By: MM MM user 25 Feb 2019 at 7:39 p.m. CST

1 Response
MM MM gravatar
Hi there, Apologies for the noob questions but we have set up a not-for-profit and lobbied online training providors to provision their premium services to our community for free. We have no budget and are all volunteers and so I have been exploring whether Gluu might be the perfect solution for us. I'm not clear as to whether we can build the following using Gluu exclusively, so any thoughts/guidance would be very welcome. The user journey is as follows. 1. A beneficiary or a mentor social signs on using linkedin. It seems as if I can make a Custom Login page with Social Signon ONLY ( using passport ) and I'm hoping that we can do this by customising the public pages as described here https://gluu.org/docs/ce/3.1.5/operation/custom-design/ So far so good 2. Beneficiaries and mentors can both have access to the online community (a Discord server) so after setting up a client relationship with Discord, will this be visible on the next page after registration / login? I set up a Test SAML Service using an [RSA tool](https://sptest.iamshowcase.com/instructions) and it works but I'm a bit stuck as to where I should put the [SAML Authentication Request link](https://sptest.iamshowcase.com/protected?idp=dbd2e6e2270b1ab0660fa43a1a8f2f6db8c46ea8) 3. Only beneficiaries can have access to 8 other online training resources. Can we put a form field for a custom attribute so that it can be validated (against REGEX) or perhaps just a link to their profile so that this can be done. After the user enters a string into the custom attribute field that matches the REGEX how can we write a rule that automates adding beneficiaries to a new group which then has access to all of the resources (not just the discord server). Thanks for your patience in reading and I hope the community will have some ideas as to how we can achieve this using Gluu. Very best wishes, M

By William Lowe staff 26 Feb 2019 at 1:43 a.m. CST

William Lowe gravatar
> A beneficiary or a mentor social signs on using linkedin. It seems as if I can make a Custom Login page with Social Signon ONLY ( using passport ) and I'm hoping that we can do this by customising the public pages as described here https://gluu.org/docs/ce/3.1.5/operation/custom-design/ > Yes, supported. A social login page is included out of the box, but you are also free to do your own customizations. > Beneficiaries and mentors can both have access to the online community (a Discord server) so after setting up a client relationship with Discord, will this be visible on the next page after registration / login? Client == OpenID Connect. Trust Relationship == SAML. Sounds like you're using SAML, so you'll need to setup a Trust Relationship in Gluu to release the personal info to Discord. Sounds like you have that much covered. Now the user needs some way to find this application service.. so you need to have some public page users can access, and click "login" to Discord, and then the redirect to Gluu will happen, then post successful auth, the redirect to private Discord page will happen. > I set up a Test SAML Service using an RSA tool and it works but I'm a bit stuck as to where I should put the SAML Authentication Request link You should open a separate ticket about this with complete details and steps to reproduce. > Only beneficiaries can have access to 8 other online training resources. Can we put a form field for a custom attribute so that it can be validated (against REGEX) or perhaps just a link to their profile so that this can be done. After the user enters a string into the custom attribute field that matches the REGEX how can we write a rule that automates adding beneficiaries to a new group which then has access to all of the resources (not just the discord server). The easiest way to achieve this type of access management is to have the app enforce access based on a specific attribute released by your Gluu Server. So those privileged users might all have the `privileged` attribute, which is required for access to the privileged apps. In general, it's best to keep support questions tightly focused about technical issues you are experiencing. It seems like more research will help you architect the right design for your ecosystem of apps.