Activities of "AndrewT"

I recommend closing this topic and highlighting what is in the Roadmap and what is not so that we can vote on which feature we consider priority.

Now there are many proposals, but we don't know what you are working on.

Thanks

I agree should be raised as seperate issues in github and assigned to milestones.

When using Twilio and SmsMessage, add the ability to override the "From Number" in the SmsMessage.

We are going to associate a number with each user and have the SMS messages be in "personal" threads.

There may be some regulatory issues depending on country, and also you will need twilio approval as you are effectively spoofing someone elses mobile number.

I expect it would have to be pushed from AzureAD when the user is set at that end to be able to use Azure credentials. I would expect that as it's an AzureAD-ABP.io interface there would be some configureation on the abp.io side to catch the connection fromAzureAD.

https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/application-provisioning-config-problem

Ok, will check that.

How do we automatically create a new tenant user in the correct tenant, when the user is added in their AzureAD?

Hi Maliming,

It seems that the AzureAD authentication as implemented in abp.io is not designed for multi-tenant. Users do not select a tenant on login.

They are unique in the system so their login details define their tenant.

How can we have multi-tenant, multi-AzureAD and their (SSO) login should select the tenant.

How do we provision a new AzureAD users into our app in the correct tenant based on the AzureAD they were setup in?

Thanks, Andrew

Thanks Maliming,

This whole SSO authentication is all really new for us.

We will have to work through it so any help on what to also setup in our ABP.io for the tenant and users to make this work is appreciated.

Can user provisioning happen directly from AzureAD into our ABP.io app?

Andrew

Add SCIM functionality to automate onboarding and offboarding tenant users. This would be part of SSO functionality too. Allow the SCIM to be extended to also set the Role and other application defaults.

https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/sync-scim

Here is an example of how others do it; https://www.strongdm.com/docs/admin/identity-providers/azure-scim-provisioning

Blazor Web Assembly.

1. Impersonate Users - So a host user can impersonate a tenant user for support and troubleshooting.
2. Remove the redirect requirement for login. We do not want to use the ABP website feature, we want users to go straight to login page, and be redirected to it after logout.
3. Improve the speed to load the application, from URL click, and then from Login. There are lots of ways to improve this, a significant one would be the open login page directly.
4. Better example of how to integrate SaaS monthly and/one off payment with Stripe (show what stripe settings are used for the example).
5. Better example of using AzureAD for validation of tenant users.

Thanks for the quick response.

I looked at https://docs.abp.io/en/commercial/7.1/modules/identity#organization-units but not sure how that is used to filter data so only certain users can see the data? is it User or Role based, and can a User and data eg Custtomer data belong to more than one Organisation Unit? Is there an example of how this can be used to "hide" data that should not be seen by people outside that Org unit within a tennat?

Andrew

Why can't this be fixed? should we create a github issue?