diff --git a/README.md b/README.md
index 34d46982..251f9180 100644
--- a/README.md
+++ b/README.md
@@ -61,3 +61,8 @@ Charts use the `LoadBalancer` service type by default, you can change this durin
 ```
 --set service.type=ClusterIP
 ```
+
+For any installation, the application database user must have privileges to create schemas in the database 
+(for example, the `CREATE` privilege on the database or the ability to run `CREATE SCHEMA`).
+Database migrations will create and update all required tables and other objects in the `crosslink_broker` schema, 
+which is selected via the PostgreSQL `search_path`.
\ No newline at end of file
diff --git a/broker/app/app.go b/broker/app/app.go
index 1c7ca8bd..23a73958 100644
--- a/broker/app/app.go
+++ b/broker/app/app.go
@@ -48,6 +48,7 @@ var DB_HOST = utils.GetEnv("DB_HOST", "localhost")
 var DB_PORT = utils.GetEnv("DB_PORT", "25432")
 var DB_DATABASE = utils.GetEnv("DB_DATABASE", "crosslink")
 var ConnectionString = dbutil.GetConnectionString(DB_TYPE, DB_USER, DB_PASSWORD, DB_HOST, DB_PORT, DB_DATABASE)
+var ConnectionStringSchema = "&search_path=crosslink_broker"
 var API_PAGE_SIZE int32 = int32(utils.Must(utils.GetEnvInt("API_PAGE_SIZE", int(api.LIMIT_DEFAULT))))
 var MigrationsFolder = "file://migrations"
 var ENABLE_JSON_LOG = utils.GetEnv("ENABLE_JSON_LOG", "false")
@@ -264,7 +265,7 @@ func RunMigrateScripts() error {
 }
 
 func InitDbPool() (*pgxpool.Pool, error) {
-	dbPool, err := dbutil.InitDbPool(ConnectionString)
+	dbPool, err := dbutil.InitDbPool(ConnectionString + ConnectionStringSchema)
 	if err != nil {
 		return nil, fmt.Errorf("unable to create pool to database: %w", err)
 	}
@@ -278,7 +279,7 @@ func CreateEventRepo(dbPool *pgxpool.Pool) events.EventRepo {
 }
 
 func CreateEventBus(eventRepo events.EventRepo) events.EventBus {
-	eventBus := events.NewPostgresEventBus(eventRepo, ConnectionString)
+	eventBus := events.NewPostgresEventBus(eventRepo, ConnectionString+ConnectionStringSchema)
 	return eventBus
 }
 
diff --git a/broker/ill_db/illrepo_test.go b/broker/ill_db/illrepo_test.go
index 86c2de3a..c276e574 100644
--- a/broker/ill_db/illrepo_test.go
+++ b/broker/ill_db/illrepo_test.go
@@ -31,7 +31,7 @@ func TestMain(m *testing.M) {
 	ctx, pgc, connStr, err := test.StartPGContainer()
 	test.Expect(err, "failed to start db container")
 	pgIllRepo := new(PgIllRepo)
-	pgIllRepo.Pool, err = dbutil.InitDbPool(connStr)
+	pgIllRepo.Pool, err = dbutil.InitDbPool(connStr + "&search_path=crosslink_broker")
 	test.Expect(err, "failed to create ill repo")
 	defer pgIllRepo.Pool.Close()
 	_, _, _, err = dbutil.RunMigrateScripts("file://../migrations", connStr)
diff --git a/broker/migrations/001_create_tables.up.sql b/broker/migrations/001_create_tables.up.sql
index 416c7e17..7fa8b2ab 100644
--- a/broker/migrations/001_create_tables.up.sql
+++ b/broker/migrations/001_create_tables.up.sql
@@ -1,3 +1,15 @@
+DO $$
+    BEGIN
+        IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'crosslink_broker') THEN
+            CREATE ROLE crosslink_broker PASSWORD 'tenant' NOSUPERUSER NOCREATEDB INHERIT LOGIN;
+        END IF;
+    END
+$$;
+
+CREATE SCHEMA IF NOT EXISTS crosslink_broker AUTHORIZATION crosslink_broker;
+
+SET search_path TO crosslink_broker;
+
 CREATE TABLE peer
 (
     id             VARCHAR PRIMARY KEY,
diff --git a/broker/test/events/eventbus_test.go b/broker/test/events/eventbus_test.go
index 9c1facea..bca48f34 100644
--- a/broker/test/events/eventbus_test.go
+++ b/broker/test/events/eventbus_test.go
@@ -52,7 +52,7 @@ func TestMain(m *testing.M) {
 	err = app.RunMigrateScripts()
 	test.Expect(err, "failed to run migrations")
 
-	dbPool, err := dbutil.InitDbPool(connStr)
+	dbPool, err := dbutil.InitDbPool(connStr + app.ConnectionStringSchema)
 	test.Expect(err, "failed to init db pool")
 
 	eventRepo = app.CreateEventRepo(dbPool)
@@ -73,7 +73,7 @@ func TestMultipleEventHandlers(t *testing.T) {
 	receivedAr := make([][]events.Event, noPools)
 	ctx := context.Background()
 	for i := 0; i < noPools; i++ {
-		dbPool, err := dbutil.InitDbPool(app.ConnectionString)
+		dbPool, err := dbutil.InitDbPool(app.ConnectionString + app.ConnectionStringSchema)
 		assert.NoError(t, err, "failed to init db pool")
 		defer dbPool.Close()
 
@@ -130,7 +130,7 @@ func TestBroadcastEventHandlers(t *testing.T) {
 	receivedAr := make([][]events.Event, noPools)
 	ctx := context.Background()
 	for i := 0; i < noPools; i++ {
-		dbPool, err := dbutil.InitDbPool(app.ConnectionString)
+		dbPool, err := dbutil.InitDbPool(app.ConnectionString + app.ConnectionStringSchema)
 		assert.NoError(t, err, "failed to init db pool")
 		defer dbPool.Close()