
-    let config = {}
+    let config
     if (!publicConfig) {
       config = {
         config: {},
@@ -151,18 +147,16 @@ exports.publicSettings = async function (ctx) {
 
     // google button flag
     if (googleConfig && googleConfig.config) {
-      const googleActivated =
-        googleConfig.config.activated == undefined || // activated by default for configs pre-activated flag
-        googleConfig.config.activated
-      config.config.google = googleActivated
+      // activated by default for configs pre-activated flag
+      config.config.google =
+        googleConfig.config.activated == null || googleConfig.config.activated
     } else {
       config.config.google = false
     }
 
     // oidc button flag
     if (oidcConfig && oidcConfig.config) {
-      const oidcActivated = oidcConfig.config.configs[0].activated
-      config.config.oidc = oidcActivated
+      config.config.oidc = oidcConfig.config.configs[0].activated
     } else {
       config.config.oidc = false
     }
@@ -191,7 +185,7 @@ exports.upload = async function (ctx) {
 
   // add to configuration structure
   // TODO: right now this only does a global level
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   let cfgStructure = await getScopedFullConfig(db, { type })
   if (!cfgStructure) {
     cfgStructure = {
@@ -211,7 +205,7 @@ exports.upload = async function (ctx) {
 }
 
 exports.destroy = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const { id, rev } = ctx.params
 
   try {
@@ -223,14 +217,13 @@ exports.destroy = async function (ctx) {
 }
 
 exports.configChecklist = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
   try {
     // TODO: Watch get started video
 
     // Apps exist
-    let allDbs = await CouchDB.allDbs()
-    const appDbNames = allDbs.filter(dbName => dbName.startsWith(APP_PREFIX))
+    const apps = await getAllApps(CouchDB)
 
     // They have set up SMTP
     const smtpConfig = await getScopedFullConfig(db, {
@@ -246,7 +239,7 @@ exports.configChecklist = async function (ctx) {
     const oidcConfig = await getScopedFullConfig(db, {
       type: Configs.OIDC,
     })
-    // They have set up an admin user
+    // They have set up an global user
     const users = await db.allDocs(
       getGlobalUserParams(null, {
         include_docs: true,
@@ -255,7 +248,7 @@ exports.configChecklist = async function (ctx) {
     const adminUser = users.rows.some(row => row.doc.admin)
 
     ctx.body = {
-      apps: appDbNames.length,
+      apps: apps.length,
       smtp: !!smtpConfig,
       adminUser,
       sso: !!googleConfig || !!oidcConfig,
diff --git a/packages/worker/src/api/controllers/admin/email.js b/packages/worker/src/api/controllers/global/email.js
similarity index 58%
rename from packages/worker/src/api/controllers/admin/email.js
rename to packages/worker/src/api/controllers/global/email.js
index 6e16fd060c..57b78a6d7a 100644
--- a/packages/worker/src/api/controllers/admin/email.js
+++ b/packages/worker/src/api/controllers/global/email.js
@@ -1,19 +1,16 @@
 const { sendEmail } = require("../../../utilities/email")
-const CouchDB = require("../../../db")
-const authPkg = require("@budibase/auth")
-
-const GLOBAL_DB = authPkg.StaticDatabases.GLOBAL.name
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.sendEmail = async ctx => {
-  const { groupId, email, userId, purpose, contents, from, subject } =
+  let { workspaceId, email, userId, purpose, contents, from, subject } =
     ctx.request.body
   let user
   if (userId) {
-    const db = new CouchDB(GLOBAL_DB)
+    const db = getGlobalDB()
     user = await db.get(userId)
   }
   const response = await sendEmail(email, purpose, {
-    groupId,
+    workspaceId,
     user,
     contents,
     from,
diff --git a/packages/worker/src/api/controllers/admin/roles.js b/packages/worker/src/api/controllers/global/roles.js
similarity index 90%
rename from packages/worker/src/api/controllers/admin/roles.js
rename to packages/worker/src/api/controllers/global/roles.js
index 3cd99f8c4f..1aae07241e 100644
--- a/packages/worker/src/api/controllers/admin/roles.js
+++ b/packages/worker/src/api/controllers/global/roles.js
@@ -7,8 +7,9 @@ const {
 const CouchDB = require("../../../db")
 
 exports.fetch = async ctx => {
+  const tenantId = ctx.user.tenantId
   // always use the dev apps as they'll be most up to date (true)
-  const apps = await getAllApps({ CouchDB, all: true })
+  const apps = await getAllApps(CouchDB, { tenantId, all: true })
   const promises = []
   for (let app of apps) {
     // use dev app IDs
diff --git a/packages/worker/src/api/controllers/admin/sessions.js b/packages/worker/src/api/controllers/global/sessions.js
similarity index 100%
rename from packages/worker/src/api/controllers/admin/sessions.js
rename to packages/worker/src/api/controllers/global/sessions.js
diff --git a/packages/worker/src/api/controllers/admin/templates.js b/packages/worker/src/api/controllers/global/templates.js
similarity index 86%
rename from packages/worker/src/api/controllers/admin/templates.js
rename to packages/worker/src/api/controllers/global/templates.js
index ab9c52cb5a..0dc2b8abab 100644
--- a/packages/worker/src/api/controllers/admin/templates.js
+++ b/packages/worker/src/api/controllers/global/templates.js
@@ -1,16 +1,14 @@
-const { generateTemplateID, StaticDatabases } = require("@budibase/auth").db
-const CouchDB = require("../../../db")
+const { generateTemplateID } = require("@budibase/auth/db")
 const {
   TemplateMetadata,
   TemplateBindings,
   GLOBAL_OWNER,
 } = require("../../../constants")
 const { getTemplates } = require("../../../constants/templates")
-
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.save = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   let template = ctx.request.body
   if (!template.ownerId) {
     template.ownerId = GLOBAL_OWNER
@@ -70,7 +68,7 @@ exports.find = async ctx => {
 }
 
 exports.destroy = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   await db.remove(ctx.params.id, ctx.params.rev)
   ctx.message = `Template ${ctx.params.id} deleted.`
   ctx.status = 200
diff --git a/packages/worker/src/api/controllers/admin/users.js b/packages/worker/src/api/controllers/global/users.js
similarity index 64%
rename from packages/worker/src/api/controllers/admin/users.js
rename to packages/worker/src/api/controllers/global/users.js
index f524379266..24b00fe3a6 100644
--- a/packages/worker/src/api/controllers/admin/users.js
+++ b/packages/worker/src/api/controllers/global/users.js
@@ -1,17 +1,30 @@
-const CouchDB = require("../../../db")
-const { generateGlobalUserID, getGlobalUserParams, StaticDatabases } =
-  require("@budibase/auth").db
+const {
+  generateGlobalUserID,
+  getGlobalUserParams,
+
+  StaticDatabases,
+} = require("@budibase/auth/db")
 const { hash, getGlobalUserByEmail } = require("@budibase/auth").utils
 const { UserStatus, EmailTemplatePurpose } = require("../../../constants")
+const { DEFAULT_TENANT_ID } = require("@budibase/auth/constants")
 const { checkInviteCode } = require("../../../utilities/redis")
 const { sendEmail } = require("../../../utilities/email")
 const { user: userCache } = require("@budibase/auth/cache")
 const { invalidateSessions } = require("@budibase/auth/sessions")
+const CouchDB = require("../../../db")
+const env = require("../../../environment")
+const {
+  getGlobalDB,
+  getTenantId,
+  doesTenantExist,
+  tryAddTenant,
+  updateTenantId,
+} = require("@budibase/auth/tenancy")
 
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const PLATFORM_INFO_DB = StaticDatabases.PLATFORM_INFO.name
 
 async function allUsers() {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const response = await db.allDocs(
     getGlobalUserParams(null, {
       include_docs: true,
@@ -20,16 +33,21 @@ async function allUsers() {
   return response.rows.map(row => row.doc)
 }
 
-exports.save = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
-  const { email, password, _id } = ctx.request.body
-
+async function saveUser(user, tenantId) {
+  if (!tenantId) {
+    throw "No tenancy specified."
+  }
+  // need to set the context for this request, as specified
+  updateTenantId(tenantId)
+  // specify the tenancy incase we're making a new admin user (public)
+  const db = getGlobalDB(tenantId)
+  let { email, password, _id } = user
   // make sure another user isn't using the same email
   let dbUser
   if (email) {
     dbUser = await getGlobalUserByEmail(email)
     if (dbUser != null && (dbUser._id !== _id || Array.isArray(dbUser))) {
-      ctx.throw(400, "Email address already in use.")
+      throw "Email address already in use."
     }
   } else {
     dbUser = await db.get(_id)
@@ -42,14 +60,16 @@ exports.save = async ctx => {
   } else if (dbUser) {
     hashedPassword = dbUser.password
   } else {
-    ctx.throw(400, "Password must be specified.")
+    throw "Password must be specified."
   }
 
-  let user = {
+  _id = _id || generateGlobalUserID()
+  user = {
     ...dbUser,
-    ...ctx.request.body,
-    _id: _id || generateGlobalUserID(),
+    ...user,
+    _id,
     password: hashedPassword,
+    tenantId,
   }
   // make sure the roles object is always present
   if (!user.roles) {
@@ -64,23 +84,37 @@ exports.save = async ctx => {
       password: hashedPassword,
       ...user,
     })
+    await tryAddTenant(tenantId, _id, email)
     await userCache.invalidateUser(response.id)
-    ctx.body = {
+    return {
       _id: response.id,
       _rev: response.rev,
       email,
     }
   } catch (err) {
     if (err.status === 409) {
-      ctx.throw(400, "User exists already")
+      throw "User exists already"
     } else {
-      ctx.throw(err.status, err)
+      throw err
     }
   }
 }
 
+exports.save = async ctx => {
+  try {
+    ctx.body = await saveUser(ctx.request.body, getTenantId())
+  } catch (err) {
+    ctx.throw(err.status || 400, err)
+  }
+}
+
 exports.adminUser = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const { email, password, tenantId } = ctx.request.body
+  if (await doesTenantExist(tenantId)) {
+    ctx.throw(403, "Organisation already exists.")
+  }
+
+  const db = getGlobalDB(tenantId)
   const response = await db.allDocs(
     getGlobalUserParams(null, {
       include_docs: true,
@@ -88,11 +122,13 @@ exports.adminUser = async ctx => {
   )
 
   if (response.rows.some(row => row.doc.admin)) {
-    ctx.throw(403, "You cannot initialise once an admin user has been created.")
+    ctx.throw(
+      403,
+      "You cannot initialise once an global user has been created."
+    )
   }
 
-  const { email, password } = ctx.request.body
-  ctx.request.body = {
+  const user = {
     email: email,
     password: password,
     roles: {},
@@ -102,12 +138,17 @@ exports.adminUser = async ctx => {
     admin: {
       global: true,
     },
+    tenantId,
+  }
+  try {
+    ctx.body = await saveUser(user, tenantId)
+  } catch (err) {
+    ctx.throw(err.status || 400, err)
   }
-  await exports.save(ctx)
 }
 
 exports.destroy = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const dbUser = await db.get(ctx.params.id)
   await db.remove(dbUser._id, dbUser._rev)
   await userCache.invalidateUser(dbUser._id)
@@ -119,8 +160,8 @@ exports.destroy = async ctx => {
 
 exports.removeAppRole = async ctx => {
   const { appId } = ctx.params
-  const db = new CouchDB(GLOBAL_DB)
-  const users = await allUsers()
+  const db = getGlobalDB()
+  const users = await allUsers(ctx)
   const bulk = []
   const cacheInvalidations = []
   for (let user of users) {
@@ -149,7 +190,7 @@ exports.getSelf = async ctx => {
 }
 
 exports.updateSelf = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const user = await db.get(ctx.user._id)
   if (ctx.request.body.password) {
     ctx.request.body.password = await hash(ctx.request.body.password)
@@ -170,7 +211,7 @@ exports.updateSelf = async ctx => {
 
 // called internally by app server user fetch
 exports.fetch = async ctx => {
-  const users = await allUsers()
+  const users = await allUsers(ctx)
   // user hashed password shouldn't ever be returned
   for (let user of users) {
     if (user) {
@@ -182,7 +223,7 @@ exports.fetch = async ctx => {
 
 // called internally by app server user find
 exports.find = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   let user
   try {
     user = await db.get(ctx.params.id)
@@ -196,12 +237,38 @@ exports.find = async ctx => {
   ctx.body = user
 }
 
+exports.tenantLookup = async ctx => {
+  const id = ctx.params.id
+  // lookup, could be email or userId, either will return a doc
+  const db = new CouchDB(PLATFORM_INFO_DB)
+  let tenantId = null
+  try {
+    const doc = await db.get(id)
+    if (doc && doc.tenantId) {
+      tenantId = doc.tenantId
+    }
+  } catch (err) {
+    if (!env.MULTI_TENANCY) {
+      tenantId = DEFAULT_TENANT_ID
+    } else {
+      ctx.throw(400, "No tenant found.")
+    }
+  }
+  ctx.body = {
+    tenantId,
+  }
+}
+
 exports.invite = async ctx => {
-  const { email, userInfo } = ctx.request.body
+  let { email, userInfo } = ctx.request.body
   const existing = await getGlobalUserByEmail(email)
   if (existing) {
     ctx.throw(400, "Email address already in use.")
   }
+  if (!userInfo) {
+    userInfo = {}
+  }
+  userInfo.tenantId = getTenantId()
   await sendEmail(email, EmailTemplatePurpose.INVITATION, {
     subject: "{{ company }} platform invitation",
     info: userInfo,
@@ -214,18 +281,18 @@ exports.invite = async ctx => {
 exports.inviteAccept = async ctx => {
   const { inviteCode, password, firstName, lastName } = ctx.request.body
   try {
-    // info is an extension of the user object that was stored by admin
+    // info is an extension of the user object that was stored by global
     const { email, info } = await checkInviteCode(inviteCode)
-    // only pass through certain props for accepting
-    ctx.request.body = {
-      firstName,
-      lastName,
-      password,
-      email,
-      ...info,
-    }
-    // this will flesh out the body response
-    await exports.save(ctx)
+    ctx.body = await saveUser(
+      {
+        firstName,
+        lastName,
+        password,
+        email,
+        ...info,
+      },
+      info.tenantId
+    )
   } catch (err) {
     ctx.throw(400, "Unable to create new user, invitation invalid.")
   }
diff --git a/packages/worker/src/api/controllers/admin/groups.js b/packages/worker/src/api/controllers/global/workspaces.js
similarity index 53%
rename from packages/worker/src/api/controllers/admin/groups.js
rename to packages/worker/src/api/controllers/global/workspaces.js
index 330fb38282..95a1ec296d 100644
--- a/packages/worker/src/api/controllers/admin/groups.js
+++ b/packages/worker/src/api/controllers/global/workspaces.js
@@ -1,20 +1,17 @@
-const CouchDB = require("../../../db")
-const { getGroupParams, generateGroupID, StaticDatabases } =
-  require("@budibase/auth").db
-
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const { getWorkspaceParams, generateWorkspaceID } = require("@budibase/auth/db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.save = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
-  const groupDoc = ctx.request.body
+  const db = getGlobalDB()
+  const workspaceDoc = ctx.request.body
 
