https://www.ory.sh/ logo
#general
Title
# general
a

agreeable-microphone-83376

02/09/2022, 11:39 AM
I like what Ory is doing. I explored and read alot but I have a scenario for which I am unable to see whether it can be handled via Ory. -----Part-A----- I am building an SAAS App in which a user(Super-Admin) after signup can create multiple companies. Every company will have different teams. eg. marketing, operations, HR. Now, user(Super-Admin) will be able to be add more users to different teams. Also, When It comes to Roles: a. Super-Admin can manage Roles of all companies and teams, eg: Assign Team Admin for teams, and add Editors, and Viewers also at same time. b. Team Admin can manage Roles of their teams eg: add editor or viewers to their team. Options for Following Roles: a. Super-Admin b. Team-Admin c. Editors d. Viewer Its like a hierarchy with Roles in Company and Teams. Any suggestion, how can we achieve scenario like this in Ory? -----Part-B----- If in above platform, we also have a CLI app for team to do custom development in which user has to login with the credentials they used while signing up on website. Can we do this, like by issuing token etc, like user has to login in CLI using credentials used in Part-A and then do their work and then logout from CLI? Suggestion will be really helpful.
m

magnificent-energy-493

02/10/2022, 1:02 PM
Part A: You can use Ory Kratos for the user authentication and self-service part and Ory Keto to implement roles and permissions. You can either selfhost those services or use them in Ory Cloud. For different example implementations check the documentation, and also the community contributed projects: https://www.ory.sh/docs/ecosystem/community/ Also check out factlys talk, could be related:

https://www.youtube.com/watch?v=yOCfp5ylTzs

a

agreeable-microphone-83376

02/10/2022, 1:05 PM
@User thanks for suggestions. How about Part-B ?
m

magnificent-energy-493

02/10/2022, 1:07 PM
And for Part B, I suggest to take a look at Ory Oathkeeper. This article is a bit dated but on a high level it still can be useful: https://www.ory.sh/api-access-control-kubernetes-cloud-native/#ory-oathkeeper
Hey @User Did you make any progress? I am looking to improve the docs a bit for use cases like yours. Would you be willing to start a discussion on GitHub with your above description and any other info that you want to add around your use case? https://github.com/ory/kratos/discussions/new That would help us a lot to plan these new guides & tutorials, thanks!
2 Views