casdoor
casdoor copied to clipboard
casdoor
using one application for several organizations
Hello.
In my project i have many organizations that need to use one application. the fact is that the casdor does not allow this. I want to implement this functionality, I think it can bring convenience to some other users who have the same problem.
I was setting up a gitlab runner and I liked their idea, where when creating a runner you can switch the toggle switch to public and I would like to implement it in a similar way.
@hsluoyz
P.S: By the way, leave the issue open if the idea is relevant
+1 for this feature. We user Casdoor as parner portal when each our client has own sigin in url such as
- /login/company1
- /login/company2
- etc
Our clients regularly forgot that url or make mistakes in url (stupid but fact :( )
So i thought that we can make private changes in our fork but idiea with shared app looks also as elegant solution in our case.
But the only one thing that I noticed in PR https://github.com/casdoor/casdoor/pull/2846/files
Required organization input :-(
Rather then expose orgs list or ask user to input org manually (that similar with put org name to url) form UX perspective much more attractive automatically find user org after login.
@ISulimanov I'm actually glad you're interested in this feature too, because sometimes it's necessary. About the organization, yes, it is required to transfer the organization, cuz' as a backend it will not work using the same login and input to recognize the user
I tested this functionality based on login and password, I don’t have enough time for other authorization methods yet, maybe in the future I will try to test all methods.
Our clients regularly forgot that url or make mistakes in url (stupid but fact :( )
You want all clients to use a unified /login endpoint with the same base URL? (https://your-service.com/login)
Each client could have a different base URL for the login endpoint (like company1.com/login, company2.com/login, or as subdomains company1.your-service.com/login, company2.your-service.com/login)? Those could then route or redirect to the internal /login/company1 / /login/company2 endpoints?
Rather then expose orgs list or ask user to input org manually (that similar with put org name to url) form UX perspective much more attractive automatically find user org after login.
If you have the same login URL for all clients (https://your-service.com/login), how do you differentiate the organization without the input?
I am inexperienced here, but assume the username needs to be unique across organizations to avoid requiring it (which perhaps is a non-issue with your configuration?), or all users are sourced from external identity providers? (like social logins)
I know that SaaS like Slack manage organizations all via the same API (at least for SCIM) such as https://api.slack.com/endpoint-here, and the organization is encoded in header field via JWT value. I'm not sure how you'd manage that for a login (such as the mentioned credentials username + password method), unless you're certain that users across organizations won't conflict (such as having the same username).
I also have a need for this. We have "apps" that we would like for all orgs to use but with their own providers. It seems this is not possible in casdoor today. It would also be very helpful if each org could have its own subdomain!