-  // Group does not exist yet
-  if (!groupDoc._id) {
-    groupDoc._id = generateGroupID()
+  // workspace does not exist yet
+  if (!workspaceDoc._id) {
+    workspaceDoc._id = generateWorkspaceID()
   }
 
   try {
-    const response = await db.post(groupDoc)
+    const response = await db.post(workspaceDoc)
     ctx.body = {
       _id: response.id,
       _rev: response.rev,
@@ -25,9 +22,9 @@ exports.save = async function (ctx) {
 }
 
 exports.fetch = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const response = await db.allDocs(
-    getGroupParams(undefined, {
+    getWorkspaceParams(undefined, {
       include_docs: true,
     })
   )
@@ -35,7 +32,7 @@ exports.fetch = async function (ctx) {
 }
 
 exports.find = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   try {
     ctx.body = await db.get(ctx.params.id)
   } catch (err) {
@@ -44,12 +41,12 @@ exports.find = async function (ctx) {
 }
 
 exports.destroy = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const { id, rev } = ctx.params
 
   try {
     await db.remove(id, rev)
-    ctx.body = { message: "Group deleted successfully" }
+    ctx.body = { message: "Workspace deleted successfully" }
   } catch (err) {
     ctx.throw(err.status, err)
   }
diff --git a/packages/worker/src/api/controllers/system/flags.js b/packages/worker/src/api/controllers/system/flags.js
new file mode 100644
index 0000000000..fdfc49afad
--- /dev/null
+++ b/packages/worker/src/api/controllers/system/flags.js
@@ -0,0 +1,7 @@
+const env = require("../../../environment")
+
+exports.fetch = async ctx => {
+  ctx.body = {
+    multiTenancy: !!env.MULTI_TENANCY,
+  }
+}
diff --git a/packages/worker/src/api/controllers/system/tenants.js b/packages/worker/src/api/controllers/system/tenants.js
new file mode 100644
index 0000000000..e053216dd9
--- /dev/null
+++ b/packages/worker/src/api/controllers/system/tenants.js
@@ -0,0 +1,33 @@
+const CouchDB = require("../../../db")
+const { StaticDatabases } = require("@budibase/auth/db")
+
+exports.exists = async ctx => {
+  const tenantId = ctx.request.params
+  const db = new CouchDB(StaticDatabases.PLATFORM_INFO.name)
+  let exists = false
+  try {
+    const tenantsDoc = await db.get(StaticDatabases.PLATFORM_INFO.docs.tenants)
+    if (tenantsDoc) {
+      exists = tenantsDoc.tenantIds.indexOf(tenantId) !== -1
+    }
+  } catch (err) {
+    // if error it doesn't exist
+  }
+  ctx.body = {
+    exists,
+  }
+}
+
+exports.fetch = async ctx => {
+  const db = new CouchDB(StaticDatabases.PLATFORM_INFO.name)
+  let tenants = []
+  try {
+    const tenantsDoc = await db.get(StaticDatabases.PLATFORM_INFO.docs.tenants)
+    if (tenantsDoc) {
+      tenants = tenantsDoc.tenantIds
+    }
+  } catch (err) {
+    // if error it doesn't exist
+  }
+  ctx.body = tenants
+}
diff --git a/packages/worker/src/api/index.js b/packages/worker/src/api/index.js
index 39ae320cc6..7ee933c14a 100644
--- a/packages/worker/src/api/index.js
+++ b/packages/worker/src/api/index.js
@@ -2,55 +2,60 @@ const Router = require("@koa/router")
 const compress = require("koa-compress")
 const zlib = require("zlib")
 const { routes } = require("./routes")
-const { buildAuthMiddleware, auditLog } = require("@budibase/auth").auth
+const { buildAuthMiddleware, auditLog, buildTenancyMiddleware } =
+  require("@budibase/auth").auth
 
 const PUBLIC_ENDPOINTS = [
-  {
-    route: "/api/admin/users/init",
-    method: "POST",
-  },
-  {
-    route: "/api/admin/users/invite/accept",
-    method: "POST",
-  },
-  {
-    route: "/api/admin/auth",
-    method: "POST",
-  },
-  {
-    route: "/api/admin/auth/google",
-    method: "GET",
-  },
+  // old deprecated endpoints kept for backwards compat
   {
     route: "/api/admin/auth/google/callback",
     method: "GET",
   },
-  {
-    route: "/api/admin/auth/oidc",
-    method: "GET",
-  },
   {
     route: "/api/admin/auth/oidc/callback",
     method: "GET",
   },
   {
-    route: "/api/admin/auth/reset",
+    // this covers all of the POST auth routes
+    route: "/api/global/auth/:tenantId",
     method: "POST",
   },
   {
-    route: "/api/admin/configs/checklist",
+    // this covers all of the GET auth routes
+    route: "/api/global/auth/:tenantId",
     method: "GET",
   },
   {
-    route: "/api/apps",
+    // this covers all of the public config routes
+    route: "/api/global/configs/public",
     method: "GET",
   },
   {
-    route: "/api/admin/configs/public",
+    route: "/api/global/configs/checklist",
     method: "GET",
   },
   {
-    route: "/api/admin/configs/publicOidc",
+    route: "/api/global/users/init",
+    method: "POST",
+  },
+  {
+    route: "/api/global/users/invite/accept",
+    method: "POST",
+  },
+  {
+    route: "api/system/flags",
+    method: "GET",
+  },
+]
+
+const NO_TENANCY_ENDPOINTS = [
+  ...PUBLIC_ENDPOINTS,
+  {
+    route: "/api/system",
+    method: "ALL",
+  },
+  {
+    route: "/api/global/users/self",
     method: "GET",
   },
 ]
@@ -71,9 +76,10 @@ router
   )
   .use("/health", ctx => (ctx.status = 200))
   .use(buildAuthMiddleware(PUBLIC_ENDPOINTS))
+  .use(buildTenancyMiddleware(PUBLIC_ENDPOINTS, NO_TENANCY_ENDPOINTS))
   // for now no public access is allowed to worker (bar health check)
   .use((ctx, next) => {
-    if (!ctx.isAuthenticated) {
+    if (!ctx.isAuthenticated && !ctx.publicEndpoint) {
       ctx.throw(403, "Unauthorized - no public worker access")
     }
     return next()
diff --git a/packages/worker/src/api/routes/admin/auth.js b/packages/worker/src/api/routes/admin/auth.js
deleted file mode 100644
index 9a7ef5ebac..0000000000
--- a/packages/worker/src/api/routes/admin/auth.js
+++ /dev/null
@@ -1,45 +0,0 @@
-const Router = require("@koa/router")
-const authController = require("../../controllers/admin/auth")
-const joiValidator = require("../../../middleware/joi-validator")
-const Joi = require("joi")
-
-const router = Router()
-
-function buildAuthValidation() {
-  // prettier-ignore
-  return joiValidator.body(Joi.object({
-    username: Joi.string().required(),
-    password: Joi.string().required(),
-  }).required().unknown(false))
-}
-
-function buildResetValidation() {
-  // prettier-ignore
-  return joiValidator.body(Joi.object({
-    email: Joi.string().required(),
-  }).required().unknown(false))
-}
-
-function buildResetUpdateValidation() {
-  // prettier-ignore
-  return joiValidator.body(Joi.object({
-    resetCode: Joi.string().required(),
-    password: Joi.string().required(),
-  }).required().unknown(false))
-}
-
-router
-  .post("/api/admin/auth", buildAuthValidation(), authController.authenticate)
-  .post("/api/admin/auth/reset", buildResetValidation(), authController.reset)
-  .post(
-    "/api/admin/auth/reset/update",
-    buildResetUpdateValidation(),
-    authController.resetUpdate
-  )
-  .post("/api/admin/auth/logout", authController.logout)
-  .get("/api/admin/auth/google", authController.googlePreAuth)
-  .get("/api/admin/auth/google/callback", authController.googleAuth)
-  .get("/api/admin/auth/oidc/configs/:configId", authController.oidcPreAuth)
-  .get("/api/admin/auth/oidc/callback", authController.oidcAuth)
-
-module.exports = router
diff --git a/packages/worker/src/api/routes/admin/roles.js b/packages/worker/src/api/routes/admin/roles.js
deleted file mode 100644
index 2deef6b3fe..0000000000
--- a/packages/worker/src/api/routes/admin/roles.js
+++ /dev/null
@@ -1,11 +0,0 @@
-const Router = require("@koa/router")
-const controller = require("../../controllers/admin/roles")
-const adminOnly = require("../../../middleware/adminOnly")
-
-const router = Router()
-
-router
-  .get("/api/admin/roles", adminOnly, controller.fetch)
-  .get("/api/admin/roles/:appId", adminOnly, controller.find)
-
-module.exports = router
diff --git a/packages/worker/src/api/routes/admin/sessions.js b/packages/worker/src/api/routes/admin/sessions.js
deleted file mode 100644
index 9cf5f58f8b..0000000000
--- a/packages/worker/src/api/routes/admin/sessions.js
+++ /dev/null
@@ -1,14 +0,0 @@
-const Router = require("@koa/router")
-const controller = require("../../controllers/admin/sessions")
-const adminOnly = require("../../../middleware/adminOnly")
-
-const router = Router()
-
-router
-  .get("/api/admin/sessions", adminOnly, controller.fetch)
-  .get("/api/admin/sessions/self", controller.selfSessions)
-  .get("/api/admin/sessions/:userId", adminOnly, controller.find)
-  .delete("/api/admin/sessions/:userId", adminOnly, controller.invalidateUser)
-  .delete("/api/admin/sessions/self/:sessionId", controller.invalidateSession)
-
-module.exports = router
diff --git a/packages/worker/src/api/routes/global/auth.js b/packages/worker/src/api/routes/global/auth.js
new file mode 100644
index 0000000000..5e39f79135
--- /dev/null
+++ b/packages/worker/src/api/routes/global/auth.js
@@ -0,0 +1,83 @@
+const Router = require("@koa/router")
+const authController = require("../../controllers/global/auth")
+const joiValidator = require("../../../middleware/joi-validator")
+const Joi = require("joi")
+const { updateTenantId } = require("@budibase/auth/tenancy")
+
+const router = Router()
+
+function buildAuthValidation() {
+  // prettier-ignore
+  return joiValidator.body(Joi.object({
+    username: Joi.string().required(),
+    password: Joi.string().required(),
+  }).required().unknown(false))
+}
+
+function buildResetValidation() {
+  // prettier-ignore
+  return joiValidator.body(Joi.object({
+    email: Joi.string().required(),
+  }).required().unknown(false))
+}
+
+function buildResetUpdateValidation() {
+  // prettier-ignore
+  return joiValidator.body(Joi.object({
+    resetCode: Joi.string().required(),
+    password: Joi.string().required(),
+  }).required().unknown(false))
+}
+
+function updateTenant(ctx, next) {
+  if (ctx.params) {
+    updateTenantId(ctx.params.tenantId)
+  }
+  return next()
+}
+
+router
+  .post(
+    "/api/global/auth/:tenantId/login",
+    buildAuthValidation(),
+    updateTenant,
+    authController.authenticate
+  )
+  .post(
+    "/api/global/auth/:tenantId/reset",
+    buildResetValidation(),
+    updateTenant,
+    authController.reset
+  )
+  .post(
+    "/api/global/auth/:tenantId/reset/update",
+    buildResetUpdateValidation(),
+    updateTenant,
+    authController.resetUpdate
+  )
+  .post("/api/global/auth/logout", authController.logout)
+  .get(
+    "/api/global/auth/:tenantId/google",
+    updateTenant,
+    authController.googlePreAuth
+  )
+  .get(
+    "/api/global/auth/:tenantId/google/callback",
+    updateTenant,
+    authController.googleAuth
+  )
+  .get(
+    "/api/global/auth/:tenantId/oidc/configs/:configId",
+    updateTenant,
+    authController.oidcPreAuth
+  )
+  .get(
+    "/api/global/auth/:tenantId/oidc/callback",
+    updateTenant,
+    authController.oidcAuth
+  )
+  // deprecated - used by the default system before tenancy
+  .get("/api/admin/auth/google/callback", authController.googleAuth)
+  .get("/api/admin/auth/oidc/callback", authController.oidcAuth)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/admin/configs.js b/packages/worker/src/api/routes/global/configs.js
similarity index 82%
rename from packages/worker/src/api/routes/admin/configs.js
rename to packages/worker/src/api/routes/global/configs.js
index 6873d82757..f6cac4d3b2 100644
--- a/packages/worker/src/api/routes/admin/configs.js
+++ b/packages/worker/src/api/routes/global/configs.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/configs")
+const controller = require("../../controllers/global/configs")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
 const Joi = require("joi")
@@ -37,7 +37,6 @@ function googleValidation() {
   return Joi.object({
     clientID: Joi.string().required(),
     clientSecret: Joi.string().required(),
-    callbackURL: Joi.string().required(),
     activated: Joi.boolean().required(),
   }).unknown(true)
 }
@@ -64,7 +63,7 @@ function buildConfigSaveValidation() {
   return joiValidator.body(Joi.object({
     _id: Joi.string().optional(),
     _rev: Joi.string().optional(),
-    group: Joi.string().optional(),
+    workspace: Joi.string().optional(),
     type: Joi.string().valid(...Object.values(Configs)).required(),
     config: Joi.alternatives()
       .conditional("type", {
@@ -97,24 +96,24 @@ function buildConfigGetValidation() {
 
 router
   .post(
-    "/api/admin/configs",
+    "/api/global/configs",
     adminOnly,
     buildConfigSaveValidation(),
     controller.save
   )
-  .delete("/api/admin/configs/:id/:rev", adminOnly, controller.destroy)
-  .get("/api/admin/configs", controller.fetch)
-  .get("/api/admin/configs/checklist", controller.configChecklist)
+  .delete("/api/global/configs/:id/:rev", adminOnly, controller.destroy)
+  .get("/api/global/configs", controller.fetch)
+  .get("/api/global/configs/checklist", controller.configChecklist)
   .get(
-    "/api/admin/configs/all/:type",
+    "/api/global/configs/all/:type",
     buildConfigGetValidation(),
     controller.fetch
   )
-  .get("/api/admin/configs/public", controller.publicSettings)
-  .get("/api/admin/configs/publicOidc", controller.publicOidc)
-  .get("/api/admin/configs/:type", buildConfigGetValidation(), controller.find)
+  .get("/api/global/configs/public", controller.publicSettings)
+  .get("/api/global/configs/public/oidc", controller.publicOidc)
+  .get("/api/global/configs/:type", buildConfigGetValidation(), controller.find)
   .post(
-    "/api/admin/configs/upload/:type/:name",
+    "/api/global/configs/upload/:type/:name",
     adminOnly,
     buildUploadValidation(),
     controller.upload
diff --git a/packages/worker/src/api/routes/admin/email.js b/packages/worker/src/api/routes/global/email.js
similarity index 80%
rename from packages/worker/src/api/routes/admin/email.js
rename to packages/worker/src/api/routes/global/email.js
index a36dc5de91..fecbc02cd7 100644
--- a/packages/worker/src/api/routes/admin/email.js
+++ b/packages/worker/src/api/routes/global/email.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/email")
+const controller = require("../../controllers/global/email")
 const { EmailTemplatePurpose } = require("../../../constants")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
@@ -12,15 +12,15 @@ function buildEmailSendValidation() {
   return joiValidator.body(Joi.object({
     email: Joi.string().email(),
     purpose: Joi.string().valid(...Object.values(EmailTemplatePurpose)),
-    groupId: Joi.string().allow("", null),
-    fromt: Joi.string().allow("", null),
+    workspaceId: Joi.string().allow("", null),
+    from: Joi.string().allow("", null),
     contents: Joi.string().allow("", null),
     subject: Joi.string().allow("", null),
   }).required().unknown(true))
 }
 
