question:0:0:0.0 --> 0:0:1.790 Jasmine Tang Fit in those in for like like you. 0:0:1.100 --> 0:0:2.130 SueAnn See When you smiling. 0:0:5.750 --> 0:0:5.910 Jasmine Tang No. 0:0:7.920 --> 0:0:8.950 Jasmine Tang For example, we see. 0:0:9.340 --> 0:0:12.20 Jasmine Tang Let's say we need to clean it external IDP right? 0:0:12.710 --> 0:0:26.640 Jasmine Tang Then you might have an API, but then you you you want you want to have a UI for, let's say, cops, whoever they onboarding the customer to configure the information for the customers, external IT information. 0:0:26.890 --> 0:0:37.630 Jasmine Tang OK, so this part UI is is is the one that same as external authentication configuration like like the one that we have in IHOME. 0:0:37.640 --> 0:0:42.680 Jasmine Tang If you get the area I I don't know exactly how that looks like, but then it's the UI. 0:0:43.20 --> 0:0:48.290 Jasmine Tang Tell us to configure external identity provider, not only external IDP that whatever the unique they say. 0:0:50.890 --> 0:0:55.380 Jasmine Tang If you like, do we have the scope of that that being outlined by Duraid on this area? 0:0:55.470 --> 0:1:9.300 Jasmine Tang I don't see because I don't know what it's gonna, but he just mentioned before, you know, in all the summer integration discussions, he always said that platform should have UI to do all those configuration. 0:1:10.550 --> 0:1:14.540 Jasmine Tang OK, I think this time maybe we need to follow with. 0:1:15.240 --> 0:1:15.590 Jasmine Tang Yeah, sorry. 0:1:13.880 --> 0:1:24.210 Eric Wong Uh, I have a question this you I is it just slowly gonna be used by cloudops or is it gonna be used by in a tenant level? 0:1:24.640 --> 0:1:25.320 Eric Wong I think the previous. 0:1:31.430 --> 0:1:32.50 Jasmine Tang Eric lost you. 0:1:34.780 --> 0:1:34.900 Jasmine Tang Yeah. 0:1:33.90 --> 0:1:35.500 Eric Wong For can you hear me? Hello. 0:1:36.450 --> 0:1:37.170 Jasmine Tang Yeah. OK. 0:1:36.970 --> 0:1:37.380 Eric Wong That. 0:1:38.130 --> 0:1:38.740 Eric Wong Yep. 0:1:38.810 --> 0:1:49.250 Eric Wong So I think previous one that we had is on the tenant level, if I remember correctly meaning to say it's more towards on the specific tenant. 0:1:49.430 --> 0:2:4.310 Eric Wong So in this case, when cloud OPS has been mentioned right, am I supposed to think that this is something like access grant in a way that is only exists in the initial tenant where you can actually access multiple tenant to do the configuration? 0:2:8.80 --> 0:2:9.430 Eric Wong It's a question. Thanks. 0:2:12.70 --> 0:2:15.720 Jasmine Tang I also don't know, but it's, yeah, double confirm, yes. 0:2:19.710 --> 0:2:20.60 Eric Wong Right. 0:2:20.70 --> 0:2:20.530 Eric Wong OK. Thanks. 0:2:24.370 --> 0:2:26.240 Jasmine Tang So why put on the action item? 0:2:26.250 --> 0:2:36.630 Jasmine Tang So on the UI scope, being the bigger conversation between Keith ME and Duraid, right, so I will move to the next one. 0:2:36.640 --> 0:2:38.540 Jasmine Tang The create user pool. 0:2:38.690 --> 0:2:44.410 Jasmine Tang Sorry, I can user pool, I've forgotten to change in off 0 is not not call user pool. 0:2:45.640 --> 0:2:52.250 Jasmine Tang So uh, if I think of 0 is not not reliable, we don't have a user pool here. 0:2:54.530 --> 0:2:55.940 Jasmine Tang Yeah, this one works for Colorado. 0:2:56.780 --> 0:3:0.360 Jasmine Tang Hopefully you'll be disregarded. OK. 0:3:8.830 --> 0:3:9.200 Jasmine Tang And then. 0:3:14.250 --> 0:3:19.540 Jasmine Tang The external IDP still valid for both Ooi DC and Samuel. 0:3:27.220 --> 0:3:30.180 Jasmine Tang Ohh, I'd season media really support for this. 0:3:31.580 --> 0:3:32.280 Jasmine Tang Open the phone signal. 0:3:34.110 --> 0:3:46.20 Jasmine Tang I found now is like calling Keycloak API to create a external IDP so KEYCODE has is on API format and then all zero work is is totally different API. 0:3:46.110 --> 0:3:47.40 Jasmine Tang So we need to change that. 0:3:47.140 --> 0:3:49.490 Jasmine Tang Yeah, the peanut. 