search

Flagsmith / flagsmith

Open Source Feature Flagging and Remote Config Service. Host on-prem or use our hosted version at https://flagsmith.com/
https://flagsmith.com/
BSD 3-Clause "New" or "Revised" License
4.74k stars 358 forks source link

Allow for "Single Tenant" self hosted instance that auto invites all users to a single Org #3967

Open max-cole opened 3 months ago

max-cole commented 3 months ago

Is your feature request related to a problem? Please describe.

When self hosting flagsmith the owner of the instance might want to only manage a single org for all of their users, currently every user must be manually invited to the same org or share the same invite link. Flagsmith currently allows for oAuth via google and github in an ideal world there would be functionality such that the Flagsmith instance would effectively be a "single tenant org" where all users that successfully authenticate would be invited to this "default" org without having to share a link or mistakenly create their own org.

Describe the solution you'd like.

Functionally this might be done via env-var(s) on the API instance that would change api to:

Disable users from creating orgs (Already done via flagsmith on flagsmith) Auto invite all users to some default org Disable email/password signup (already done via ALLOW_REGISTRATION_WITHOUT_INVITE) Force users to sign up via oAuth/SAML/SSO

The only requirement for this feature would be the auto invite but it might be useful to bundle/couple these changes from a security perspective so random people don't get auto invited to the org.

Describe alternatives you've considered

Users can log in but must then be invited to the org, this might lead to a user creating an org and using it without the ability for other users of that same instance to edit the Flags.

Additional context

Spoke to @dabeeeenster on the flagsmith discord around this feature. Happy to discuss this feature request any further.

novakzaballa commented 3 months ago

Thank you for this feature request @max-cole. We will look at it and prioritize it or reply with comments.

dabeeeenster commented 3 months ago

I think this is a good idea - surprised it hasnt come up before. I'm not clear why there is a requirement to "Disable email/password signup" - we could lock down the app with the env var ALLOW_REGISTRATION_WITHOUT_INVITE (https://docs.flagsmith.com/deployment/hosting/locally-api#application-environment-variables) which would maintain security?

max-cole commented 3 months ago

The call out for the disable email/password signup was more of a "tightly coupling this functionality or at least calling them out in the docs would help users maintain good security hygiene and prevent gun aimed at foot situations" vs a strict requirement. The auto invite is really the only missing element.