Prepare SaaS Platform

*You can also watch the entire process via video.
https://www.youtube.com/watch?v=deSkPJ-zTgw

Preparing the SaaSus Platform

Creating a SaaSus Platform account

First, let's create a SaaSus Platform account.

Access the registration screen and perform new registration using your own email address.

https://auth.saasus.io/sign-up

Enter your email address and desired password, read the terms of use and privacy policy, check if you agree, and press the sign up button.

652

A verification code will be sent to the email address you entered, enter it to activate your account

652

After verification is completed, the login screen will be displayed

Log in with the email address and password you registered with earlier.

689

When you register for the SaaSus Platform for the first time, we will create a tenant exclusively for you. This takes at least an hour because we will create a customer-dedicated AWS account. Once your account has been created, you will receive an email to the email address you provided.

1005

Logging into the console

After the tenant is created, when you log in, you will be prompted to enter user attributes like this.

792

After filling in the information, the transition screen to each console of the tenant is displayed.

1005

SaaS Development Console is a console for setting up SaaS construction.

SaaS Management Console is a console for managing SaaS.

Details on registration will be provided later.
First of all in order to set up SaaS creation settings log into the SaaS development console.

Setting the domain name

*If you do not have a domain name, skip this item and click [Next]. ](#%E8%AA%8D%E8%A8%BC%E5%BE%8C%E3%81%AE%E9%81%B7%E7%A7%BB%E5%85%88url%E3%81% AE%E8%A8%AD%E5%AE%9A)

After logging in to the SaaS development console, first register the domain name used for SaaS. Click "Domain" on the side menu to display the domain registration screen. This domain name will be used as the base domain for the login screen and for sending emails. After that, you will be asked to create a DNS record, so please register a domain name that you can operate by yourself.

1275

After registering your domain name, a CNAME record will appear at the bottom of the screen after a few seconds for DNS verification (confirming that you do indeed own the domain name). Register this value in your DNS.

1445

For example, if the domain is managed by Value Domain, the settings are as follows.

1380

After registering with your own DNS, after a few minutes the verification will be completed and you will see "The following DNS information has been verified and is working properly." You are now ready to set up the SaaSus Platform.

1445

Based on this domain, the SaaSus Platform automatically generates a login screen.

Setting Redirect URL for after Authentication

The SaaSus Platform will generate a login screen based on the domain name you just set. After logging in through this login screen, the authentication information will be handed over to the SaaS side. It is necessary to register the URL of this transition destination SaaS as the Callback URL.

Click "Auth Transition" on the side menu to display the Callback URL setting screen.

Normally, set the Callback URL based on the URL that provides SaaS. This time, we will run the sample application locally, so set it as follows.

http://localhost/callback

1275

Confirmation of SaaS ID and API key

Next, check the "SaaS ID" and "API key" that will be used when implementing SaaS.

"SaaS ID" is issued by default. You can use it as it is, or you can reissue it by pressing the "Reissue SaaS ID" button.

Since "API key" is not issued at the beginning, press the "Issue API key" button to issue one.

*Please note that if you reissue a SaaS ID after the actual SaaS operation has started, you will also need to modify the SaaS ID set on the SaaS application side.

You can check this information later on this screen, so you don't have to memorize it now.
(For enhanced security, the API key will not be able to be confirmed later.)

1275

Customizing authentication screens such as login screens

Next, customize the login screens generated earlier.

Click "Authentication advanced settings" on the side menu

1275

In basic information, edit various information used in the authentication screen.

For example, in the previous login screen,

  • "Welcome to the SaaSus Platform" is the service name
  • The icon at the top is icon upload
  • The terms of use URL and privacy policy URL are terms of use and privacy policy link
    becomes.
581

Click the "Save" button to apply the changes

In the "Screen Settings" tab, you can select whether to display the terms of use and privacy policy on each screen of the new registration screen, login screen, and password change screen.

On the "Authentication Settings" tab, you can configure various detailed authentication settings.

Once the settings are completed, the login screen will be generated at the URL with “auth.” added to the domain name set earlier. Let's check if the login screen can actually be displayed

  • When you save your changes, a new login screen will be generated. It will take a few minutes to generate, so please try to access it after a few minutes to see what you last saved.

The login screen will be generated with a URL that adds “auth.” to the beginning of the domain name you set earlier.

For example, if the domain name is set to “sample.saasus.jp”, the login screen at https://auth.sample.saasus.jp/ is provided.

After confirming the login screen, let's return to the SaaSus console

Define additional attributes for users

Next, define user attributes.

Click "User attribute definition" in the side menu.

1275

On the SaaS Platform, in the initial state, managed SaaS users only have user IDs (UUIDs) and email addresses. If this is not enough, the user can have additional attributes.

SaaS designers need to consider which attributes of users should be on the SaaS Platform side and which attributes should be on the SaaS side.

For example, if you want to manage all user information on the SaaS Platform side, define the required additional attributes in the SaaS Platform. However, there are cases where you do not want to manage important information such as personal information on the SaaS Platform side, or you want to perform various aggregations based on additional user attributes. In that case, it is more flexible to require only authentication on the SaaS Platform side, manage user information on the SaaS side based on the user master, and associate the UUID with the authentication information on the SaaS Platform side.

This time, the sample application requires a username, so let's define an attribute called "username".

Click the "+ Create User Attribute" button to display the pop-up for creating user attributes

The attribute name is used as a key for identification on the SaaS application (program) side. Therefore, it is safe to enter in English.

Display name, what are its attributes? is described so that you can understand.

type specifies the data type.

This time for the sample application, set as follows

  • Attribute name: username
  • Display Name: Username
  • Type: String

After entering, press the "Create" button

609

User attributes added.

1295

Defining Additional Attributes for a Tenant

Then click “Tenant Attribute Definition” to define additional attributes for the tenant.

Tenant here means the meaning of tenant in multi-tenant SaaS. In other words, the organizational unit (contract unit) of the SaaS user is called a tenant.

Define any additional attributes that may be required for each tenant.

Click “+ Create Tenant Attribute” to add it in the same way as for user attributes.

This time, let's make it possible to write a memo for the tenant.

  • Attribute name: memo
  • Display name: Notes
  • Type: String

After entering, press the "Create" button

620

Tenant attribute added.

1298

Role definition

Next, we will define the roles.

This role becomes a role (role) in various SaaS and is used as the basis for authorization.

For example, if you have administrator privileges for each tenant, define a role like admin, and if you are a general user, give a role like user.

This time, we will define admin and user for the sample application.

Click the "+ Create Role" button to display the Create Role popup.

The role name is used to identify the role on the SaaS application side.

What does the display name do? is described so that you can understand.

first,

  • Role name: admin
  • Display Name: SaaS Admin

and click the Create Role button.

619

Similarly,

  • Role name: user
  • Display name: General User

Also create

619 1300

Now you are ready to create a multi-tenant SaaS.

Now let's switch to the SaaS Operation Console and create SaaS tenants and users!