Docs

Try a B2B use case (with organization login)

# Try a B2B use case (with organization login)

The following guide is a complete end-to-end use case on how to manage B2B (Business-to-Business) applications in Asgardeo.

# Scenario

You are an administrator of Guardio Insurance, which is a company that provides its services to other business organizations.

Best Car Mart has a partnership with Guardio Insurance to provide life insurance policies to its employees. Guardio Insurance exposes its services to Best Car Mart’s employees through its Guardio Insurance App.

The employees of Best Car Mart should be able to log in to the Guardio Insurance App to consume its services. The administrators of Best Car Mart will manage the users of its organization and also determine the login experience that their users should have.

Organizatoin login scenario

# Prerequisites

You should create an organization. For this example we have created an organization named Guardio Insurance.

# Set up the organization

As the administrator of Guardio Insurance, you need to first set up an organization.

# Step 1: Onboard the organization

Create an organization in the Asgardeo Console with Best Car Mart as the organization name.

# Step 2: Onboard an organization administrator

Onboard an administrator to the Best Car Mart organization using the values given below.

Username (Email) Enter an email address as the user name.
First Name Enter the first name of the user.
Alex
Last Name Enter the last name of the user.
Doe
Password Set a temporary password for the user.

# Set up the app

The following guides explain how you can share an application with organizations and allow organization users to log in to it using SSO.

Let's use the sample application, Guardio Insurance app (opens new window), to explore this use case.

# Step 1: Register the app on Asgardeo

Follow the steps given below to register the Guardio Insurance App with Asgardeo.

  1. Switch to the primary organization.

  2. Register a standard-based application in your primary organization with the following settings:

    Application Name Add a name for the application.
    guardio-app
    Protocol The authentication protocol to use.
    OAuth2.0 OpenID Connect
    Management Application Select this checkbox to indicate that the application has access to Asgardeo's management APIs.

# Step 2: Share the app with organizations

Share the Guardio Insurance app with your Best Car Mart organization. See instructions on how to share applications with organizations.

By doing so, you enable Sign In with SSO as a login option in the application login screen, which organization users can use to log in.

# Step 3: Configure the app on Asgardeo

To configure the registered application on Asgardeo:

  1. On the Asgardeo Console, go to Applications and select the application you registered.

  2. Go to the Protocol tab of the application, configure the following values.

    Note that the Organization Switch grant will only be visible after you share the application with organizations.

    Allowed Grant Types Select the following grant types:
    • Client Credential
    • Code
    • Organization Switch
    Authorization Redirect URL Enter the URLs of the application to which users should be redirected after login and logout.
    • http://localhost:3000/api/auth/callback/wso2is
    • http://localhost:3000
    Allowed Origins Enter the allowed origins.
    http://localhost:3000

    Take note of the client_id and client_secret generated for your application.

  3. Click Update to save your configurations.

# Step 4: Set up the client app

Open the config.json file found in the b2b-sample/guardio-insurance-sample-application folder and update the following parameters:

Parameter Description Value
BaseOrganizationUrl The base URL of the organization. https://api.asgardeo.io/t/{organization-name}
ClientId The client ID of the application created on Asgardeo. Client ID copied from step 1 above.
ClientSecret The client secret of the application created on Asgardeo. Client secret copied from step 1 above.
HostedUrl The URL of the client application. http://localhost:3000
APIScopes The scopes required by the application to access user resources. openid, email, internal_login, etc.
Branding.name The branding name of your application. Guardio Insurance
Branding.tag A branding tag line for your apllication. Anytime . Anywhere
SharedApplicationName The application name you used to register the application in Asgardeo. Guardio Insurance App
ImageBaseUrl Add the URL of Asgardeo Console to load images required for the sample application. https://console.asgardeo.io

Remove the SampleOrganization section from the config.json file as it is not required for Asgardeo configurations.

  1. To start the application, open a terminal, navigate to the b2b-sample/guardio-insurance-sample-application folder and execute the following commands:

    npm install
    1
    npm run dev
    1

# Try it out

The following guides explain how an organization user can log in to the sample application, Guardio Insurance App and how an organization administrator can use the built-in administration portal.

# Try out organization login

Follow the steps below to see how organization login works for a user in the Best Car Mart organization when logging into Guardio Insurance App.

  1. Open the application by copying the following URL to your browser: http://localhost:3000/ Guardio Application Login

  2. Click Sign In and see that you are diverted to the Asgardeo login screen.

  3. Click Sign In with SSO to specify the organization to which you are signing in.

  4. Enter Best Car Mart as the organization name and click Submit. Sign in with organization login

  5. Enter the username and password of a user who you have onboarded to Best Car Mart.

  6. Click Sign in and grant permission for the application to access your user attributes.

    You have successfully logged into the Guardio Insurance App as a user of the Best Car Mart organization.

# Try out the administration portal

Learn how to build an administration portal for your B2B application in the implement an administration portal section.

Best Car Mart needs to manage its employees through an external IdP. As the administrator of Best Car Mart, Alex, is tasked with enabling login from the external IdP for Best Car Mart employees.

To configure an identity provider for Guardio Insurance App:

  1. Log in to the application with the credentials of Alex.

  2. On the application, go to Settings > Identity Providers and click Add Identity Provider.

    Logged into best auto mart

  3. Select Google if you are onboarding a Google IdP or Enterprise if you are onboarding an enterprise IdP. Select Identity Provider method

  4. Provide the details specific to your IdP and click Create.

  5. Click Add to login flow to enable this IdP as the login option for Best Car Mart users in the application.

© 2024 WSO2 LLC.