Unwanted Application is given to new signup Account

[g-industrialist]

"Unwanted" Application was given to a new Account

Version

nginx version: openresty/1.17.4.1rc0 built with OpenSSL 1.1.1c FIPS 28 May 2019 TLS SNI support enabled configure arguments: --prefix=/usr/local/openresty/nginx --with-cc-opt='-O2 -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -DNGX_LUA_ABORT_AT_PANIC -I/usr/local/openresty/zlib/include -I/usr/local/openresty/pcre/include' --add-module=../ngx_devel_kit-0.3.1rc1 --add-module=../echo-nginx-module-0.61 --add-module=../xss-nginx-module-0.06 --add-module=../ngx_coolkit-0.2 --add-module=../set-misc-nginx-module-0.32 --add-module=../form-input-nginx-module-0.12 --add-module=../encrypted-session-nginx-module-0.08 --add-module=../srcache-nginx-module-0.31 --add-module=../ngx_lua-0.10.15 --add-module=../ngx_lua_upstream-0.07 --add-module=../headers-more-nginx-module-0.33 --add-module=../array-var-nginx-module-0.05 --add-module=../memc-nginx-module-0.19 --add-module=../redis2-nginx-module-0.15 --add-module=../redis-nginx-module-0.3.7 --add-module=../ngx_stream_lua-0.0.7 --with-ld-opt='-Wl,-rpath,/usr/local/openresty/luajit/lib -Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -L/usr/local/openresty/zlib/lib -L/usr/local/openresty/pcre/lib -Wl,-rpath,/usr/local/openresty/zlib/lib:/usr/local/openresty/pcre/lib' --with-pcre-jit --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-http_v2_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_auth_request_module --with-http_secure_link_module --with-http_random_index_module --with-http_gzip_static_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-threads --add-dynamic-module=/builddir/build/BUILD/openresty-f52665a583b7bb687cf6d97c6c838a742f231b3c/openresty-1.17.4.1rc0/../nginx-opentracing-v0.3.0/opentracing --with-dtrace-probes --with-stream --with-stream_ssl_preread_module --with-http_ssl_module

Steps To Reproduce

0. Given: other API Service contains Application Plan , let say Application Plan A, Application Plan B
1. new user is created either via Developer Portal Sign up (for example , want o sign up Application Plan C) or via "Audience" --> "Account" --> create
2. new Application Plan A or B (don't know why A or B) was given to that new User/Account. The Application is then "LIVE".

Current Result

new Application Plan A or B (don't know why A or B) was given to that new User/Account

Expected Result

Only Signup Plan shall be given to User. If I just create an user, no application plan was given to that User/Account.

Additional Information

• [Gist with minimal reproducible configuration, see guidelines for contributing for details]
• [Gist with nginx log output]

[kevprice83]

Hi @iseehk would I be correct in saying you install APIcast with the native openresty binary and luarocks modules? Could you provide more details as to how you installed APIcast?

To answer your question though I think this is not the correct repository and you should actually ask this in our JIRA project for the system component. I'll go ahead and answer here for now anyway.

When you create a new account (whether as a signup through the developer portal or as an admin action from the admin portal) that account will be automatically subscribed to all services which have a default service plan defined. Therefore if you do not want any subscriptions created automatically make sure to deselect any default service plans. In addition to this if a default application plan is selected then that means a contract is created between the new account and that service via the Application plan and an application will be created with a set of credentials. You can define how you want the signup process to be - fully automated or with manual steps as well as self-service plans or automatically contracted plans. See this blog post for some ideas on how to configure some custom signup flows.