User Group & Tenant support et al

There are visible provisions in Sphinx for Group & Tenant support, but I can see no actual functionality. Is there a feature request for that already?

There are also small things missing, many of which covered in other posts, but I just wanted to add:

  1. Disallow saving of user passwords in the browser - ideally, configurable per user, or globally;
  2. Explicit Change Password functionality.
  3. Once the Group support is in, maybe some rights management that can be assigned at the Group level - even if it's just a rudimentary User vs. Admin.
  4. Once the Tenant support is in, can it be derived from the UPN in some fashion? So when a signs in, it knows it's the ABC Tenant, etc.
  5. Enforce 2FA either per User or globally (i.e.: per Tenant) - even with just email codes it would be great and hopefully with a mobile app eventually - if you supply your own free authentication App for this, it would become a 10 times better product immediately.
1 Like

Check the existing Sphinx demo. It is multi tenant and it fills those fields.

Regarding your requests, I don't understand what you want in them.

I suggest you create separate feature requests (or support topics) for each of them with more detailed description so we can properly discuss each separately.

As far as I can see, the existing Sphinx demo does nothing in terms of Tenants - the login prompt is the same as always, user realm from UPN is not taken into account and the tenant fields in the DB are not populated. Am I missing anything? - I have signed in as through all 3 interfaces and tenant_id field in the DB is still NULL.

The application in Sphinx demo is multi-tenant. Not the users in Sphinx.
Multi-tenancy is complex and can be interpreted/implemented in many ways. What exactly you want to achieve?

The Sphinx demo is multi-tenant in the sense that if you log as Hans, the application will only show data of the logged tenant (Hans). The same if you log with a different user.

I'd be happy to piggy-back on whatever Tenant functionality you have. But of course a User cannot be interpreted as Tenant in any case. It's typically designed to provide some data separation between separate Organizations, each with multiple Users. And with some of the Users potentially members of multiple Organizations. Ideally also with different screen branding per Organization.

I'm speculating, because there's nothing in the doco on the subject: searching for Tenant brings up 0 results.

The tenancy concept is global to TMS Sparkle and TMS XData, actually. "Everything" in XData is multi tenant. So is Sphinx, which is also a XData module.

The concepts are explained in the following links:

And also in the XData demos that show multi tenancy, using the tenant middleware.