 router.post(
-  "/api/admin/email/send",
+  "/api/global/email/send",
   buildEmailSendValidation(),
   adminOnly,
   controller.sendEmail
diff --git a/packages/worker/src/api/routes/global/roles.js b/packages/worker/src/api/routes/global/roles.js
new file mode 100644
index 0000000000..c73fb317cf
--- /dev/null
+++ b/packages/worker/src/api/routes/global/roles.js
@@ -0,0 +1,11 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/global/roles")
+const adminOnly = require("../../../middleware/adminOnly")
+
+const router = Router()
+
+router
+  .get("/api/global/roles", adminOnly, controller.fetch)
+  .get("/api/global/roles/:appId", adminOnly, controller.find)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/global/sessions.js b/packages/worker/src/api/routes/global/sessions.js
new file mode 100644
index 0000000000..5ba6747e68
--- /dev/null
+++ b/packages/worker/src/api/routes/global/sessions.js
@@ -0,0 +1,14 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/global/sessions")
+const adminOnly = require("../../../middleware/adminOnly")
+
+const router = Router()
+
+router
+  .get("/api/global/sessions", adminOnly, controller.fetch)
+  .get("/api/global/sessions/self", controller.selfSessions)
+  .get("/api/global/sessions/:userId", adminOnly, controller.find)
+  .delete("/api/global/sessions/:userId", adminOnly, controller.invalidateUser)
+  .delete("/api/global/sessions/self/:sessionId", controller.invalidateSession)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/admin/templates.js b/packages/worker/src/api/routes/global/templates.js
similarity index 66%
rename from packages/worker/src/api/routes/admin/templates.js
rename to packages/worker/src/api/routes/global/templates.js
index 52ab24878b..e4580d444c 100644
--- a/packages/worker/src/api/routes/admin/templates.js
+++ b/packages/worker/src/api/routes/global/templates.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/templates")
+const controller = require("../../controllers/global/templates")
 const joiValidator = require("../../../middleware/joi-validator")
 const Joi = require("joi")
 const { TemplatePurpose, TemplateTypes } = require("../../../constants")
@@ -21,17 +21,17 @@ function buildTemplateSaveValidation() {
 }
 
 router
-  .get("/api/admin/template/definitions", controller.definitions)
+  .get("/api/global/template/definitions", controller.definitions)
   .post(
-    "/api/admin/template",
+    "/api/global/template",
     adminOnly,
     buildTemplateSaveValidation(),
     controller.save
   )
-  .get("/api/admin/template", controller.fetch)
-  .get("/api/admin/template/:type", controller.fetchByType)
-  .get("/api/admin/template/:ownerId", controller.fetchByOwner)
-  .get("/api/admin/template/:id", controller.find)
-  .delete("/api/admin/template/:id/:rev", adminOnly, controller.destroy)
+  .get("/api/global/template", controller.fetch)
+  .get("/api/global/template/:type", controller.fetchByType)
+  .get("/api/global/template/:ownerId", controller.fetchByOwner)
+  .get("/api/global/template/:id", controller.find)
+  .delete("/api/global/template/:id/:rev", adminOnly, controller.destroy)
 
 module.exports = router
diff --git a/packages/worker/src/api/routes/admin/users.js b/packages/worker/src/api/routes/global/users.js
similarity index 71%
rename from packages/worker/src/api/routes/admin/users.js
rename to packages/worker/src/api/routes/global/users.js
index e302725232..8359835952 100644
--- a/packages/worker/src/api/routes/admin/users.js
+++ b/packages/worker/src/api/routes/global/users.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/users")
+const controller = require("../../controllers/global/users")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
 const Joi = require("joi")
@@ -11,6 +11,7 @@ function buildAdminInitValidation() {
     Joi.object({
       email: Joi.string().required(),
       password: Joi.string().required(),
+      tenantId: Joi.string().required(),
     })
       .required()
       .unknown(false)
@@ -61,39 +62,40 @@ function buildInviteAcceptValidation() {
 
 router
   .post(
-    "/api/admin/users",
+    "/api/global/users",
     adminOnly,
     buildUserSaveValidation(),
     controller.save
   )
-  .get("/api/admin/users", adminOnly, controller.fetch)
-  .delete("/api/admin/roles/:appId", adminOnly, controller.removeAppRole)
-  .delete("/api/admin/users/:id", adminOnly, controller.destroy)
-  .get("/api/admin/roles/:appId")
+  .get("/api/global/users", adminOnly, controller.fetch)
+  .delete("/api/global/roles/:appId", adminOnly, controller.removeAppRole)
+  .delete("/api/global/users/:id", adminOnly, controller.destroy)
+  .get("/api/global/roles/:appId")
   .post(
-    "/api/admin/users/invite",
+    "/api/global/users/invite",
     adminOnly,
     buildInviteValidation(),
     controller.invite
   )
-  // non-admin endpoints
+  // non-global endpoints
   .post(
-    "/api/admin/users/self",
+    "/api/global/users/self",
     buildUserSaveValidation(true),
     controller.updateSelf
   )
   .post(
-    "/api/admin/users/invite/accept",
+    "/api/global/users/invite/accept",
     buildInviteAcceptValidation(),
     controller.inviteAccept
   )
   .post(
-    "/api/admin/users/init",
+    "/api/global/users/init",
     buildAdminInitValidation(),
     controller.adminUser
   )
-  .get("/api/admin/users/self", controller.getSelf)
-  // admin endpoint but needs to come at end (blocks other endpoints otherwise)
-  .get("/api/admin/users/:id", adminOnly, controller.find)
+  .get("/api/global/users/self", controller.getSelf)
+  .get("/api/global/users/tenant/:id", adminOnly, controller.tenantLookup)
+  // global endpoint but needs to come at end (blocks other endpoints otherwise)
+  .get("/api/global/users/:id", adminOnly, controller.find)
 
 module.exports = router
diff --git a/packages/worker/src/api/routes/admin/groups.js b/packages/worker/src/api/routes/global/workspaces.js
similarity index 68%
rename from packages/worker/src/api/routes/admin/groups.js
rename to packages/worker/src/api/routes/global/workspaces.js
index 4611e67079..cab76b7763 100644
--- a/packages/worker/src/api/routes/admin/groups.js
+++ b/packages/worker/src/api/routes/global/workspaces.js
@@ -1,12 +1,12 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/groups")
+const controller = require("../../controllers/global/workspaces")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
 const Joi = require("joi")
 
 const router = Router()
 
-function buildGroupSaveValidation() {
+function buildWorkspaceSaveValidation() {
   // prettier-ignore
   return joiValidator.body(Joi.object({
     _id: Joi.string().optional(),
@@ -26,13 +26,13 @@ function buildGroupSaveValidation() {
 
 router
   .post(
-    "/api/admin/groups",
+    "/api/global/workspaces",
     adminOnly,
-    buildGroupSaveValidation(),
+    buildWorkspaceSaveValidation(),
     controller.save
   )
-  .get("/api/admin/groups", controller.fetch)
-  .delete("/api/admin/groups/:id", adminOnly, controller.destroy)
-  .get("/api/admin/groups/:id", controller.find)
+  .delete("/api/global/workspaces/:id", adminOnly, controller.destroy)
+  .get("/api/global/workspaces", controller.fetch)
+  .get("/api/global/workspaces/:id", controller.find)
 
 module.exports = router
diff --git a/packages/worker/src/api/routes/index.js b/packages/worker/src/api/routes/index.js
index 21ec324880..a4ed4d7da4 100644
--- a/packages/worker/src/api/routes/index.js
+++ b/packages/worker/src/api/routes/index.js
@@ -1,21 +1,25 @@
-const userRoutes = require("./admin/users")
-const configRoutes = require("./admin/configs")
-const groupRoutes = require("./admin/groups")
-const templateRoutes = require("./admin/templates")
-const emailRoutes = require("./admin/email")
-const authRoutes = require("./admin/auth")
-const roleRoutes = require("./admin/roles")
-const sessionRoutes = require("./admin/sessions")
+const userRoutes = require("./global/users")
+const configRoutes = require("./global/configs")
+const workspaceRoutes = require("./global/workspaces")
+const templateRoutes = require("./global/templates")
+const emailRoutes = require("./global/email")
+const authRoutes = require("./global/auth")
+const roleRoutes = require("./global/roles")
+const sessionRoutes = require("./global/sessions")
+const flagRoutes = require("./system/flags")
+const tenantsRoutes = require("./system/tenants")
 const appRoutes = require("./app")
 
 exports.routes = [
   configRoutes,
   userRoutes,
-  groupRoutes,
+  workspaceRoutes,
   authRoutes,
   appRoutes,
   templateRoutes,
+  tenantsRoutes,
   emailRoutes,
   sessionRoutes,
   roleRoutes,
+  flagRoutes,
 ]
diff --git a/packages/worker/src/api/routes/system/flags.js b/packages/worker/src/api/routes/system/flags.js
new file mode 100644
index 0000000000..f2f5c5712f
--- /dev/null
+++ b/packages/worker/src/api/routes/system/flags.js
@@ -0,0 +1,8 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/system/flags")
+
+const router = Router()
+
+router.get("/api/system/flags", controller.fetch)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/system/tenants.js b/packages/worker/src/api/routes/system/tenants.js
new file mode 100644
index 0000000000..223ba9f26e
--- /dev/null
+++ b/packages/worker/src/api/routes/system/tenants.js
@@ -0,0 +1,11 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/system/tenants")
+const adminOnly = require("../../../middleware/adminOnly")
+
+const router = Router()
+
+router
+  .get("/api/system/tenants/:tenantId/exists", controller.exists)
+  .get("/api/system/tenants", adminOnly, controller.fetch)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/tests/auth.spec.js b/packages/worker/src/api/routes/tests/auth.spec.js
index ceccf7edaf..dacff30ce3 100644
--- a/packages/worker/src/api/routes/tests/auth.spec.js
+++ b/packages/worker/src/api/routes/tests/auth.spec.js
@@ -1,10 +1,11 @@
 const setup = require("./utilities")
-const { Cookies } = require("@budibase/auth").constants
+
+const TENANT_ID = "default"
 
 jest.mock("nodemailer")
 const sendMailMock = setup.emailMock()
 
-describe("/api/admin/auth", () => {
+describe("/api/global/auth", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
   let code
@@ -25,7 +26,7 @@ describe("/api/admin/auth", () => {
     await config.saveSettingsConfig()
     await config.createUser("test@test.com")
     const res = await request
-      .post(`/api/admin/auth/reset`)
+      .post(`/api/global/auth/${TENANT_ID}/reset`)
       .send({
         email: "test@test.com",
       })
@@ -35,14 +36,14 @@ describe("/api/admin/auth", () => {
     expect(sendMailMock).toHaveBeenCalled()
     const emailCall = sendMailMock.mock.calls[0][0]
     // after this URL there should be a code
-    const parts = emailCall.html.split("http://localhost:10000/builder/auth/reset?code=")
-    code = parts[1].split("\"")[0]
+    const parts = emailCall.html.split(`http://localhost:10000/builder/auth/reset?code=`)
+    code = parts[1].split("\"")[0].split("&")[0]
     expect(code).toBeDefined()
   })
 
   it("should allow resetting user password with code", async () => {
     const res = await request
-      .post(`/api/admin/auth/reset/update`)
+      .post(`/api/global/auth/${TENANT_ID}/reset/update`)
       .send({
         password: "newpassword",
         resetCode: code,
@@ -75,13 +76,13 @@ describe("/api/admin/auth", () => {
     afterEach(() => {
       expect(strategyFactory).toBeCalledWith(
         chosenConfig, 
-        `http://127.0.0.1:4003/api/admin/auth/oidc/callback` // calculated url
+        `http://127.0.0.1:4003/api/global/auth/${TENANT_ID}/oidc/callback` // calculated url
       )
     })
 
-    describe("/api/admin/auth/oidc/configs", () => {
+    describe("oidc configs", () => {
       it("should load strategy and delegate to passport", async () => {
-        await request.get(`/api/admin/auth/oidc/configs/${configId}`)
+        await request.get(`/api/global/auth/${TENANT_ID}/oidc/configs/${configId}`)
 
         expect(passportSpy).toBeCalledWith(mockStrategyReturn, {
           scope: ["profile", "email"],
@@ -90,9 +91,9 @@ describe("/api/admin/auth", () => {
       })
     })
 
-    describe("/api/admin/auth/oidc/callback", () => {
+    describe("oidc callback", () => {
       it("should load strategy and delegate to passport", async () => {
-        await request.get(`/api/admin/auth/oidc/callback`)
+        await request.get(`/api/global/auth/${TENANT_ID}/oidc/callback`)
                      .set(config.getOIDConfigCookie(configId))
       
         expect(passportSpy).toBeCalledWith(mockStrategyReturn, {
diff --git a/packages/worker/src/api/routes/tests/configs.spec.js b/packages/worker/src/api/routes/tests/configs.spec.js
index 13ba2bd3bc..10feb77b37 100644
--- a/packages/worker/src/api/routes/tests/configs.spec.js
+++ b/packages/worker/src/api/routes/tests/configs.spec.js
@@ -1,30 +1,27 @@
 const setup = require("./utilities")
 
 // mock the email system
-const sendMailMock = jest.fn()
 jest.mock("nodemailer")
 const nodemailer = require("nodemailer")
 nodemailer.createTransport.mockReturnValue({
   verify: jest.fn()
 })
 
-describe("/api/admin/configs/checklist", () => {
+describe("/api/global/configs/checklist", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
 
   beforeAll(async () => {
-    await config.init(false)
+    await config.init()
   })
 
   afterAll(setup.afterAll)
 
   it("should return the correct checklist status based on the state of the budibase installation", async () => {
-    // initially configure settings
-    await config.saveAdminUser()
     await config.saveSmtpConfig()
 
     const res = await request
-      .get(`/api/admin/configs/checklist`)
+      .get(`/api/global/configs/checklist`)
       .set(config.defaultHeaders())
       .expect("Content-Type", /json/)
       .expect(200)
diff --git a/packages/worker/src/api/routes/tests/email.spec.js b/packages/worker/src/api/routes/tests/email.spec.js
index 797b0326ed..c8c93658f7 100644
--- a/packages/worker/src/api/routes/tests/email.spec.js
+++ b/packages/worker/src/api/routes/tests/email.spec.js
@@ -1,5 +1,6 @@
 const setup = require("./utilities")
 const { EmailTemplatePurpose } = require("../../../constants")
+const { TENANT_ID } = require("./utilities/structures")
 
