Prepare SaaS Platform
*You can also watch the entire process via video.
Preparing the SaaSus Platform
Creating a SaaSus Platform account
First, let's create a SaaSus Platform account.
Access the registration screen and perform new registration using your own email address.
A verification code will be sent to the email address you entered, enter it to activate your account
After verification is completed, the login screen will be displayed
Log in with the email address and password you registered with earlier.
When you register for the SaaSus Platform for the first time, we will create a tenant exclusively for you. This takes at least an hour because we will create a customer-dedicated AWS account. Once your account has been created, you will receive an email to the email address you provided.
Logging into the console
After the tenant is created, when you log in, you will be prompted to enter user attributes like this.
After filling in the information, the transition screen to each console of the tenant is displayed.
SaaS Development Console is a console for setting up SaaS construction.
SaaS Management Console is a console for managing SaaS.
Details on registration will be provided later.
First of all in order to set up SaaS creation settings log into the SaaS development console.
Setting the domain name
*If you do not have a domain name, skip this item and click [Next]. ](#%E8%AA%8D%E8%A8%BC%E5%BE%8C%E3%81%AE%E9%81%B7%E7%A7%BB%E5%85%88url%E3%81% AE%E8%A8%AD%E5%AE%9A)
After logging in to the SaaS development console, first register the domain name used for SaaS. Click "Domain" on the side menu to display the domain registration screen. This domain name will be used as the base domain for the login screen and for sending emails. After that, you will be asked to create a DNS record, so please register a domain name that you can operate by yourself.
After registering your domain name, a CNAME record will appear at the bottom of the screen after a few seconds for DNS verification (confirming that you do indeed own the domain name). Register this value in your DNS.
For example, if the domain is managed by Value Domain, the settings are as follows.
After registering with your own DNS, after a few minutes the verification will be completed and you will see "The following DNS information has been verified and is working properly." You are now ready to set up the SaaSus Platform.
Based on this domain, the SaaSus Platform automatically generates a login screen.
Setting Redirect URL for after Authentication
The SaaSus Platform will generate a login screen based on the domain name you just set. After logging in through this login screen, the authentication information will be handed over to the SaaS side. It is necessary to register the URL of this transition destination SaaS as the Callback URL.
Click "Auth Transition" on the side menu to display the Callback URL setting screen.
Normally, set the Callback URL based on the URL that provides SaaS. This time, we will run the sample application locally, so set it as follows.
Confirmation of SaaS ID and API key
Next, check the "SaaS ID" and "API key" that will be used when implementing SaaS.
"SaaS ID" is issued by default. You can use it as it is, or you can reissue it by pressing the "Reissue SaaS ID" button.
Since "API key" is not issued at the beginning, press the "Issue API key" button to issue one.
*Please note that if you reissue a SaaS ID after the actual SaaS operation has started, you will also need to modify the SaaS ID set on the SaaS application side.
You can check this information later on this screen, so you don't have to memorize it now.
(For enhanced security, the API key will not be able to be confirmed later.)
Customizing authentication screens such as login screens
Next, customize the login screens generated earlier.
Click "Authentication advanced settings" on the side menu
In basic information, edit various information used in the authentication screen.
For example, in the previous login screen,
- "Welcome to the SaaSus Platform" is the service name
- The icon at the top is icon upload
Click the "Save" button to apply the changes
On the "Authentication Settings" tab, you can configure various detailed authentication settings.
Once the settings are completed, the login screen will be generated at the URL with “auth.” added to the domain name set earlier. Let's check if the login screen can actually be displayed
- When you save your changes, a new login screen will be generated. It will take a few minutes to generate, so please try to access it after a few minutes to see what you last saved.
The login screen will be generated with a URL that adds “auth.” to the beginning of the domain name you set earlier.
For example, if the domain name is set to “sample.saasus.jp”, the login screen at https://auth.sample.saasus.jp/ is provided.
After confirming the login screen, let's return to the SaaSus console
Define additional attributes for users
Next, define user attributes.
Click "User attribute definition" in the side menu.
On the SaaS Platform, in the initial state, managed SaaS users only have user IDs (UUIDs) and email addresses. If this is not enough, the user can have additional attributes.
SaaS designers need to consider which attributes of users should be on the SaaS Platform side and which attributes should be on the SaaS side.
For example, if you want to manage all user information on the SaaS Platform side, define the required additional attributes in the SaaS Platform. However, there are cases where you do not want to manage important information such as personal information on the SaaS Platform side, or you want to perform various aggregations based on additional user attributes. In that case, it is more flexible to require only authentication on the SaaS Platform side, manage user information on the SaaS side based on the user master, and associate the UUID with the authentication information on the SaaS Platform side.
This time, the sample application requires a username, so let's define an attribute called "username".
Click the "+ Create User Attribute" button to display the pop-up for creating user attributes
The attribute name is used as a key for identification on the SaaS application (program) side. Therefore, it is safe to enter in English.
Display name, what are its attributes? is described so that you can understand.
type specifies the data type.
This time for the sample application, set as follows
- Attribute name: username
- Display Name: Username
- Type: String
After entering, press the "Create" button
User attributes added.
Defining Additional Attributes for a Tenant
Then click “Tenant Attribute Definition” to define additional attributes for the tenant.
Tenant here means the meaning of tenant in multi-tenant SaaS. In other words, the organizational unit (contract unit) of the SaaS user is called a tenant.
Define any additional attributes that may be required for each tenant.
Click “+ Create Tenant Attribute” to add it in the same way as for user attributes.
This time, let's make it possible to write a memo for the tenant.
- Attribute name: memo
- Display name: Notes
- Type: String
After entering, press the "Create" button
Tenant attribute added.
Next, we will define the roles.
This role becomes a role (role) in various SaaS and is used as the basis for authorization.
For example, if you have administrator privileges for each tenant, define a role like admin, and if you are a general user, give a role like user.
This time, we will define admin and user for the sample application.
Click the "+ Create Role" button to display the Create Role popup.
The role name is used to identify the role on the SaaS application side.
What does the display name do? is described so that you can understand.
- Role name: admin
- Display Name: SaaS Admin
and click the Create Role button.
- Role name: user
- Display name: General User
Now you are ready to create a multi-tenant SaaS.
Now let's switch to the SaaS Operation Console and create SaaS tenants and users!
Updated 4 days ago