0:3:49.540 --> 0:3:52.790 Jasmine Tang All these also different because it's two different provider. 0:3:57.900 --> 0:4:5.980 Jasmine Tang And so this is your in a way is to support the SNR IDP for ODC SL, right? 0:4:6.40 --> 0:4:9.720 Jasmine Tang But if we respect to all zero, OK and then. 0:4:11.490 --> 0:4:14.820 Jasmine Tang Ohh, about the UI that mentioned here. 0:4:15.580 --> 0:4:17.100 Jasmine Tang I think it's the same UI. 0:4:17.110 --> 0:4:17.790 Jasmine Tang It's said. 0:4:17.830 --> 0:4:18.280 Jasmine Tang Thank you. 0:4:18.290 --> 0:4:20.190 Jasmine Tang I bigger scope UI is like. 0:4:22.580 --> 0:4:24.880 Jasmine Tang Targeting creation of external IDP. 0:4:25.330 --> 0:4:25.730 Jasmine Tang OK. 0:4:25.780 --> 0:4:26.390 Jasmine Tang OK. 0:4:26.400 --> 0:4:29.320 Jasmine Tang Again, I didn't modify this partner. 0:4:29.560 --> 0:4:30.650 Jasmine Tang It's either you use. 0:4:31.100 --> 0:4:37.660 Jasmine Tang There is an option to use SDK or API when you come to this partner I I suggest we use AP. 0:4:37.670 --> 0:4:43.20 Jasmine Tang I don't use APK last time we suggest to use SDK because it was for committal. 0:4:43.30 --> 0:4:50.500 Jasmine Tang So Cognito is using Amazon SDK and I checked with Eric that in platform service already using Amazon SDK. 0:4:50.510 --> 0:5:8.830 Jasmine Tang So I think it's makes sense to continue using SDK lab, but if we switch to off 0 right, if we want to use their SDK that means you go to import more libraries then you go to cater for like if there is any patch purely for screen state, no feature change you still need to do the patching in your SDK. 0:5:9.40 --> 0:5:15.940 Jasmine Tang So I think if you use API then you got less problem on those kind of patching without feature change. 0:5:19.10 --> 0:5:30.70 Eric Wong Yeah, I think I think at the moment we don't use SDK or on keycloak, but we use only SDK for mainly for Route 53 and stuff yeah. 0:5:31.180 --> 0:5:31.370 Jasmine Tang Yeah. 0:5:31.380 --> 0:5:31.610 Jasmine Tang Yeah. 0:5:36.730 --> 0:5:37.20 Eric Wong Umm. 0:5:39.450 --> 0:5:39.830 Eric Wong Right. 0:5:31.620 --> 0:5:40.150 Jasmine Tang So Wendy, if we switch to of 0 and then I suggest we don't use their SDK, but we use a API. Ohh. 0:5:39.870 --> 0:5:52.70 Eric Wong OK, so so the way I look at it is just a another additional layer of all zero provider implementation that we can plug into actually call necessary API. 0:5:52.80 --> 0:5:53.250 Eric Wong We've, uh, proper. 0:5:53.260 --> 0:5:54.120 Eric Wong Whatever payload. 0:5:57.260 --> 0:5:57.440 Jasmine Tang It's. 0:5:54.860 --> 0:5:59.180 Eric Wong Similarly, how we implement for key code, but it's basically for all zero then OK. 0:5:59.290 --> 0:6:0.160 Jasmine Tang Yeah, I will. 0:6:0.170 --> 0:6:4.510 Jasmine Tang I will call you platform ready, written in the interface class ready. Right. 0:6:4.850 --> 0:6:5.10 Eric Wong Yes. 0:6:5.840 --> 0:6:6.100 Jasmine Tang OK. 0:6:6.110 --> 0:6:8.700 Jasmine Tang Then then, then it just email maybe. 0:6:6.910 --> 0:6:12.430 Eric Wong Yes, but just, uh, just a a just a. 0:6:14.200 --> 0:6:22.70 Eric Wong Claudia is although we have the interface, it might not be 100%, so we have to see what required, yeah. 0:6:24.140 --> 0:6:31.850 Jasmine Tang Ohh I think because I don't expect us to change another provider anymore in the future. 0:6:31.860 --> 0:6:38.530 Jasmine Tang So, but it's good to make sure we rule the code in the way that it is fully loosely coupled. 0:6:39.430 --> 0:6:47.650 Eric Wong Yeah, it in in platform all the codes are I can safely say quite all the codes are actually abstracted. 0:6:48.80 --> 0:6:55.290 Eric Wong It's just that again, you know, even though we abstracted, there are certain things that maybe doesn't exist in certain other implementation or maybe additional stuff. 