 // mock the email system
 const sendMailMock = jest.fn()
@@ -10,7 +11,7 @@ nodemailer.createTransport.mockReturnValue({
   verify: jest.fn()
 })
 
-describe("/api/admin/email", () => {
+describe("/api/global/email", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
 
@@ -25,10 +26,11 @@ describe("/api/admin/email", () => {
     await config.saveSmtpConfig()
     await config.saveSettingsConfig()
     const res = await request
-      .post(`/api/admin/email/send`)
+      .post(`/api/global/email/send`)
       .send({
         email: "test@test.com",
         purpose: EmailTemplatePurpose.INVITATION,
+        tenantId: TENANT_ID,
       })
       .set(config.defaultHeaders())
       .expect("Content-Type", /json/)
diff --git a/packages/worker/src/api/routes/tests/realEmail.spec.js b/packages/worker/src/api/routes/tests/realEmail.spec.js
index acc0c7acc9..845e31d911 100644
--- a/packages/worker/src/api/routes/tests/realEmail.spec.js
+++ b/packages/worker/src/api/routes/tests/realEmail.spec.js
@@ -6,7 +6,7 @@ const fetch = require("node-fetch")
 // need a longer timeout for getting these
 jest.setTimeout(30000)
 
-describe("/api/admin/email", () => {
+describe("/api/global/email", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
 
@@ -21,7 +21,7 @@ describe("/api/admin/email", () => {
     await config.saveSettingsConfig()
     const user = await config.getUser("test@test.com")
     const res = await request
-      .post(`/api/admin/email/send`)
+      .post(`/api/global/email/send`)
       .send({
         email: "test@test.com",
         purpose,
diff --git a/packages/worker/src/api/routes/tests/users.spec.js b/packages/worker/src/api/routes/tests/users.spec.js
index bf5b67ab1a..f03f9e60be 100644
--- a/packages/worker/src/api/routes/tests/users.spec.js
+++ b/packages/worker/src/api/routes/tests/users.spec.js
@@ -1,9 +1,10 @@
 const setup = require("./utilities")
+const { TENANT_ID } = require("./utilities/structures")
 
 jest.mock("nodemailer")
 const sendMailMock = setup.emailMock()
 
-describe("/api/admin/users", () => {
+describe("/api/global/users", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
   let code
@@ -19,7 +20,7 @@ describe("/api/admin/users", () => {
     await config.saveSmtpConfig()
     await config.saveSettingsConfig()
     const res = await request
-      .post(`/api/admin/users/invite`)
+      .post(`/api/global/users/invite`)
       .send({
         email: "invite@test.com",
       })
@@ -31,13 +32,13 @@ describe("/api/admin/users", () => {
     const emailCall = sendMailMock.mock.calls[0][0]
     // after this URL there should be a code
     const parts = emailCall.html.split("http://localhost:10000/builder/invite?code=")
-    code = parts[1].split("\"")[0]
+    code = parts[1].split("\"")[0].split("&")[0]
     expect(code).toBeDefined()
   })
 
   it("should be able to create new user from invite", async () => {
     const res = await request
-      .post(`/api/admin/users/invite/accept`)
+      .post(`/api/global/users/invite/accept`)
       .send({
         password: "newpassword",
         inviteCode: code,
diff --git a/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js b/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
index 812dbe51e2..7f84de6b7d 100644
--- a/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
+++ b/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
@@ -7,6 +7,11 @@ const { Configs, LOGO_URL } = require("../../../../constants")
 const { getGlobalUserByEmail } = require("@budibase/auth").utils
 const { createASession } = require("@budibase/auth/sessions")
 const { newid } = require("../../../../../../auth/src/hashing")
+const { TENANT_ID } = require("./structures")
+const auth = require("@budibase/auth")
+const CouchDB = require("../../../../db")
+const { doInTenant } = require("@budibase/auth/tenancy")
+auth.init(CouchDB)
 
 class TestConfiguration {
   constructor(openServer = true) {
@@ -28,7 +33,7 @@ class TestConfiguration {
     request.cookies = { set: () => {}, get: () => {} }
     request.config = { jwtSecret: env.JWT_SECRET }
     request.appId = this.appId
-    request.user = { appId: this.appId }
+    request.user = { appId: this.appId, tenantId: TENANT_ID }
     request.query = {}
     request.request = {
       body: config,
@@ -36,7 +41,9 @@ class TestConfiguration {
     if (params) {
       request.params = params
     }
-    await controlFunc(request)
+    await doInTenant(TENANT_ID, () => {
+      return controlFunc(request)
+    })
     return request.body
   }
 
@@ -58,8 +65,11 @@ class TestConfiguration {
         null,
         controllers.users.save
       )
-      await createASession("us_uuid1", "sessionid")
     }
+    await createASession("us_uuid1", {
+      sessionId: "sessionid",
+      tenantId: TENANT_ID,
+    })
   }
 
   async end() {
@@ -79,6 +89,7 @@ class TestConfiguration {
       _id: "us_uuid1",
       userId: "us_uuid1",
       sessionId: "sessionid",
+      tenantId: TENANT_ID,
     }
     const authToken = jwt.sign(user, env.JWT_SECRET)
     return {
@@ -88,7 +99,9 @@ class TestConfiguration {
   }
 
   async getUser(email) {
-    return getGlobalUserByEmail(email)
+    return doInTenant(TENANT_ID, () => {
+      return getGlobalUserByEmail(email)
+    })
   }
 
   async createUser(email = "test@test.com", password = "test") {
@@ -152,7 +165,6 @@ class TestConfiguration {
       {
         type: Configs.GOOGLE,
         config: {
-          callbackURL: "http://somecallbackurl",
           clientID: "clientId",
           clientSecret: "clientSecret",
         },
@@ -231,6 +243,7 @@ class TestConfiguration {
       {
         email: "testuser@test.com",
         password: "test@test.com",
+        tenantId: TENANT_ID,
       },
       null,
       controllers.users.adminUser
diff --git a/packages/worker/src/api/routes/tests/utilities/controllers.js b/packages/worker/src/api/routes/tests/utilities/controllers.js
index b0d2441c0a..45216ae634 100644
--- a/packages/worker/src/api/routes/tests/utilities/controllers.js
+++ b/packages/worker/src/api/routes/tests/utilities/controllers.js
@@ -1,7 +1,7 @@
 module.exports = {
-  email: require("../../../controllers/admin/email"),
-  groups: require("../../../controllers/admin/groups"),
-  config: require("../../../controllers/admin/configs"),
-  templates: require("../../../controllers/admin/templates"),
-  users: require("../../../controllers/admin/users"),
+  email: require("../../../controllers/global/email"),
+  workspaces: require("../../../controllers/global/workspaces"),
+  config: require("../../../controllers/global/configs"),
+  templates: require("../../../controllers/global/templates"),
+  users: require("../../../controllers/global/users"),
 }
diff --git a/packages/worker/src/api/routes/tests/utilities/structures.js b/packages/worker/src/api/routes/tests/utilities/structures.js
new file mode 100644
index 0000000000..16701ac3d7
--- /dev/null
+++ b/packages/worker/src/api/routes/tests/utilities/structures.js
@@ -0,0 +1 @@
+exports.TENANT_ID = "default"
diff --git a/packages/worker/src/constants/index.js b/packages/worker/src/constants/index.js
index 231ff37ee2..a2bc818674 100644
--- a/packages/worker/src/constants/index.js
+++ b/packages/worker/src/constants/index.js
@@ -8,10 +8,6 @@ exports.UserStatus = {
   INACTIVE: "inactive",
 }
 
-exports.Groups = {
-  ALL_USERS: "all_users",
-}
-
 exports.Configs = Configs
 
 exports.ConfigUploads = {
diff --git a/packages/worker/src/constants/templates/index.js b/packages/worker/src/constants/templates/index.js
index c677f504c4..ac5427ba1f 100644
--- a/packages/worker/src/constants/templates/index.js
+++ b/packages/worker/src/constants/templates/index.js
@@ -6,8 +6,8 @@ const {
   GLOBAL_OWNER,
 } = require("../index")
 const { join } = require("path")
-const CouchDB = require("../../db")
-const { getTemplateParams, StaticDatabases } = require("@budibase/auth").db
+const { getTemplateParams } = require("@budibase/auth/db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.EmailTemplates = {
   [EmailTemplatePurpose.PASSWORD_RECOVERY]: readStaticFile(
@@ -50,7 +50,7 @@ exports.addBaseTemplates = (templates, type = null) => {
 }
 
 exports.getTemplates = async ({ ownerId, type, id } = {}) => {
-  const db = new CouchDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
   const response = await db.allDocs(
     getTemplateParams(ownerId || GLOBAL_OWNER, id, {
       include_docs: true,
diff --git a/packages/worker/src/environment.js b/packages/worker/src/environment.js
index 384230b9b3..c42bc087e8 100644
--- a/packages/worker/src/environment.js
+++ b/packages/worker/src/environment.js
@@ -17,6 +17,7 @@ if (!LOADED && isDev() && !isTest()) {
 }
 
 module.exports = {
+  NODE_ENV: process.env.NODE_ENV,
   SELF_HOSTED: process.env.SELF_HOSTED,
   PORT: process.env.PORT,
   CLUSTER_PORT: process.env.CLUSTER_PORT,
@@ -30,9 +31,7 @@ module.exports = {
   REDIS_URL: process.env.REDIS_URL,
   REDIS_PASSWORD: process.env.REDIS_PASSWORD,
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
-  /* TODO: to remove - once deployment removed */
-  COUCH_DB_USERNAME: process.env.COUCH_DB_USERNAME,
-  COUCH_DB_PASSWORD: process.env.COUCH_DB_PASSWORD,
+  MULTI_TENANCY: process.env.MULTI_TENANCY,
   _set(key, value) {
     process.env[key] = value
     module.exports[key] = value
diff --git a/packages/worker/src/utilities/email.js b/packages/worker/src/utilities/email.js
index dc13bb948a..c32ff05cf5 100644
--- a/packages/worker/src/utilities/email.js
+++ b/packages/worker/src/utilities/email.js
@@ -1,14 +1,13 @@
 const nodemailer = require("nodemailer")
-const CouchDB = require("../db")
-const { StaticDatabases, getScopedConfig } = require("@budibase/auth").db
+const { getScopedConfig } = require("@budibase/auth/db")
 const { EmailTemplatePurpose, TemplateTypes, Configs } = require("../constants")
 const { getTemplateByPurpose } = require("../constants/templates")
 const { getSettingsTemplateContext } = require("./templates")
 const { processString } = require("@budibase/string-templates")
 const { getResetPasswordCode, getInviteCode } = require("../utilities/redis")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 const TEST_MODE = false
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
 const TYPE = TemplateTypes.EMAIL
 
 const FULL_EMAIL_PURPOSES = [
@@ -101,31 +100,30 @@ async function buildEmail(purpose, email, context, { user, contents } = {}) {
 /**
  * Utility function for finding most valid SMTP configuration.
  * @param {object} db The CouchDB database which is to be looked up within.
- * @param {string|null} groupId If using finer grain control of configs a group can be used.
+ * @param {string|null} workspaceId If using finer grain control of configs a workspace can be used.
  * @return {Promise<object|null>} returns the SMTP configuration if it exists
  */
-async function getSmtpConfiguration(db, groupId = null) {
+async function getSmtpConfiguration(db, workspaceId = null) {
   const params = {
     type: Configs.SMTP,
   }
-  if (groupId) {
-    params.group = groupId
+  if (workspaceId) {
+    params.workspace = workspaceId
   }
   return getScopedConfig(db, params)
 }
 
 /**
  * Checks if a SMTP config exists based on passed in parameters.
- * @param groupId
  * @return {Promise<boolean>} returns true if there is a configuration that can be used.
  */
-exports.isEmailConfigured = async (groupId = null) => {
+exports.isEmailConfigured = async (workspaceId = null) => {
   // when "testing" simply return true
   if (TEST_MODE) {
     return true
   }
-  const db = new CouchDB(GLOBAL_DB)
-  const config = await getSmtpConfiguration(db, groupId)
+  const db = getGlobalDB()
+  const config = await getSmtpConfiguration(db, workspaceId)
   return config != null
 }
 
@@ -134,7 +132,7 @@ exports.isEmailConfigured = async (groupId = null) => {
  * send an email using it.
  * @param {string} email The email address to send to.
  * @param {string} purpose The purpose of the email being sent (e.g. reset password).
- * @param {string|undefined} groupId If finer grain controls being used then this will lookup config for group.
+ * @param {string|undefined} workspaceId If finer grain controls being used then this will lookup config for workspace.
  * @param {object|undefined} user If sending to an existing user the object can be provided, this is used in the context.
  * @param {string|undefined} from If sending from an address that is not what is configured in the SMTP config.
  * @param {string|undefined} contents If sending a custom email then can supply contents which will be added to it.
@@ -146,10 +144,10 @@ exports.isEmailConfigured = async (groupId = null) => {
 exports.sendEmail = async (
   email,
   purpose,
-  { groupId, user, from, contents, subject, info } = {}
+  { workspaceId, user, from, contents, subject, info } = {}
 ) => {
-  const db = new CouchDB(GLOBAL_DB)
-  let config = (await getSmtpConfiguration(db, groupId)) || {}
+  const db = getGlobalDB()
+  let config = (await getSmtpConfiguration(db, workspaceId)) || {}
   if (Object.keys(config).length === 0 && !TEST_MODE) {
     throw "Unable to find SMTP configuration."
   }
@@ -160,7 +158,10 @@ exports.sendEmail = async (
   const message = {
     from: from || config.from,
     to: email,
-    html: await buildEmail(purpose, email, context, { user, contents }),
+    html: await buildEmail(purpose, email, context, {
+      user,
+      contents,
+    }),
   }
   if (subject || config.subject) {
     message.subject = await processString(subject || config.subject, context)
diff --git a/packages/worker/src/utilities/redis.js b/packages/worker/src/utilities/redis.js
index 6e55795de1..6dd4491bc4 100644
--- a/packages/worker/src/utilities/redis.js
+++ b/packages/worker/src/utilities/redis.js
@@ -43,8 +43,10 @@ async function getACode(db, code, deleteCode = true) {
 }
 
 exports.init = async () => {
-  pwResetClient = await new Client(utils.Databases.PW_RESETS).init()
-  invitationClient = await new Client(utils.Databases.INVITATIONS).init()
+  pwResetClient = new Client(utils.Databases.PW_RESETS)
+  invitationClient = new Client(utils.Databases.INVITATIONS)
+  await pwResetClient.init()
+  await invitationClient.init()
 }
 
