Portal Accounts for Saas App

Hi guys,

So this is a nice puzzle to solve, useful for some of us today, and probably many more soon.

THE CONTEXT
An App designed to be sold as a Saas App to companies. When a new customer creates an account and logs in, he sees only his company data in the Live App.
Knack permits 1 email per user.
Meaning that all users in the different companies using the same Saas App have a unique email.
Knack allows (and I do not put a conditional rule) a user Name to be the same for various emails.

PROBLEM
When a user is part of 2 or more companies in real life, he has to create a distinct user and email for each company in the Saas App to be able to log in.
Let’s say a user with a provideer role works with 5 different companies, he will have to create 5 different emails to be able to login in the 5 different company spaces of the SaaS App.
Not UX friendly at all.
Due to my App structure, I probably won’t be able to escape having distinct users, and email, for each company. But that’s not a big problem. I create free email alias as needed, all sending to the same unique base email. Works fine.
The problem is ONLY the login part. Having to work with various emails.

BEST PRACTICE
As some other Saas offer and I very much like, they make you login with one email, and if you have more than 1 company account, it sends you to a portal listing your accounts, where by clicking one it send you to the company space. With only one email, and the same user.

CHALLENGE
Out-of-the-box thinking needed here. It does not have to require modifying all the page rules of the App.
I was thinking of having just one base email to login to a private logedin portal which would contain the logins modules of the comapnies with their emails and passwords saved.
But no idea of how to do that, and neither if it would work.
Other ideas?

Any way, very useful for few builders using Knack for multi-companies Saas.

It seems that what I need is similar to a Passwords Manager app. So maybe I could have this PM as a link (or even better embeded if possible) in my Knack App login page. ??..

• Audit Pass’s open-source code
  Like all other Proton services, Pass is open source and built on the principle of trust through transparency. As scientists, we know that transparency and peer review lead to better security. All Proton Pass apps are open source, meaning anyone can verify our security claims for themselves.

• Sign in faster with Proton Pass autofill: You no longer need to copy and paste your username and password. Easily and securely log in with Proton Pass autofill technology.

So I come to here:

imagen1209×324 4.46 KB

But it seems that for security reason the autofield is not working.

@KnackPros can you inform about the autofield login page or alternatives. tks!

Not sure if I understand correctly

You can connect the companies to the user account so one user can be connected to many companies. This would use a single email address from the accounts object. When they login you can display a table or list view of the companies they have access to.

The only issue on this is an admin would need to add the company association to the users account. You would not want the end user do it as they would need to see the companies drop-down list.

But when the user click one of the company in the list, I do not know how to make it change to another company. You mean just maybe an Action Link to select other company name conected to the user? Maybe it is way easier than I thought. I will try it.

You would not want the end user do it as they would need to see the companies drop-down list.

Indeed, so I created for an other App this open company search. Only if you know the exact name of the company it will give result with asociated actions available.

imagen948×379 7.65 KB

@MichaelG We do this a lot and it requires two connections in the User object to the Companies list:

1. Active Company - (one-to-many) This is the Company that the user sees in all of the pages using filters in your views. Means of course that many objects will need a connection to the Companies for this to work.
2. Available Companies - (many-to-many) This is the Companies the user can access, and as @CarlHolmes pointed out will need an admin to maintain this list. Some of your customers will have only one available.

The complexities start to arise when any object that needs filtering to display the correct data to the user needs a connection to the Company while a lot of this can be set with form rules.

Wow Brad!! you are on fire. solving the hardest unsolved problems I had abandoned for +1 year.

Indeed, all my App is very well wired, with the objects connected to a company.

It makes perfect sense what you are saying, and a smart trick.

I will try and keep you updated. I would not have thought it could be that easy.

Let me help you design a solution for this multi-company login challenge in Knack. Here’s how we could approach this:

1. Create a Portal Account Structure:

• Have a master “Portal” object that stores the user’s primary email and password
• Create a related “Company Accounts” object that links company-specific accounts to the portal account
• This way, one portal account can be associated with multiple company accounts

Here’s a potential implementation:

1. Database Structure:

Portal_Users:
- Primary Email (unique)
- Password
- Name
- Portal User ID (auto-increment)

Company_Accounts:
- Company Email
- Company Name
- Company ID
- Portal User ID (connection to Portal_Users)
- Specific Company Role/Permissions

2. Login Flow:
3. User logs in with their primary email to the portal
4. Query Company_Accounts filtered by the Portal User ID
5. Display a company selection page showing all companies they have access to
6. When they select a company, perform an automatic login to that company’s space using the stored company credentials

To implement this, we could create:

// Portal login page code
$(document).on('knack-form-submit.view_123', function(event, view, record) {
  // Get portal user details
  const portalUserId = record.id;
  
  // Query company accounts
  const companies = Knack.getUserCompanies(portalUserId);
  
  // Redirect to company selection page
  window.location.href = `/company-select?portal_id=${portalUserId}`;
});

// Company selection handling
$(document).on('knack-view-render.view_124', function(event, view) {
  // When company is selected
  $('.company-select').click(function() {
    const companyId = $(this).data('company-id');
    const companyCredentials = getCompanyCredentials(companyId);
    
    // Perform automatic login to company space
    performCompanyLogin(companyCredentials);
  });
});

3. Security Considerations:

• Encrypt stored company credentials
• Implement session management
• Add rate limiting for login attempts
• Use secure token-based authentication between portal and company spaces

4. Implementation Steps:
5. Create the portal login interface
6. Set up the company selection dashboard
7. Implement the automatic company login mechanism
8. Add security measures and encryption
9. Test thoroughly with multiple company scenarios

This solution would:

• Allow users to login once with their primary email
• Give them access to all their company accounts
• Maintain separate company spaces and data isolation
• Improve user experience significantly

Would you like me to elaborate on any particular aspect of this solution? For example, I could provide more detailed code for the encryption handling or the company selection interface.

Wow! That is an impressive How to do Guide.

Thank you very much @PhilWesley67576 !!

So now we have a no code and code solutions.

I will try both tomorrow and feedback you.

ps: same as Knack has an Ebusiness and a Login Users Functions Buttons to facilitate their implememtation, I believe Knack should have a Multicompanies User Function Button to facilitate it.

At least create a Knack App Template which is fast and easy to produce.