Customers accounts vs internal company accounts for a SaaS app
-
Hello,
I'm trying to understand how FusionAuth would work best for a SaaS app with two kinds of accounts: customers and internal admins.
The internal company logins are e.g. sales people, developers, customer services, etc. They need to be able to access an internal admin portal, and in addition, a sandbox customer account for testing.
It seems like it could be convenient to let internal admins share one user account and an app-switcher to toggle between their admin-view and their customer-view.
Is it a best practice? Is it unsafe in any way?
Thanks,
-
I'd probably create two different applications and different groups for the customers and internal admins. I'd also look at assigning roles to the groups, which would be passed on to the users.
When you talk about the sandbox account, you can either give the admin users a separate account (user accounts are free) or code the application with a button that gives them the ability to switch views, but only display that button for users with the
internal-admin
role. -
Hey Dan,
We want to have different configurations for each customer, because each customer may have e.g. a different SAML provider.
Therefore, we decided to create one application for internal-admins, and one application for each customer.
Does that make sense?
Also, what is the benefit of segmenting by group, in addition to segmenting by application?
Thanks,
Nick
-
Hi @nick,
We have a good overview section on why you would select/create a group in FusionAuth below and offers a helpful example.
https://fusionauth.io/docs/v1/tech/core-concepts/groups/#overviewMy understanding is that groups will allow you to select a subset of users within your application(s). Very useful if you need to define roles, etc.
I hope this helps!
Thanks,
Josh -
@nick said in Customers accounts vs internal company accounts for a SaaS app:
Hello,
I'm trying to understand how FusionAuth would work best for a SaaS app with two kinds of accounts: customers and internal admins.
The internal company logins are e.g. sales people, developers, customer services, etc. They need to be able to access an internal admin portal, and in addition, a sandbox customer account for testing.
It seems like it could be convenient to let internal admins share one user account and an app-switcher to toggle between their admin-view and their customer-view.
Is it a best practice? Is it unsafe in any way?
Thanks,
You should look into FusionAuth.io to see if it fits your needs. It has a more adaptable model than the big SaaS solutions and could meet your needs both now and in the future.