 /**
diff --git a/packages/worker/src/utilities/templates.js b/packages/worker/src/utilities/templates.js
index 3ac897c10f..4dee52b531 100644
--- a/packages/worker/src/utilities/templates.js
+++ b/packages/worker/src/utilities/templates.js
@@ -1,5 +1,4 @@
-const CouchDB = require("../db")
-const { getScopedConfig, StaticDatabases } = require("@budibase/auth").db
+const { getScopedConfig } = require("@budibase/auth/db")
 const {
   Configs,
   InternalTemplateBindings,
@@ -8,12 +7,13 @@ const {
 } = require("../constants")
 const { checkSlashesInUrl } = require("./index")
 const env = require("../environment")
+const { getGlobalDB, addTenantToUrl } = require("@budibase/auth/tenancy")
 
 const LOCAL_URL = `http://localhost:${env.CLUSTER_PORT || 10000}`
 const BASE_COMPANY = "Budibase"
 
 exports.getSettingsTemplateContext = async (purpose, code = null) => {
-  const db = new CouchDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
   // TODO: use more granular settings in the future if required
   let settings = (await getScopedConfig(db, { type: Configs.SETTINGS })) || {}
   if (!settings || !settings.platformUrl) {
@@ -27,7 +27,9 @@ exports.getSettingsTemplateContext = async (purpose, code = null) => {
     [InternalTemplateBindings.COMPANY]: settings.company || BASE_COMPANY,
     [InternalTemplateBindings.DOCS_URL]:
       settings.docsUrl || "https://docs.budibase.com/",
-    [InternalTemplateBindings.LOGIN_URL]: checkSlashesInUrl(`${URL}/login`),
+    [InternalTemplateBindings.LOGIN_URL]: checkSlashesInUrl(
+      addTenantToUrl(`${URL}/login`)
+    ),
     [InternalTemplateBindings.CURRENT_DATE]: new Date().toISOString(),
     [InternalTemplateBindings.CURRENT_YEAR]: new Date().getFullYear(),
   }
@@ -36,13 +38,13 @@ exports.getSettingsTemplateContext = async (purpose, code = null) => {
     case EmailTemplatePurpose.PASSWORD_RECOVERY:
       context[InternalTemplateBindings.RESET_CODE] = code
       context[InternalTemplateBindings.RESET_URL] = checkSlashesInUrl(
-        `${URL}/builder/auth/reset?code=${code}`
+        addTenantToUrl(`${URL}/builder/auth/reset?code=${code}`)
       )
       break
     case EmailTemplatePurpose.INVITATION:
       context[InternalTemplateBindings.INVITE_CODE] = code
       context[InternalTemplateBindings.INVITE_URL] = checkSlashesInUrl(
-        `${URL}/builder/invite?code=${code}`
+        addTenantToUrl(`${URL}/builder/invite?code=${code}`)
       )
       break
   }
diff --git a/packages/worker/yarn.lock b/packages/worker/yarn.lock
index 1d4227363f..514b850a3f 100644
--- a/packages/worker/yarn.lock
+++ b/packages/worker/yarn.lock
@@ -287,6 +287,66 @@
   resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
   integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
 
+"@budibase/auth@^0.9.79-alpha.4":
+  version "0.9.79"
+  resolved "https://registry.yarnpkg.com/@budibase/auth/-/auth-0.9.79.tgz#416271ffc55e84116550469656bf151a7734a90f"
+  integrity sha512-ENh099tYeUfVExsAeoxwMh2ODioKQGPteK9LJiU5hMdM4Oi7pyImu287BgKpTIheB+WtadT4e21VpPaJ62APEw==
+  dependencies:
+    aws-sdk "^2.901.0"
+    bcryptjs "^2.4.3"
+    ioredis "^4.27.1"
+    jsonwebtoken "^8.5.1"
+    koa-passport "^4.1.4"
+    lodash "^4.17.21"
+    node-fetch "^2.6.1"
+    passport-google-auth "^1.0.2"
+    passport-google-oauth "^2.0.0"
+    passport-jwt "^4.0.0"
+    passport-local "^1.0.0"
+    sanitize-s3-objectkey "^0.0.1"
+    tar-fs "^2.1.1"
+    uuid "^8.3.2"
+    zlib "^1.0.5"
+
+"@budibase/handlebars-helpers@^0.11.4":
+  version "0.11.5"
+  resolved "https://registry.yarnpkg.com/@budibase/handlebars-helpers/-/handlebars-helpers-0.11.5.tgz#e9cc90a44e94ad536992cf10906829b633e94bc5"
+  integrity sha512-ZxpyNtTHxS8Y+yTicbgWvYDAydooUSjOf3Y+wmTE2d4NpDgO0g0IjepLfZV+KASv9XBr//ylJdjE4hClX9NTFw==
+  dependencies:
+    array-sort "^1.0.0"
+    define-property "^2.0.2"
+    extend-shallow "^3.0.2"
+    "falsey" "^1.0.0"
+    for-in "^1.0.2"
+    get-object "^0.2.0"
+    get-value "^3.0.1"
+    handlebars "^4.7.7"
+    handlebars-utils "^1.0.6"
+    has-value "^2.0.2"
+    helper-date "^1.0.1"
+    helper-markdown "^1.0.0"
+    helper-md "^0.2.2"
+    html-tag "^2.0.0"
+    is-even "^1.0.0"
+    is-glob "^4.0.1"
+    kind-of "^6.0.3"
+    micromatch "^3.1.5"
+    relative "^3.0.2"
+    striptags "^3.1.1"
+    to-gfm-code-block "^0.1.1"
+    year "^0.2.1"
+
+"@budibase/string-templates@^0.9.79-alpha.4":
+  version "0.9.79"
+  resolved "https://registry.yarnpkg.com/@budibase/string-templates/-/string-templates-0.9.79.tgz#bb75a7433a7cfda1fc488283f35e47879b799fcc"
+  integrity sha512-hkAne5mx7mj8+osXFt45VwgLKSa94uQOGOb4R8uv9WNzvk4RzcjBfRzJxggv29FUemItrAeZpSh+Um6yugFI+w==
+  dependencies:
+    "@budibase/handlebars-helpers" "^0.11.4"
+    dayjs "^1.10.4"
+    handlebars "^4.7.6"
+    handlebars-utils "^1.0.6"
+    lodash "^4.17.20"
+
 "@cnakazawa/watch@^1.0.3":
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/@cnakazawa/watch/-/watch-1.0.4.tgz#f864ae85004d0fcab6f50be9141c4da368d1656a"
@@ -879,7 +939,7 @@ anymatch@~3.1.1:
     normalize-path "^3.0.0"
     picomatch "^2.0.4"
 
-argparse@^1.0.7:
+argparse@^1.0.10, argparse@^1.0.7:
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.10.tgz#bcd6791ea5ae09725e17e5ad988134cd40b3d911"
   integrity sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==
@@ -916,6 +976,15 @@ arr-union@^3.1.0:
   resolved "https://registry.yarnpkg.com/arr-union/-/arr-union-3.1.0.tgz#e39b09aea9def866a8f206e288af63919bae39c4"
   integrity sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=
 
+array-sort@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/array-sort/-/array-sort-1.0.0.tgz#e4c05356453f56f53512a7d1d6123f2c54c0a88a"
+  integrity sha512-ihLeJkonmdiAsD7vpgN3CRcx2J2S0TiYW+IS/5zHBI7mKUq3ySvBdzzBfD236ubDBQFiiyG3SWCPc+msQ9KoYg==
+  dependencies:
+    default-compare "^1.0.0"
+    get-value "^2.0.6"
+    kind-of "^5.0.2"
+
 array-unique@^0.3.2:
   version "0.3.2"
   resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.3.2.tgz#a894b75d4bc4f6cd679ef3244a9fd8f46ae2d428"
@@ -948,6 +1017,13 @@ ast-types@0.9.6:
   resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.6.tgz#102c9e9e9005d3e7e3829bf0c4fa24ee862ee9b9"
   integrity sha1-ECyenpAF0+fjgpvwxPok7oYu6bk=
 
+async@~2.1.4:
+  version "2.1.5"
+  resolved "https://registry.yarnpkg.com/async/-/async-2.1.5.tgz#e587c68580994ac67fc56ff86d3ac56bdbe810bc"
+  integrity sha1-5YfGhYCZSsZ/xW/4bTrFa9voELw=
+  dependencies:
+    lodash "^4.14.0"
+
 asynckit@^0.4.0:
   version "0.4.0"
   resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"
@@ -963,6 +1039,13 @@ atomic-sleep@^1.0.0:
   resolved "https://registry.yarnpkg.com/atomic-sleep/-/atomic-sleep-1.0.0.tgz#eb85b77a601fc932cfe432c5acd364a9e2c9075b"
   integrity sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==
 
+autolinker@~0.28.0:
+  version "0.28.1"
+  resolved "https://registry.yarnpkg.com/autolinker/-/autolinker-0.28.1.tgz#0652b491881879f0775dace0cdca3233942a4e47"
+  integrity sha1-BlK0kYgYefB3XazgzcoyM5QqTkc=
+  dependencies:
+    gulp-header "^1.7.1"
+
 aws-sdk@^2.811.0:
   version "2.811.0"
   resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.811.0.tgz#a7e4040b2ee7d8b825b142ed5179d36dc3f315c4"
@@ -978,6 +1061,21 @@ aws-sdk@^2.811.0:
     uuid "3.3.2"
     xml2js "0.4.19"
 
+aws-sdk@^2.901.0:
+  version "2.953.0"
+  resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.953.0.tgz#2ba87da084164bcb8e325e67356b8372e54cb5d9"
+  integrity sha512-CCsJm+ggE1HQ2fkCto+JRqJyET81Vw8eZr/KnNw19jqRiAsXNj5GqAh1JNyTCHEif8PcjREtP7o3y093ylSUyg==
+  dependencies:
+    buffer "4.9.2"
+    events "1.1.1"
+    ieee754 "1.1.13"
+    jmespath "0.15.0"
+    querystring "0.2.0"
+    sax "1.2.1"
+    url "0.10.3"
+    uuid "3.3.2"
+    xml2js "0.4.19"
+
 aws-sign2@~0.7.0:
   version "0.7.0"
   resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.7.0.tgz#b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8"
@@ -1104,6 +1202,15 @@ binary-extensions@^2.0.0:
   resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.2.0.tgz#75f502eeaf9ffde42fc98829645be4ea76bd9e2d"
   integrity sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA==
 
+bl@^4.0.3:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/bl/-/bl-4.1.0.tgz#451535264182bec2fbbc83a62ab98cf11d9f7b3a"
+  integrity sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==
+  dependencies:
+    buffer "^5.5.0"
+    inherits "^2.0.4"
+    readable-stream "^3.4.0"
+
 boxen@^4.2.0:
   version "4.2.0"
   resolved "https://registry.yarnpkg.com/boxen/-/boxen-4.2.0.tgz#e411b62357d6d6d36587c8ac3d5d974daa070e64"
@@ -1348,6 +1455,11 @@ chokidar@^3.2.2:
   optionalDependencies:
     fsevents "~2.3.1"
 
+chownr@^1.1.1:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.4.tgz#6fc9d7b42d32a583596337666e7d08084da2cc6b"
+  integrity sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==
+
 ci-info@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-2.0.0.tgz#67a9e964be31a51e15e5010d58e6f12834002f46"
@@ -1394,6 +1506,11 @@ clone-response@^1.0.2:
   dependencies:
     mimic-response "^1.0.0"
 
+cluster-key-slot@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/cluster-key-slot/-/cluster-key-slot-1.1.0.tgz#30474b2a981fb12172695833052bc0d01336d10d"
+  integrity sha512-2Nii8p3RwAPiFwsnZvukotvow2rIHM+yQ6ZcBXGHdniadkYGZYiGmkHJIbZPIV9nfv7m/U1IPMVVcAhoWFeklw==
+
 co-body@^5.1.1:
   version "5.2.0"
   resolved "https://registry.yarnpkg.com/co-body/-/co-body-5.2.0.tgz#5a0a658c46029131e0e3a306f67647302f71c124"
@@ -1495,6 +1612,13 @@ concat-map@0.0.1:
   resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
   integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=
 
+concat-with-sourcemaps@*:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/concat-with-sourcemaps/-/concat-with-sourcemaps-1.1.0.tgz#d4ea93f05ae25790951b99e7b3b09e3908a4082e"
+  integrity sha512-4gEjHJFT9e+2W/77h/DS5SGUgwDaOwprX8L/gl5+3ixnzkVJJsZWDSelmN3Oilw3LNDZjZV0yqH1hLG3k6nghg==
+  dependencies:
+    source-map "^0.6.1"
+
 configstore@^5.0.1:
   version "5.0.1"
   resolved "https://registry.yarnpkg.com/configstore/-/configstore-5.0.1.tgz#d365021b5df4b98cdd187d6a3b0e3f6a7cc5ed96"
@@ -1614,11 +1738,23 @@ data-urls@^2.0.0:
     whatwg-mimetype "^2.3.0"
     whatwg-url "^8.0.0"
 
+date.js@^0.3.1:
+  version "0.3.3"
+  resolved "https://registry.yarnpkg.com/date.js/-/date.js-0.3.3.tgz#ef1e92332f507a638795dbb985e951882e50bbda"
+  integrity sha512-HgigOS3h3k6HnW011nAb43c5xx5rBXk8P2v/WIT9Zv4koIaVXiH2BURguI78VVp+5Qc076T7OR378JViCnZtBw==
+  dependencies:
+    debug "~3.1.0"
+
 dateformat@^3.0.3:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/dateformat/-/dateformat-3.0.3.tgz#a6e37499a4d9a9cf85ef5872044d62901c9889ae"
   integrity sha512-jyCETtSl3VMZMWeRo7iY1FL19ges1t55hMo5yaam4Jrsm5EPL89UQkoQRyiI+Yf4k8r2ZpdngkV8hr1lIdjb3Q==
 
+dayjs@^1.10.4:
+  version "1.10.6"
+  resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.10.6.tgz#288b2aa82f2d8418a6c9d4df5898c0737ad02a63"
+  integrity sha512-AztC/IOW4L1Q41A86phW5Thhcrco3xuAA+YX/BLpLWWjRcTj5TOt/QImBLmCKlrF7u7k47arTnOyL6GnbG8Hvw==
+
 debug@^2.2.0, debug@^2.3.3:
   version "2.6.9"
   resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f"
@@ -1640,6 +1776,13 @@ debug@^4.1.0, debug@^4.1.1:
   dependencies:
     ms "2.1.2"
 
+debug@^4.3.1:
+  version "4.3.2"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.2.tgz#f0a49c18ac8779e31d4a0c6029dfb76873c7428b"
+  integrity sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==
+  dependencies:
+    ms "2.1.2"
+
 debug@~3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/debug/-/debug-3.1.0.tgz#5bb5a0672628b64149566ba16819e61518c67261"
@@ -1696,6 +1839,13 @@ deepmerge@^4.2.2:
   resolved "https://registry.yarnpkg.com/deepmerge/-/deepmerge-4.2.2.tgz#44d2ea3679b8f4d4ffba33f03d865fc1e7bf4955"
   integrity sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==
 
