Prepare SaaS Platform

*You can also watch the entire process via video.
https://www.youtube.com/watch?v=deSkPJ-zTgw

Preparing the SaaSus Platform

Creating a SaaSus Platform account

First, let's create a SaaSus Platform account.

Access the registration screen and perform new registration using your own email address.

https://auth.saasus.io/sign-up

Enter your email address and desired password, read the terms of use and privacy policy, check if you agree, and press the sign up button.

A verification code will be sent to the email address you entered, enter it to activate your account

After verification is completed, the login screen will be displayed

When you register for the SaaSus Platform for the first time, we will create a tenant exclusively for you. This takes at least an hour because we will create a customer-dedicated AWS account. Once your account has been created, you will receive an email to the email address you provided.

Logging into the console

After the tenant is created, when you log in, you will be prompted to enter user attributes like this.

After filling in the information, the transition screen to each console of the tenant is displayed.

SaaS Development Console is a console for setting up SaaS construction.

SaaS Management Console is a console for managing SaaS.

Details on registration will be provided later.
First of all in order to set up SaaS creation settings log into the SaaS development console.

Setting the domain name

*If you do not have a domain name, skip this item and click [Next]. ](#%E8%AA%8D%E8%A8%BC%E5%BE%8C%E3%81%AE%E9%81%B7%E7%A7%BB%E5%85%88url%E3%81% AE%E8%A8%AD%E5%AE%9A)

After logging in to the SaaS development console, first register the domain name used for SaaS. Click "Domain" on the side menu to display the domain registration screen. This domain name will be used as the base domain for the login screen and for sending emails. After that, you will be asked to create a DNS record, so please register a domain name that you can operate by yourself.

After registering your domain name, a CNAME record will appear at the bottom of the screen after a few seconds for DNS verification (confirming that you do indeed own the domain name). Register this value in your DNS.

For example, if the domain is managed by Value Domain, the settings are as follows.

After registering with your own DNS, after a few minutes the verification will be completed and you will see "The following DNS information has been verified and is working properly." You are now ready to set up the SaaSus Platform.

Based on this domain, the SaaSus Platform automatically generates a login screen.

Setting Redirect URL for after Authentication

The SaaSus Platform will generate a login screen based on the domain name you just set. After logging in through this login screen, the authentication information will be handed over to the SaaS side. It is necessary to register the URL of this transition destination SaaS as the Callback URL.

Click "Auth Transition" on the side menu to display the Callback URL setting screen.

Normally, set the Callback URL based on the URL that provides SaaS. This time, we will run the sample application locally, so set it as follows.

http://localhost/callback

Confirmation of SaaS ID and API key

Next, check the "SaaS ID" and "API key" that will be used when implementing SaaS.

"SaaS ID" is issued by default. You can use it as it is, or you can reissue it by pressing the "Reissue SaaS ID" button.

Since "API key" is not issued at the beginning, press the "Issue API key" button to issue one.

*Please note that if you reissue a SaaS ID after the actual SaaS operation has started, you will also need to modify the SaaS ID set on the SaaS application side.

You can check this information later on this screen, so you don't have to memorize it now.
(For enhanced security, the API key will not be able to be confirmed later.)

Customizing authentication screens such as login screens

Next, customize the login screens generated earlier.

Click "Authentication advanced settings" on the side menu

In basic information, edit various information used in the authentication screen.

For example, in the previous login screen,

"Welcome to the SaaSus Platform" is the service name
The icon at the top is icon upload
The terms of use URL and privacy policy URL are terms of use and privacy policy link
becomes.

Click the "Save" button to apply the changes

In the "Screen Settings" tab, you can select whether to display the terms of use and privacy policy on each screen of the new registration screen, login screen, and password change screen.

On the "Authentication Settings" tab, you can configure various detailed authentication settings.

Once the settings are completed, the login screen will be generated at the URL with “auth.” added to the domain name set earlier. Let's check if the login screen can actually be displayed

When you save your changes, a new login screen will be generated. It will take a few minutes to generate, so please try to access it after a few minutes to see what you last saved.

The login screen will be generated with a URL that adds “auth.” to the beginning of the domain name you set earlier.

For example, if the domain name is set to “sample.saasus.jp”, the login screen at https://auth.sample.saasus.jp/ is provided.

After confirming the login screen, let's return to the SaaSus console

Define additional attributes for users

Next, define user attributes.

Click "User attribute definition" in the side menu.

On the SaaS Platform, in the initial state, managed SaaS users only have user IDs (UUIDs) and email addresses. If this is not enough, the user can have additional attributes.

SaaS designers need to consider which attributes of users should be on the SaaS Platform side and which attributes should be on the SaaS side.

For example, if you want to manage all user information on the SaaS Platform side, define the required additional attributes in the SaaS Platform. However, there are cases where you do not want to manage important information such as personal information on the SaaS Platform side, or you want to perform various aggregations based on additional user attributes. In that case, it is more flexible to require only authentication on the SaaS Platform side, manage user information on the SaaS side based on the user master, and associate the UUID with the authentication information on the SaaS Platform side.

This time, the sample application requires a username, so let's define an attribute called "username".

Click the "+ Create User Attribute" button to display the pop-up for creating user attributes

The attribute name is used as a key for identification on the SaaS application (program) side. Therefore, it is safe to enter in English.

Display name, what are its attributes? is described so that you can understand.

type specifies the data type.

This time for the sample application, set as follows

Attribute name: username
Display Name: Username
Type: String

After entering, press the "Create" button

User attributes added.

Defining Additional Attributes for a Tenant

Then click “Tenant Attribute Definition” to define additional attributes for the tenant.

Tenant here means the meaning of tenant in multi-tenant SaaS. In other words, the organizational unit (contract unit) of the SaaS user is called a tenant.

Define any additional attributes that may be required for each tenant.

Click “+ Create Tenant Attribute” to add it in the same way as for user attributes.

This time, let's make it possible to write a memo for the tenant.