Activities of "AndrewT"

• ABP Framework version: v7.2
• UI type: Blazor WASM
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): MVC

Hi,

We have a client that wants to use AzureAD for SSO, and provisioning so their users can log into our app.

Searching in the docs for AzureAD or SSO (v7.2) does not bring up any resiults. I have seen some blog posts from 2020 but we are using the v7.2 framework/OpenIddict.

1. Can you please point us to an example that shows what to setup in AzureAD and what to configure in ABP.io?
2. Will the ABP module enable Provisioning from Azure? and can you point to an example of how that is setup on both Azure and ABP sides?

Thanks, Andrew

• ABP Framework version: v7.2
• UI type: Blazor WASM
• DB provider: MongoDB
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace:

Hi,

We are upgrading to v7.2 from v5.3 but the LeptonX layout causes us problems and doesnt work very well for our users.

What is the long term plan to continue support on Lepton Theme?

Andrew

Add SCIM functionality to automate onboarding and offboarding tenant users. This would be part of SSO functionality too. Allow the SCIM to be extended to also set the Role and other application defaults.

https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/sync-scim

Here is an example of how others do it; https://www.strongdm.com/docs/admin/identity-providers/azure-scim-provisioning

Blazor Web Assembly.

1. Impersonate Users - So a host user can impersonate a tenant user for support and troubleshooting.
2. Remove the redirect requirement for login. We do not want to use the ABP website feature, we want users to go straight to login page, and be redirected to it after logout.
3. Improve the speed to load the application, from URL click, and then from Login. There are lots of ways to improve this, a significant one would be the open login page directly.
4. Better example of how to integrate SaaS monthly and/one off payment with Stripe (show what stripe settings are used for the example).
5. Better example of using AzureAD for validation of tenant users.

Thanks for the quick response.

I looked at https://docs.abp.io/en/commercial/7.1/modules/identity#organization-units but not sure how that is used to filter data so only certain users can see the data? is it User or Role based, and can a User and data eg Custtomer data belong to more than one Organisation Unit? Is there an example of how this can be used to "hide" data that should not be seen by people outside that Org unit within a tennat?

Andrew

• ABP Framework version: v7.1
• UI type: Blazor WASM
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): MVC

We have an application with lots of data that is geographically grouped, or can be operationally grouped eg Division 1, Division 2, etc.

We want to be able to limit the data that specific groups of users can see. but enable other users to be able to view all data from all regions.

In simple terms Users belonging to Northwest Region, can only see customer data that relates to Northwest Region, but a User that belongs to "All Northern" can see data from North-West and North-East Regions.

Is there an existing extension of identifty eg Departments? that would help with this sort of scenario?

Andrew

Why can't this be fixed? should we create a github issue?

• ABP Framework version: v7.1
• UI type: Blazor WASM
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): MVC

Hi,

We are upgrading an app to v7.1 template.

The performance on v7.1 is worse than previous versions. Our application is not very big.

What steps can we take to improve the loading speed at startup and user experience?

1. We do not want to use the ABP “default” public website. We just want users to go to our login URL and open the login page. Currently it takes forever to load the web app, then redirect users to the login page. It is a real pain for users!
2. After logout the user should be redirected DIRECTLY to the login page. They should not have to load the abp website, then redirect to login again.

Thanks. Andrew

Ok thanks, and this one;

https://support.abp.io/QA/Questions/4623/Cross-site-scripting-issue-found-in-our-project https://github.com/abpframework/abp/pull/15891

Hi liangshiwei, Thanks for the update,

I might have included the wrong link, it was this one it is set for v7.2 Preview but looks like it might have been merged into v7.1?; https://github.com/abpframework/abp/pull/16049