+default-compare@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/default-compare/-/default-compare-1.0.0.tgz#cb61131844ad84d84788fb68fd01681ca7781a2f"
+  integrity sha512-QWfXlM0EkAbqOCbD/6HjdwT19j7WCkMyiRhWilc4H9/5h/RzTF9gv5LYh1+CmDV5d1rki6KAWLtQale0xt20eQ==
+  dependencies:
+    kind-of "^5.0.2"
+
 defer-to-connect@^1.0.1:
   version "1.1.3"
   resolved "https://registry.yarnpkg.com/defer-to-connect/-/defer-to-connect-1.1.3.tgz#331ae050c08dcf789f8c83a7b81f0ed94f4ac591"
@@ -1751,6 +1901,11 @@ delegates@^1.0.0:
   resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a"
   integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=
 
+denque@^1.1.0:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/denque/-/denque-1.5.0.tgz#773de0686ff2d8ec2ff92914316a47b73b1c73de"
+  integrity sha512-CYiCSgIF1p6EUByQPlGkKnP1M9g0ZV3qMIrqMqZqdwazygIA/YP2vrbcyl1h/WppKJTdl1F85cXIle+394iDAQ==
+
 depd@^1.1.2, depd@~1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9"
@@ -1868,7 +2023,7 @@ encoding-down@^6.3.0:
     level-codec "^9.0.0"
     level-errors "^2.0.0"
 
-end-of-stream@^1.1.0:
+end-of-stream@^1.1.0, end-of-stream@^1.4.1:
   version "1.4.4"
   resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.4.tgz#5ae64a5f45057baf3626ec14da0ca5e4b2431eb0"
   integrity sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==
@@ -1882,6 +2037,11 @@ end-stream@~0.1.0:
   dependencies:
     write-stream "~0.4.3"
 
+ent@^2.2.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/ent/-/ent-2.2.0.tgz#e964219325a21d05f44466a2f686ed6ce5f5dd1d"
+  integrity sha1-6WQhkyWiHQX0RGai9obtbOX13R0=
+
 errno@~0.1.1:
   version "0.1.8"
   resolved "https://registry.yarnpkg.com/errno/-/errno-0.1.8.tgz#8bb3e9c7d463be4976ff888f76b4809ebc2e811f"
@@ -2123,6 +2283,11 @@ falafel@^1.0.1:
     isarray "0.0.1"
     object-keys "^1.0.6"
 
+"falsey@^1.0.0":
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/falsey/-/falsey-1.0.0.tgz#71bdd775c24edad9f2f5c015ce8be24400bb5d7d"
+  integrity sha512-zMDNZ/Ipd8MY0+346CPvhzP1AsiVyNfTOayJza4reAIWf72xbkuFUDcJNxSAsQE1b9Bu0wijKb8Ngnh/a7fI5w==
+
 fast-deep-equal@^3.1.1:
   version "3.1.3"
   resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525"
@@ -2249,6 +2414,16 @@ fresh@~0.5.2:
   resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7"
   integrity sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac=
 
+fs-constants@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/fs-constants/-/fs-constants-1.0.0.tgz#6be0de9be998ce16af8afc24497b9ee9b7ccd9ad"
+  integrity sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==
+
+fs-exists-sync@^0.1.0:
+  version "0.1.0"
+  resolved "https://registry.yarnpkg.com/fs-exists-sync/-/fs-exists-sync-0.1.0.tgz#982d6893af918e72d08dec9e8673ff2b5a8d6add"
+  integrity sha1-mC1ok6+RjnLQjeyehnP/K1qNat0=
+
 fs.realpath@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
@@ -2288,6 +2463,14 @@ get-intrinsic@^1.0.2:
     has "^1.0.3"
     has-symbols "^1.0.1"
 
+get-object@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/get-object/-/get-object-0.2.0.tgz#d92ff7d5190c64530cda0543dac63a3d47fe8c0c"
+  integrity sha1-2S/31RkMZFMM2gVD2sY6PUf+jAw=
+  dependencies:
+    is-number "^2.0.2"
+    isobject "^0.2.0"
+
 get-package-type@^0.1.0:
   version "0.1.0"
   resolved "https://registry.yarnpkg.com/get-package-type/-/get-package-type-0.1.0.tgz#8de2d803cff44df3bc6c456e6668b36c3926e11a"
@@ -2312,6 +2495,13 @@ get-value@^2.0.3, get-value@^2.0.6:
   resolved "https://registry.yarnpkg.com/get-value/-/get-value-2.0.6.tgz#dc15ca1c672387ca76bd37ac0a395ba2042a2c28"
   integrity sha1-3BXKHGcjh8p2vTesCjlbogQqLCg=
 
+get-value@^3.0.0, get-value@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/get-value/-/get-value-3.0.1.tgz#5efd2a157f1d6a516d7524e124ac52d0a39ef5a8"
+  integrity sha512-mKZj9JLQrwMBtj5wxi6MH8Z5eSKaERpAwjg43dPtlGI1ZVEgH/qC7T8/6R2OBSUA+zzHBZgICsVJaEIV2tKTDA==
+  dependencies:
+    isobject "^3.0.1"
+
 getpass@^0.1.1:
   version "0.1.7"
   resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.7.tgz#5eff8e3e684d569ae4cb2b1282604e8ba62149fa"
@@ -2361,6 +2551,32 @@ globals@^11.1.0:
   resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e"
   integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==
 
+google-auth-library@~0.10.0:
+  version "0.10.0"
+  resolved "https://registry.yarnpkg.com/google-auth-library/-/google-auth-library-0.10.0.tgz#6e15babee85fd1dd14d8d128a295b6838d52136e"
+  integrity sha1-bhW6vuhf0d0U2NEoopW2g41SE24=
+  dependencies:
+    gtoken "^1.2.1"
+    jws "^3.1.4"
+    lodash.noop "^3.0.1"
+    request "^2.74.0"
+
+google-p12-pem@^0.1.0:
+  version "0.1.2"
+  resolved "https://registry.yarnpkg.com/google-p12-pem/-/google-p12-pem-0.1.2.tgz#33c46ab021aa734fa0332b3960a9a3ffcb2f3177"
+  integrity sha1-M8RqsCGqc0+gMys5YKmj/8svMXc=
+  dependencies:
+    node-forge "^0.7.1"
+
+googleapis@^16.0.0:
+  version "16.1.0"
+  resolved "https://registry.yarnpkg.com/googleapis/-/googleapis-16.1.0.tgz#0f19f2d70572d918881a0f626e3b1a2fa8629576"
+  integrity sha1-Dxny1wVy2RiIGg9ibjsaL6hilXY=
+  dependencies:
+    async "~2.1.4"
+    google-auth-library "~0.10.0"
+    string-template "~1.0.0"
+
 got@^11.8.1:
   version "11.8.1"
   resolved "https://registry.yarnpkg.com/got/-/got-11.8.1.tgz#df04adfaf2e782babb3daabc79139feec2f7e85d"
@@ -2410,6 +2626,45 @@ growly@^1.3.0:
   resolved "https://registry.yarnpkg.com/growly/-/growly-1.3.0.tgz#f10748cbe76af964b7c96c93c6bcc28af120c081"
   integrity sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=
 
+gtoken@^1.2.1:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/gtoken/-/gtoken-1.2.3.tgz#5509571b8afd4322e124cf66cf68115284c476d8"
+  integrity sha512-wQAJflfoqSgMWrSBk9Fg86q+sd6s7y6uJhIvvIPz++RElGlMtEqsdAR2oWwZ/WTEtp7P9xFbJRrT976oRgzJ/w==
+  dependencies:
+    google-p12-pem "^0.1.0"
+    jws "^3.0.0"
+    mime "^1.4.1"
+    request "^2.72.0"
+
+gulp-header@^1.7.1:
+  version "1.8.12"
+  resolved "https://registry.yarnpkg.com/gulp-header/-/gulp-header-1.8.12.tgz#ad306be0066599127281c4f8786660e705080a84"
+  integrity sha512-lh9HLdb53sC7XIZOYzTXM4lFuXElv3EVkSDhsd7DoJBj7hm+Ni7D3qYbb+Rr8DuM8nRanBvkVO9d7askreXGnQ==
+  dependencies:
+    concat-with-sourcemaps "*"
+    lodash.template "^4.4.0"
+    through2 "^2.0.0"
+
+handlebars-utils@^1.0.2, handlebars-utils@^1.0.4, handlebars-utils@^1.0.6:
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/handlebars-utils/-/handlebars-utils-1.0.6.tgz#cb9db43362479054782d86ffe10f47abc76357f9"
+  integrity sha512-d5mmoQXdeEqSKMtQQZ9WkiUcO1E3tPbWxluCK9hVgIDPzQa9WsKo3Lbe/sGflTe7TomHEeZaOgwIkyIr1kfzkw==
+  dependencies:
+    kind-of "^6.0.0"
+    typeof-article "^0.1.1"
+
+handlebars@^4.7.6, handlebars@^4.7.7:
+  version "4.7.7"
+  resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.7.7.tgz#9ce33416aad02dbd6c8fafa8240d5d98004945a1"
+  integrity sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==
+  dependencies:
+    minimist "^1.2.5"
+    neo-async "^2.6.0"
+    source-map "^0.6.1"
+    wordwrap "^1.0.0"
+  optionalDependencies:
+    uglify-js "^3.1.4"
+
 har-schema@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-2.0.0.tgz#a94c2224ebcac04782a0d9035521f24735b7ec92"
@@ -2456,6 +2711,14 @@ has-value@^1.0.0:
     has-values "^1.0.0"
     isobject "^3.0.0"
 
+has-value@^2.0.2:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/has-value/-/has-value-2.0.2.tgz#d0f12e8780ba8e90e66ad1a21c707fdb67c25658"
+  integrity sha512-ybKOlcRsK2MqrM3Hmz/lQxXHZ6ejzSPzpNabKB45jb5qDgJvKPa3SdapTsTLwEb9WltgWpOmNax7i+DzNOk4TA==
+  dependencies:
+    get-value "^3.0.0"
+    has-values "^2.0.1"
+
 has-values@^0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/has-values/-/has-values-0.1.4.tgz#6d61de95d91dfca9b9a02089ad384bff8f62b771"
@@ -2469,6 +2732,13 @@ has-values@^1.0.0:
     is-number "^3.0.0"
     kind-of "^4.0.0"
 
+has-values@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/has-values/-/has-values-2.0.1.tgz#3876200ff86d8a8546a9264a952c17d5fc17579d"
+  integrity sha512-+QdH3jOmq9P8GfdjFg0eJudqx1FqU62NQJ4P16rOEHeRdl7ckgwn6uqQjzYE0ZoHVV/e5E2esuJ5Gl5+HUW19w==
+  dependencies:
+    kind-of "^6.0.2"
+
 has-yarn@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/has-yarn/-/has-yarn-2.1.0.tgz#137e11354a7b5bf11aa5cb649cf0c6f3ff2b2e77"
@@ -2481,6 +2751,39 @@ has@^1.0.3:
   dependencies:
     function-bind "^1.1.1"
 
+helper-date@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/helper-date/-/helper-date-1.0.1.tgz#12fedea3ad8e44a7ca4c4efb0ff4104a5120cffb"
+  integrity sha512-wU3VOwwTJvGr/w5rZr3cprPHO+hIhlblTJHD6aFBrKLuNbf4lAmkawd2iK3c6NbJEvY7HAmDpqjOFSI5/+Ey2w==
+  dependencies:
+    date.js "^0.3.1"
+    handlebars-utils "^1.0.4"
+    moment "^2.18.1"
+
+helper-markdown@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/helper-markdown/-/helper-markdown-1.0.0.tgz#ee7e9fc554675007d37eb90f7853b13ce74f3e10"
+  integrity sha512-AnDqMS4ejkQK0MXze7pA9TM3pu01ZY+XXsES6gEE0RmCGk5/NIfvTn0NmItfyDOjRAzyo9z6X7YHbHX4PzIvOA==
+  dependencies:
+    handlebars-utils "^1.0.2"
+    highlight.js "^9.12.0"
+    remarkable "^1.7.1"
+
+helper-md@^0.2.2:
+  version "0.2.2"
+  resolved "https://registry.yarnpkg.com/helper-md/-/helper-md-0.2.2.tgz#c1f59d7e55bbae23362fd8a0e971607aec69d41f"
+  integrity sha1-wfWdflW7riM2L9ig6XFgeuxp1B8=
+  dependencies:
+    ent "^2.2.0"
+    extend-shallow "^2.0.1"
+    fs-exists-sync "^0.1.0"
+    remarkable "^1.6.2"
+
+highlight.js@^9.12.0:
+  version "9.18.5"
+  resolved "https://registry.yarnpkg.com/highlight.js/-/highlight.js-9.18.5.tgz#d18a359867f378c138d6819edfc2a8acd5f29825"
+  integrity sha512-a5bFyofd/BHCX52/8i8uJkjr9DYwXIPnM/plwI6W7ezItLGqzt7X2G2nXuYSfsIJdkwwj/g9DG1LkcGJI/dDoA==
+
 hosted-git-info@^2.1.4:
   version "2.8.9"
   resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.9.tgz#dffc0bf9a21c02209090f2aa69429e1414daf3f9"
@@ -2498,6 +2801,14 @@ html-escaper@^2.0.0:
   resolved "https://registry.yarnpkg.com/html-escaper/-/html-escaper-2.0.2.tgz#dfd60027da36a36dfcbe236262c00a5822681453"
   integrity sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==
 
+html-tag@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/html-tag/-/html-tag-2.0.0.tgz#36c3bc8d816fd30b570d5764a497a641640c2fed"
+  integrity sha512-XxzooSo6oBoxBEUazgjdXj7VwTn/iSTSZzTYKzYY6I916tkaYzypHxy+pbVU1h+0UQ9JlVf5XkNQyxOAiiQO1g==
+  dependencies:
+    is-self-closing "^1.0.1"
+    kind-of "^6.0.0"
+
 http-assert@^1.3.0:
   version "1.4.1"
   resolved "https://registry.yarnpkg.com/http-assert/-/http-assert-1.4.1.tgz#c5f725d677aa7e873ef736199b89686cceb37878"
@@ -2628,7 +2939,7 @@ inflight@^1.0.4:
     once "^1.3.0"
     wrappy "1"
 
-inherits@2, inherits@2.0.4, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1:
+inherits@2, inherits@2.0.4, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
@@ -2656,6 +2967,22 @@ inline-process-browser@^1.0.0:
     falafel "^1.0.1"
     through2 "^0.6.5"
 
