I'm wondering if there are any people here having experience with deploying the same application to different companies combined with the usage of the same IAM database.
What we're doing is that we deliver the same application to multiple companies. Due to the pricing plan we apply we are in control of the amount of users and what modules (roles) we let them use.
I currently don't know exactly how we could set up or use IAM to have one (only 1) system administrator per company that can manage their users, e.g. change permissions, but not adding new users or modules they don't have access to.
When taking a look at the Administrator roles (https://docs.thinkwisesoftware.com/docs/iam/administrators.html) and trying them out, it looks to me that they don't really apply to us.
Alternatively, we could build another application on top of IAM dealing with all these issues, but that's really something we don't want to do I guess?
Another alternative is to deploy per customer 1 IAM database, but that still doesn't solve the question about limiting the amount of users per customer.
Besides that, IAM is I think very difficult to understand for our end users that allows them way to much (e.g. changing the authentication type, which they absolutely should not).
I'm curious how others do this, please let me know 
.
Best answer by Anne Buit
View original
