authorizer icon indicating copy to clipboard operation
authorizer copied to clipboard
verified publisher icon authorizerdev

do have a plan to support multiple applications

Open dgo2dance opened this issue 2 years ago • 9 comments

do have a plan to support multiple applications

dgo2dance avatar Feb 22 '23 02:02 dgo2dance

@dgodance can you share more usecase details

lakhansamani avatar Feb 23 '23 03:02 lakhansamani

@dgodance can you share more usecase details

like about https://www.authing.com/; it can manage users come from multiple applications

dgo2dance avatar Feb 23 '23 14:02 dgo2dance

@dgodance you can already configure authorizer with multiple applications

lakhansamani avatar Feb 24 '23 03:02 lakhansamani

@dgodance you can already configure authorizer with multiple applications

Authorizer needs to be enhanced before it can be configured Is my understanding right?

dgo2dance avatar Feb 24 '23 04:02 dgo2dance

I don't think so @dgodance You can integrate same authorizer instance in your multiple applications example auth.xyx.com -> is your authorizer instance

you can integrate it with def.xyz.com lmn.xyz.com mobile apps, etc

lakhansamani avatar Feb 28 '23 07:02 lakhansamani

If I understand correctly, it seems that @dgodance is suggesting that Authorizer could potentially be used to manage users for different apps in a segregated manner. I.e., app-1 has different roles than app-2, but if you run one instance of Authorizer you can only use this instance for app-1 and not for app-2.

AhmadKhodabaks avatar Mar 29 '23 19:03 AhmadKhodabaks

I would say it would not block you from using it for app-2. You can define role in authorizer called app-1-user & app-2-user or anything that is appropriate And design a signup page that will allow signup for that particular app.

lakhansamani avatar Mar 30 '23 13:03 lakhansamani

Yes, your solution is a viable work-around, but it does not provide the level of segregation that the topic starter was suggesting. Segregation in this context refers to complete isolation from other objects (i.e., app). The topic starter was aiming, as per my understanding, to convey a possible new feature that would provide this level of segregation.

Additionally, I was personally interested in having this feature in Authorizer, which is why I left a comment under the relevant topic. It would be beneficial if Authorizer could include a realm per application, similar to the functionality available in Keycloak

AhmadKhodabaks avatar Mar 31 '23 18:03 AhmadKhodabaks

@AhmadKhodabaks thank you for sharing this scenario. I checked keycloak and how they have realm & realm-roles

Though this will require quite some architectural changes in my opinion as the authorizer was designed with a single realm in mind.

Ideally realm <-> new instance of the authorizer. The only pain point with the authorizer could be managing 2 different URLs. Users / Groups / Roles are also segregated in each realm in keycloak.

Can you share some of the benefits of having this architecture, other than a single URL?

lakhansamani avatar Apr 01 '23 05:04 lakhansamani