+ioredis@^4.27.1:
+  version "4.27.6"
+  resolved "https://registry.yarnpkg.com/ioredis/-/ioredis-4.27.6.tgz#a53d427d3fe75fbd10ed7ad150ce00559df8dcf8"
+  integrity sha512-6W3ZHMbpCa8ByMyC1LJGOi7P2WiOKP9B3resoZOVLDhi+6dDBOW+KNsRq3yI36Hmnb2sifCxHX+YSarTeXh48A==
+  dependencies:
+    cluster-key-slot "^1.1.0"
+    debug "^4.3.1"
+    denque "^1.1.0"
+    lodash.defaults "^4.2.0"
+    lodash.flatten "^4.4.0"
+    p-map "^2.1.0"
+    redis-commands "1.7.0"
+    redis-errors "^1.2.0"
+    redis-parser "^3.0.0"
+    standard-as-callback "^2.1.0"
+
 is-accessor-descriptor@^0.1.6:
   version "0.1.6"
   resolved "https://registry.yarnpkg.com/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz#a9e12cb3ae8d876727eeef3843f8a0897b5c98d6"
@@ -2743,6 +3070,13 @@ is-docker@^2.0.0:
   resolved "https://registry.yarnpkg.com/is-docker/-/is-docker-2.2.1.tgz#33eeabe23cfe86f14bde4408a02c0cfb853acdaa"
   integrity sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ==
 
+is-even@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-even/-/is-even-1.0.0.tgz#76b5055fbad8d294a86b6a949015e1c97b717c06"
+  integrity sha1-drUFX7rY0pSoa2qUkBXhyXtxfAY=
+  dependencies:
+    is-odd "^0.1.2"
+
 is-extendable@^0.1.0, is-extendable@^0.1.1:
   version "0.1.1"
   resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89"
@@ -2800,6 +3134,13 @@ is-npm@^4.0.0:
   resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-4.0.0.tgz#c90dd8380696df87a7a6d823c20d0b12bbe3c84d"
   integrity sha512-96ECIfh9xtDDlPylNPXhzjsykHsMJZ18ASpaWzQyBr4YRTcVjUvzaHayDAES2oU/3KpljhHUjtSRNiDwi0F0ig==
 
+is-number@^2.0.2:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f"
+  integrity sha1-Afy7s5NGOlSPL0ZszhbezknbkI8=
+  dependencies:
+    kind-of "^3.0.2"
+
 is-number@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/is-number/-/is-number-3.0.0.tgz#24fd6201a4782cf50561c810276afc7d12d71195"
@@ -2817,6 +3158,13 @@ is-obj@^2.0.0:
   resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982"
   integrity sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==
 
+is-odd@^0.1.2:
+  version "0.1.2"
+  resolved "https://registry.yarnpkg.com/is-odd/-/is-odd-0.1.2.tgz#bc573b5ce371ef2aad6e6f49799b72bef13978a7"
+  integrity sha1-vFc7XONx7yqtbm9JeZtyvvE5eKc=
+  dependencies:
+    is-number "^3.0.0"
+
 is-path-inside@^3.0.1:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283"
@@ -2834,6 +3182,13 @@ is-potential-custom-element-name@^1.0.0:
   resolved "https://registry.yarnpkg.com/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz#171ed6f19e3ac554394edf78caa05784a45bebb5"
   integrity sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ==
 
+is-self-closing@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/is-self-closing/-/is-self-closing-1.0.1.tgz#5f406b527c7b12610176320338af0fa3896416e4"
+  integrity sha512-E+60FomW7Blv5GXTlYee2KDrnG6srxF7Xt1SjrhWUGUEsTFIqY/nq2y3DaftCsgUMdh89V07IVfhY9KIJhLezg==
+  dependencies:
+    self-closing-tags "^1.0.1"
+
 is-stream@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44"
@@ -2880,7 +3235,7 @@ isarray@0.0.1:
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf"
   integrity sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=
 
-isarray@1.0.0, isarray@^1.0.0:
+isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
   integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=
@@ -2890,6 +3245,11 @@ isexe@^2.0.0:
   resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10"
   integrity sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=
 
+isobject@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/isobject/-/isobject-0.2.0.tgz#a3432192f39b910b5f02cc989487836ec70aa85e"
+  integrity sha1-o0MhkvObkQtfAsyYlIeDbscKqF4=
+
 isobject@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89"
@@ -3434,7 +3794,7 @@ json5@^2.1.2:
   dependencies:
     minimist "^1.2.5"
 
-jsonwebtoken@^8.2.0:
+jsonwebtoken@^8.2.0, jsonwebtoken@^8.5.1:
   version "8.5.1"
   resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz#00e71e0b8df54c2121a1f26137df2280673bcc0d"
   integrity sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==
@@ -3489,7 +3849,7 @@ jwa@^1.4.1:
     ecdsa-sig-formatter "1.0.11"
     safe-buffer "^5.0.1"
 
-jws@^3.2.2:
+jws@^3.0.0, jws@^3.1.4, jws@^3.2.2:
   version "3.2.2"
   resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.2.tgz#001099f3639468c9414000e99995fa52fb478304"
   integrity sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==
@@ -3518,7 +3878,7 @@ keyv@^4.0.0:
   dependencies:
     json-buffer "3.0.1"
 
-kind-of@^3.0.2, kind-of@^3.0.3, kind-of@^3.2.0:
+kind-of@^3.0.2, kind-of@^3.0.3, kind-of@^3.1.0, kind-of@^3.2.0:
   version "3.2.2"
   resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.2.2.tgz#31ea21a734bab9bbb0f32466d893aea51e4a3c64"
   integrity sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=
@@ -3532,12 +3892,12 @@ kind-of@^4.0.0:
   dependencies:
     is-buffer "^1.1.5"
 
-kind-of@^5.0.0:
+kind-of@^5.0.0, kind-of@^5.0.2:
   version "5.1.0"
   resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-5.1.0.tgz#729c91e2d857b7a419a1f9aa65685c4c33f5845d"
   integrity sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==
 
-kind-of@^6.0.0, kind-of@^6.0.2:
+kind-of@^6.0.0, kind-of@^6.0.2, kind-of@^6.0.3:
   version "6.0.3"
   resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-6.0.3.tgz#07c05034a6c349fa06e24fa35aa76db4580ce4dd"
   integrity sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==
@@ -3798,6 +4158,21 @@ locate-path@^5.0.0:
   dependencies:
     p-locate "^4.1.0"
 
+lodash._reinterpolate@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz#0ccf2d89166af03b3663c796538b75ac6e114d9d"
+  integrity sha1-DM8tiRZq8Ds2Y8eWU4t1rG4RTZ0=
+
+lodash.defaults@^4.2.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-4.2.0.tgz#d09178716ffea4dde9e5fb7b37f6f0802274580c"
+  integrity sha1-0JF4cW/+pN3p5ft7N/bwgCJ0WAw=
+
+lodash.flatten@^4.4.0:
+  version "4.4.0"
+  resolved "https://registry.yarnpkg.com/lodash.flatten/-/lodash.flatten-4.4.0.tgz#f31c22225a9632d2bbf8e4addbef240aa765a61f"
+  integrity sha1-8xwiIlqWMtK7+OSt2+8kCqdlph8=
+
 lodash.includes@^4.3.0:
   version "4.3.0"
   resolved "https://registry.yarnpkg.com/lodash.includes/-/lodash.includes-4.3.0.tgz#60bb98a87cb923c68ca1e51325483314849f553f"
@@ -3828,12 +4203,32 @@ lodash.isstring@^4.0.1:
   resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451"
   integrity sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=
 
+lodash.noop@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/lodash.noop/-/lodash.noop-3.0.1.tgz#38188f4d650a3a474258439b96ec45b32617133c"
+  integrity sha1-OBiPTWUKOkdCWEObluxFsyYXEzw=
+
 lodash.once@^4.0.0:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac"
   integrity sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=
 
-lodash@^4.17.19, lodash@^4.7.0:
+lodash.template@^4.4.0:
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/lodash.template/-/lodash.template-4.5.0.tgz#f976195cf3f347d0d5f52483569fe8031ccce8ab"
+  integrity sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A==
+  dependencies:
+    lodash._reinterpolate "^3.0.0"
+    lodash.templatesettings "^4.0.0"
+
+lodash.templatesettings@^4.0.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/lodash.templatesettings/-/lodash.templatesettings-4.2.0.tgz#e481310f049d3cf6d47e912ad09313b154f0fb33"
+  integrity sha512-stgLz+i3Aa9mZgnjr/O+v9ruKZsPsndy7qPZOchbqk2cnTU1ZaldKK+v7m54WoKIyxiuMZTKT2H81F8BeAc3ZQ==
+  dependencies:
+    lodash._reinterpolate "^3.0.0"
+
+lodash@^4.14.0, lodash@^4.17.19, lodash@^4.17.20, lodash@^4.17.21, lodash@^4.7.0:
   version "4.17.21"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
   integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
@@ -3913,7 +4308,7 @@ methods@^1.1.2:
   resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee"
   integrity sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4=
 
-micromatch@^3.1.4:
+micromatch@^3.1.4, micromatch@^3.1.5:
   version "3.1.10"
   resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-3.1.10.tgz#70859bc95c9840952f359a068a3fc49f9ecfac23"
   integrity sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==
@@ -3969,6 +4364,11 @@ mime-types@^2.1.18, mime-types@~2.1.24:
   dependencies:
     mime-db "1.44.0"
 
+mime@^1.4.1:
+  version "1.6.0"
+  resolved "https://registry.yarnpkg.com/mime/-/mime-1.6.0.tgz#32cd9e5c64553bd58d19a568af452acff04981b1"
+  integrity sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==
+
 mime@^2.4.6:
   version "2.5.2"
   resolved "https://registry.yarnpkg.com/mime/-/mime-2.5.2.tgz#6e3dc6cc2b9510643830e5f19d5cb753da5eeabe"
@@ -4009,6 +4409,11 @@ mixin-deep@^1.2.0:
     for-in "^1.0.2"
     is-extendable "^1.0.1"
 
+mkdirp-classic@^0.5.2:
+  version "0.5.3"
+  resolved "https://registry.yarnpkg.com/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz#fa10c9115cc6d8865be221ba47ee9bed78601113"
+  integrity sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==
+
 mkdirp@^0.5.0:
   version "0.5.5"
   resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def"
@@ -4016,6 +4421,11 @@ mkdirp@^0.5.0:
   dependencies:
     minimist "^1.2.5"
 
+moment@^2.18.1:
+  version "2.29.1"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.1.tgz#b2be769fa31940be9eeea6469c075e35006fa3d3"
+  integrity sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==
+
 mri@1.1.4:
   version "1.1.4"
   resolved "https://registry.yarnpkg.com/mri/-/mri-1.1.4.tgz#7cb1dd1b9b40905f1fac053abe25b6720f44744a"
@@ -4068,6 +4478,11 @@ negotiator@0.6.2:
   resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.2.tgz#feacf7ccf525a77ae9634436a64883ffeca346fb"
   integrity sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==
 
+neo-async@^2.6.0:
+  version "2.6.2"
+  resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f"
+  integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==
+
 nice-try@^1.0.4:
   version "1.0.5"
   resolved "https://registry.yarnpkg.com/nice-try/-/nice-try-1.0.5.tgz#a3378a7696ce7d223e88fc9b764bd7ef1089e366"
@@ -4083,6 +4498,11 @@ node-fetch@^2.6.1:
   resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.1.tgz#045bd323631f76ed2e2b55573394416b639a0052"
   integrity sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==
 
+node-forge@^0.7.1:
+  version "0.7.6"
+  resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.6.tgz#fdf3b418aee1f94f0ef642cd63486c77ca9724ac"
+  integrity sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==
+
 node-gyp-build@~4.1.0:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/node-gyp-build/-/node-gyp-build-4.1.1.tgz#d7270b5d86717068d114cc57fff352f96d745feb"
@@ -4309,6 +4729,11 @@ p-locate@^4.1.0:
   dependencies:
     p-limit "^2.2.0"
 
+p-map@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/p-map/-/p-map-2.1.0.tgz#310928feef9c9ecc65b68b17693018a665cea175"
+  integrity sha512-y3b8Kpd8OAN444hxfBbFfj1FY/RjtTd8tzYwhUqNYXx0fXx2iX4maP4Qr6qhIKbQXI02wTLAda4fYUbDagTUFw==
+
 p-try@^2.0.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6"
@@ -4349,6 +4774,14 @@ pascalcase@^0.1.1:
   resolved "https://registry.yarnpkg.com/pascalcase/-/pascalcase-0.1.1.tgz#b363e55e8006ca6fe21784d2db22bd15d7917f14"
   integrity sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ=
 
+passport-google-auth@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/passport-google-auth/-/passport-google-auth-1.0.2.tgz#8b300b5aa442ef433de1d832ed3112877d0b2938"
+  integrity sha1-izALWqRC70M94dgy7TESh30LKTg=
+  dependencies:
+    googleapis "^16.0.0"
+    passport-strategy "1.x"
+
 passport-google-oauth1@1.x.x:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/passport-google-oauth1/-/passport-google-oauth1-1.0.0.tgz#af74a803df51ec646f66a44d82282be6f108e0cc"
@@ -4406,7 +4839,7 @@ passport-oauth2@1.x.x:
     uid2 "0.0.x"
     utils-merge "1.x.x"
 
-passport-strategy@1.x.x, passport-strategy@^1.0.0:
+passport-strategy@1.x, passport-strategy@1.x.x, passport-strategy@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4"
   integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ=
@@ -4696,6 +5129,11 @@ private@^0.1.6, private@~0.1.5:
   resolved "https://registry.yarnpkg.com/private/-/private-0.1.8.tgz#2381edb3689f7a53d653190060fcf822d2f368ff"
   integrity sha512-VvivMrbvd2nKkiG38qjULzlc+4Vx4wm/whI9pQD35YrARNnhxeiRktSOhSukRLFNlzg6Br/cJPet5J/u19r/mg==
 
+process-nextick-args@~2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
+  integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==
+
 prompts@^2.0.1:
   version "2.4.1"
   resolved "https://registry.yarnpkg.com/prompts/-/prompts-2.4.1.tgz#befd3b1195ba052f9fd2fde8a486c4e82ee77f61"
@@ -4840,7 +5278,7 @@ readable-stream@1.1.14:
     isarray "0.0.1"
     string_decoder "~0.10.x"
 
-"readable-stream@2 || 3", readable-stream@^3.0.0, readable-stream@^3.4.0, readable-stream@^3.6.0:
+"readable-stream@2 || 3", readable-stream@^3.0.0, readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0:
   version "3.6.0"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.0.tgz#337bbda3adc0706bd3e024426a286d4b4b2c9198"
   integrity sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==
@@ -4864,6 +5302,19 @@ readable-stream@~0.0.2:
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-0.0.4.tgz#f32d76e3fb863344a548d79923007173665b3b8d"
   integrity sha1-8y124/uGM0SlSNeZIwBxc2ZbO40=
 
+readable-stream@~2.3.6:
+  version "2.3.7"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
+  integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
+  dependencies:
+    core-util-is "~1.0.0"
+    inherits "~2.0.3"
+    isarray "~1.0.0"
+    process-nextick-args "~2.0.0"
+    safe-buffer "~5.1.1"
+    string_decoder "~1.1.1"
+    util-deprecate "~1.0.1"
+
 readdirp@~3.5.0:
   version "3.5.0"
   resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-3.5.0.tgz#9ba74c019b15d365278d2e91bb8c48d7b4d42c9e"
@@ -4891,6 +5342,23 @@ recast@^0.11.17:
     private "~0.1.5"
     source-map "~0.5.0"
 
