FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Deactivate/verify tenant or check custom conditions by login

    Scheduled Pinned Locked Moved
    Q&A
    2
    4
    523
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bubblez
      last edited by

      Hello dear forum,

      we use fusionauth in a scenario where a tenant corresponds to a club (sports, music etc.).
      We want a club to be able to register independently on our website and a tenant to be created in the background. Before the club can use the platform, it should additionally - in whatever way - identify itself to us as a real club.

      In the meantime, the tenant should be created, but still deactivated and not usable.

      According to the documentation fusionauth does not provide the option to deactivate a tenant, as it is possible for users, for example, right?

      Alternatively, one could introduce a flag 'verified' in the 'data' attribute of the tenant.

      Is there a way to customize the login process to check other conditions besides the credentials, in this case the 'verified' attribute?

      Does anyone have any other idea to implement the described use case?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • danD
        dan
        last edited by

        So there are a number of ways to approach this, but they'll all require you to write some code.

        I don't know your current system or skillset, but this is how I'd do it:

        • have someone sign up to create a club in an application in the default tenant.
        • create the tenant, but no users in the tenant. You could set defaults as needed.
        • verify they are a real club (in whatever way you desire)
        • on verification, add an application and a user account based on the account in the default teannt. Notify the user via email that their club account is now available.
        • users can then sign in to the created application in the new tenant.

        If you need the ability to deactivate the tenant, I'd write a script that deactivates all applications within a tenant and possibly deactivates the user in the default tenant. Note that when a user can't log in to an application, you may have to check carefully for an HTTP status, see more here.

        Is there a way to customize the login process to check other conditions besides the credentials, in this case the 'verified' attribute?

        If you are using the login API, you can check any number of items on the user or other objects, but you have to build your own pages. If you are using the OAuth grants or the provided login pages, there are no customizations like you suggest available. Please feel free to file a github issue with details of how you'd like this feature to work.

        Hope this helps.

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        1 Reply Last reply Reply Quote 1
        • H
          hellominaa21 Banned
          last edited by

          This post is deleted!
          H 1 Reply Last reply Reply Quote 0
          • H
            hellominaa21 Banned @hellominaa21
            last edited by

            This post is deleted!
            1 Reply Last reply Reply Quote 0
            • First post
              Last post