+redis-commands@1.7.0:
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/redis-commands/-/redis-commands-1.7.0.tgz#15a6fea2d58281e27b1cd1acfb4b293e278c3a89"
+  integrity sha512-nJWqw3bTFy21hX/CPKHth6sfhZbdiHP6bTawSgQBlKOVRG7EZkfHbbHwQJnrE4vsQf0CMNE+3gJ4Fmm16vdVlQ==
+
+redis-errors@^1.0.0, redis-errors@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/redis-errors/-/redis-errors-1.2.0.tgz#eb62d2adb15e4eaf4610c04afe1529384250abad"
+  integrity sha1-62LSrbFeTq9GEMBK/hUpOEJQq60=
+
+redis-parser@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/redis-parser/-/redis-parser-3.0.0.tgz#b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4"
+  integrity sha1-tm2CjNyv5rS4pCin3vTGvKwxyLQ=
+  dependencies:
+    redis-errors "^1.0.0"
+
 regex-not@^1.0.0, regex-not@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/regex-not/-/regex-not-1.0.2.tgz#1f4ece27e00b0b65e0247a6810e6a85d83a5752c"
@@ -4913,6 +5381,21 @@ registry-url@^5.0.0:
   dependencies:
     rc "^1.2.8"
 
+relative@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/relative/-/relative-3.0.2.tgz#0dcd8ec54a5d35a3c15e104503d65375b5a5367f"
+  integrity sha1-Dc2OxUpdNaPBXhBFA9ZTdbWlNn8=
+  dependencies:
+    isobject "^2.0.0"
+
+remarkable@^1.6.2, remarkable@^1.7.1:
+  version "1.7.4"
+  resolved "https://registry.yarnpkg.com/remarkable/-/remarkable-1.7.4.tgz#19073cb960398c87a7d6546eaa5e50d2022fcd00"
+  integrity sha512-e6NKUXgX95whv7IgddywbeN/ItCkWbISmc2DiqHJb0wTrqZIexqdco5b8Z3XZoo/48IdNVKM9ZCvTPJ4F5uvhg==
+  dependencies:
+    argparse "^1.0.10"
+    autolinker "~0.28.0"
+
 remove-trailing-separator@^1.0.1:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz#c24bce2a283adad5bc3f58e0d48249b92379d8ef"
@@ -4944,7 +5427,7 @@ request-promise-native@^1.0.9:
     stealthy-require "^1.1.1"
     tough-cookie "^2.3.3"
 
-request@^2.88.0, request@^2.88.2:
+request@^2.72.0, request@^2.74.0, request@^2.88.0, request@^2.88.2:
   version "2.88.2"
   resolved "https://registry.yarnpkg.com/request/-/request-2.88.2.tgz#d73c918731cb5a87da047e207234146f664d12b3"
   integrity sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==
@@ -5049,7 +5532,7 @@ rsvp@^4.8.4:
   resolved "https://registry.yarnpkg.com/rsvp/-/rsvp-4.8.5.tgz#c8f155311d167f68f21e168df71ec5b083113734"
   integrity sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA==
 
-safe-buffer@5.1.2, safe-buffer@~5.1.1:
+safe-buffer@5.1.2, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
   integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
@@ -5086,6 +5569,11 @@ sane@^4.0.3:
     minimist "^1.1.1"
     walker "~1.0.5"
 
+sanitize-s3-objectkey@^0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/sanitize-s3-objectkey/-/sanitize-s3-objectkey-0.0.1.tgz#efa9887cd45275b40234fb4bb12fc5754fe64e7e"
+  integrity sha512-ZTk7aqLxy4sD40GWcYWoLfbe05XLmkKvh6vGKe13ADlei24xlezcvjgKy1qRArlaIbIMYaqK7PCalvZtulZlaQ==
+
 sax@1.2.1:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.1.tgz#7b8e656190b228e81a66aea748480d828cd2d37a"
@@ -5103,6 +5591,11 @@ saxes@^5.0.1:
   dependencies:
     xmlchars "^2.2.0"
 
+self-closing-tags@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/self-closing-tags/-/self-closing-tags-1.0.1.tgz#6c5fa497994bb826b484216916371accee490a5d"
+  integrity sha512-7t6hNbYMxM+VHXTgJmxwgZgLGktuXtVVD5AivWzNTdJBM4DBjnDKDzkf2SrNjihaArpeJYNjxkELBu1evI4lQA==
+
 semver-diff@^3.1.1:
   version "3.1.1"
   resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-3.1.1.tgz#05f77ce59f325e00e2706afd67bb506ddb1ca32b"
@@ -5378,6 +5871,11 @@ stack-utils@^2.0.2:
   dependencies:
     escape-string-regexp "^2.0.0"
 
+standard-as-callback@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/standard-as-callback/-/standard-as-callback-2.1.0.tgz#8953fc05359868a77b5b9739a665c5977bb7df45"
+  integrity sha512-qoRRSyROncaz1z0mvYqIE4lCd9p2R90i6GxW3uZv5ucSu8tU7B5HXUP1gG8pVZsYNVaXjk8ClXHPttLyxAL48A==
+
 static-extend@^0.1.1:
   version "0.1.2"
   resolved "https://registry.yarnpkg.com/static-extend/-/static-extend-0.1.2.tgz#60809c39cbff55337226fd5e0b520f341f1fb5c6"
@@ -5414,6 +5912,11 @@ string-length@^4.0.1:
     char-regex "^1.0.2"
     strip-ansi "^6.0.0"
 
+string-template@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/string-template/-/string-template-1.0.0.tgz#9e9f2233dc00f218718ec379a28a5673ecca8b96"
+  integrity sha1-np8iM9wA8hhxjsN5oopWc+zKi5Y=
+
 string-width@^3.0.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-3.1.0.tgz#22767be21b62af1081574306f69ac51b62203961"
@@ -5444,6 +5947,13 @@ string_decoder@~0.10.x:
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94"
   integrity sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=
 
+string_decoder@~1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
+  integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==
+  dependencies:
+    safe-buffer "~5.1.0"
+
 strip-ansi@^5.1.0:
   version "5.2.0"
   resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-5.2.0.tgz#8c9a536feb6afc962bdfa5b104a5091c1ad9c0ae"
@@ -5483,6 +5993,11 @@ strip-json-comments@~2.0.1:
   resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a"
   integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo=
 
+striptags@^3.1.1:
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/striptags/-/striptags-3.2.0.tgz#cc74a137db2de8b0b9a370006334161f7dd67052"
+  integrity sha512-g45ZOGzHDMe2bdYMdIvdAfCQkCTDMGBazSw1ypMowwGIee7ZQ5dU0rBJ8Jqgl+jAKIv4dbeE1jscZq9wid1Tkw==
+
 sublevel-pouchdb@7.2.2:
   version "7.2.2"
   resolved "https://registry.yarnpkg.com/sublevel-pouchdb/-/sublevel-pouchdb-7.2.2.tgz#49e46cd37883bf7ff5006d7c5b9bcc7bcc1f422f"
@@ -5545,6 +6060,27 @@ symbol-tree@^3.2.4:
   resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2"
   integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==
 
+tar-fs@^2.1.1:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/tar-fs/-/tar-fs-2.1.1.tgz#489a15ab85f1f0befabb370b7de4f9eb5cbe8784"
+  integrity sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng==
+  dependencies:
+    chownr "^1.1.1"
+    mkdirp-classic "^0.5.2"
+    pump "^3.0.0"
+    tar-stream "^2.1.4"
+
+tar-stream@^2.1.4:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-2.2.0.tgz#acad84c284136b060dc3faa64474aa9aebd77287"
+  integrity sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==
+  dependencies:
+    bl "^4.0.3"
+    end-of-stream "^1.4.1"
+    fs-constants "^1.0.0"
+    inherits "^2.0.3"
+    readable-stream "^3.1.1"
+
 term-size@^2.1.0:
   version "2.2.1"
   resolved "https://registry.yarnpkg.com/term-size/-/term-size-2.2.1.tgz#2a6a54840432c2fb6320fea0f415531e90189f54"
@@ -5588,6 +6124,14 @@ through2@^0.6.2, through2@^0.6.5:
     readable-stream ">=1.0.33-1 <1.1.0-0"
     xtend ">=4.0.0 <4.1.0-0"
 
+through2@^2.0.0:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd"
+  integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==
+  dependencies:
+    readable-stream "~2.3.6"
+    xtend "~4.0.1"
+
 through@~2.3.4:
   version "2.3.8"
   resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5"
@@ -5608,6 +6152,11 @@ to-fast-properties@^2.0.0:
   resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-2.0.0.tgz#dc5e698cbd079265bc73e0377681a4e4e83f616e"
   integrity sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=
 
+to-gfm-code-block@^0.1.1:
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/to-gfm-code-block/-/to-gfm-code-block-0.1.1.tgz#25d045a5fae553189e9637b590900da732d8aa82"
+  integrity sha1-JdBFpfrlUxielje1kJANpzLYqoI=
+
 to-object-path@^0.3.0:
   version "0.3.0"
   resolved "https://registry.yarnpkg.com/to-object-path/-/to-object-path-0.3.0.tgz#297588b7b0e7e0ac08e04e672f85c1f4999e17af"
@@ -5740,6 +6289,18 @@ typedarray-to-buffer@^3.1.5:
   dependencies:
     is-typedarray "^1.0.0"
 
+typeof-article@^0.1.1:
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/typeof-article/-/typeof-article-0.1.1.tgz#9f07e733c3fbb646ffa9e61c08debacd460e06af"
+  integrity sha1-nwfnM8P7tkb/qeYcCN66zUYOBq8=
+  dependencies:
+    kind-of "^3.1.0"
+
+uglify-js@^3.1.4:
+  version "3.14.0"
+  resolved "https://registry.yarnpkg.com/uglify-js/-/uglify-js-3.14.0.tgz#2d723a0afee81e0d08db9354a9c277006e942386"
+  integrity sha512-R/tiGB1ZXp2BC+TkRGLwj8xUZgdfT2f4UZEgX6aVjJ5uttPrr4fYmwTWDGqVnBCLbOXRMY6nr/BTbwCtVfps0g==
+
 uid2@0.0.x:
   version "0.0.3"
   resolved "https://registry.yarnpkg.com/uid2/-/uid2-0.0.3.tgz#483126e11774df2f71b8b639dcd799c376162b82"
@@ -5796,6 +6357,11 @@ unset-value@^1.0.0:
     has-value "^0.3.1"
     isobject "^3.0.0"
 
+update-dotenv@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/update-dotenv/-/update-dotenv-1.1.1.tgz#17146f302f216c3c92419d5a327a45be910050ca"
+  integrity sha512-3cIC18In/t0X/yH793c00qqxcKD8jVCgNOPif/fGQkFpYMGecM9YAc+kaAKXuZsM2dE9I9wFI7KvAuNX22SGMQ==
+
 update-notifier@^4.1.0:
   version "4.1.3"
   resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-4.1.3.tgz#be86ee13e8ce48fb50043ff72057b5bd598e1ea3"
@@ -5852,7 +6418,7 @@ use@^3.1.0:
   resolved "https://registry.yarnpkg.com/use/-/use-3.1.1.tgz#d50c8cac79a19fbc20f2911f56eb973f4e10070f"
   integrity sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==
 
-util-deprecate@^1.0.1:
+util-deprecate@^1.0.1, util-deprecate@~1.0.1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
   integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=
@@ -5877,7 +6443,7 @@ uuid@^3.3.2:
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee"
   integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==
 
-uuid@^8.3.0:
+uuid@^8.3.0, uuid@^8.3.2:
   version "8.3.2"
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2"
   integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
@@ -6009,6 +6575,11 @@ word-wrap@~1.2.3:
   resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c"
   integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==
 
+wordwrap@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb"
+  integrity sha1-J1hIEIkUVqQXHI0CJkQa3pDLyus=
+
 wrap-ansi@^6.2.0:
   version "6.2.0"
   resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-6.2.0.tgz#e9393ba07102e6c91a3b221478f0257cd2856e53"
@@ -6080,7 +6651,7 @@ xmlchars@^2.2.0:
   resolved "https://registry.yarnpkg.com/xmlchars/-/xmlchars-2.2.0.tgz#060fe1bcb7f9c76fe2a17db86a9bc3ab894210cb"
   integrity sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==
 
-"xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.2, xtend@~4.0.0:
+"xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.2, xtend@~4.0.0, xtend@~4.0.1:
   version "4.0.2"
   resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54"
   integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==
@@ -6120,7 +6691,17 @@ yargs@^15.4.1:
     y18n "^4.0.0"
     yargs-parser "^18.1.2"
 
+year@^0.2.1:
+  version "0.2.1"
+  resolved "https://registry.yarnpkg.com/year/-/year-0.2.1.tgz#4083ae520a318b23ec86037f3000cb892bdf9bb0"
+  integrity sha1-QIOuUgoxiyPshgN/MADLiSvfm7A=
+
 ylru@^1.2.0:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/ylru/-/ylru-1.2.1.tgz#f576b63341547989c1de7ba288760923b27fe84f"
   integrity sha512-faQrqNMzcPCHGVC2aaOINk13K+aaBDUPjGWl0teOXywElLjyVAB6Oe2jj62jHYtwsU49jXhScYbvPENK+6zAvQ==
+
+zlib@^1.0.5:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/zlib/-/zlib-1.0.5.tgz#6e7c972fc371c645a6afb03ab14769def114fcc0"
+  integrity sha1-bnyXL8NxxkWmr7A6sUdp3vEU/MA=
diff --git a/scripts/pinVersions.js b/scripts/pinVersions.js
new file mode 100644
index 0000000000..ecc605ad28
--- /dev/null
+++ b/scripts/pinVersions.js
@@ -0,0 +1,37 @@
+const fs = require("fs")
+const path = require("path")
+
+const MONOREPO_ROOT = "packages"
+
+const packages = fs.readdirSync(MONOREPO_ROOT)
+
+function pinDeps(dependencies) {
+	for (let dependency in dependencies) {
+		if (dependency.startsWith("@budibase")) {
+			dependencies[dependency] = dependencies[dependency].replace("^", "")
+		}
+	}
+}
+
+// iterate over the monorepo packages
+for (let pkg of packages) {
+	const pkgPath = path.join(MONOREPO_ROOT, pkg)
+
+	// only directories
+	if (fs.statSync(pkgPath).isDirectory()) {
+
+
+		// get the package JSON file
+		const pkgJsonPath = path.join(pkgPath, "package.json")
+		const pkgJson = require(`../${pkgJsonPath}`)
+
+		// find any budibase dependencies, and pin them
+		pinDeps(pkgJson.dependencies)
+		pinDeps(pkgJson.devDependencies)
+
+		// update the package JSON files
+		fs.writeFileSync(pkgJsonPath, JSON.stringify(pkgJson, null, 2))
+	}
+}
+
+console.log("Pinned dev versions for budibase packages successfully.")
\ No newline at end of file