0:6:55.300 --> 0:7:3.120 Eric Wong So so we have to pay attention in the area as well, which I at the moment I am not sure all zero what is actually required, yeah. 0:7:5.640 --> 0:7:10.50 Jasmine Tang Maybe we should rename the SDK to API just to make sure everyone on the same page? 0:7:11.720 --> 0:7:12.780 Jasmine Tang Anyone else will continue. 0:7:17.250 --> 0:7:19.690 Jasmine Tang Uh, do we have a UI ready to do this right now? 0:7:24.450 --> 0:7:27.210 Jasmine Tang So say we do at the bank right now. Don't have. 0:7:27.310 --> 0:7:28.70 Jasmine Tang OK, alright. 0:7:31.10 --> 0:7:39.890 Jasmine Tang So we call a tenant management feature the previous that I won't be you the tenant authentication that I mentioned just now. 0:7:40.280 --> 0:7:45.610 Jasmine Tang Yeah, I think we need a UI designer like just to make sure we have all this thing. 0:7:45.620 --> 0:7:51.830 Jasmine Tang But, but no matter how, when we prioritize the trying to settle down to API, at least, let's say, who knows? 0:7:51.840 --> 0:7:55.360 Jasmine Tang Maybe down the road we have other priority then we may rush all this thing. 0:7:55.370 --> 0:7:58.830 Jasmine Tang Then at least the API work will do the job itself. 0:7:58.960 --> 0:8:2.990 Jasmine Tang UI meanwhile, let UX team to take some time to to come up. 0:8:5.730 --> 0:8:20.350 Jasmine Tang In this list that you are talking something that you discuss with Duraid as well as in like what is the extensive scope of the UI that we have for the tenant authentication page and what are the area that he also expect to be include as well? 0:8:22.160 --> 0:8:22.580 Jasmine Tang Hey. 0:8:23.760 --> 0:8:27.730 Jasmine Tang So I'll move on to the bot in port user. 0:8:28.140 --> 0:8:31.290 Jasmine Tang I think we respect to key clock right now. 0:8:31.300 --> 0:8:58.270 Jasmine Tang Actually, we really have department for users and the Internet and external and this is the old zero and one thing I think I want to confirm is I think no, it's fine, I understand this but import user ID is related to the one that to support like those OPS central level weight and also work right right on the related email that has been shared. 0:8:58.500 --> 0:8:59.860 Jasmine Tang I suspect you'll be the same. 0:8:59.900 --> 0:9:0.870 Jasmine Tang It's the same thing, right? 0:9:1.520 --> 0:9:9.470 Jasmine Tang Maybe the dog import user need to enhance something that you pass in additional information that not belongs to IHOME one. 0:9:9.760 --> 0:9:26.970 Jasmine Tang So like for example, let's say the one way we have a A position title for the user, then we need to support this position, title, additional elements, editional attributes to support inside these bulk import user. 0:9:27.330 --> 0:9:36.160 Jasmine Tang But I home don't store this, but just pass the data to the user thing so user sync will do the job and pass to each product. 0:9:36.330 --> 0:9:39.210 Jasmine Tang I think that's supposed to be the way I I I believe that's what to read. 0:9:39.930 --> 0:9:40.380 Jasmine Tang OK. 0:9:40.450 --> 0:9:41.540 Jasmine Tang Yeah, we we should not. 0:9:42.470 --> 0:9:44.230 Jasmine Tang So OK, but that depends. 0:9:44.0 --> 0:9:45.500 Eric Wong Sorry, sorry, sorry. 0:9:45.510 --> 0:9:47.390 Eric Wong Yeah, this bot user import, right? 0:9:48.460 --> 0:9:53.500 Eric Wong Uh, we also talking about syncing back to the IDP, which is all 0, right? 0:9:54.930 --> 0:9:55.470 Jasmine Tang Yes, yes. 0:9:55.550 --> 0:10:4.450 Jasmine Tang So what you can mentioned the song is on syncing to the user to the product, but before we are able to sync to the product we go to create in the authentication services. 0:10:5.120 --> 0:10:9.130 Jasmine Tang So this code right is not talk about seeing user Singh to the products. 0:10:9.640 --> 0:10:9.960 Eric Wong Right. 0:10:9.220 --> 0:10:15.270 Jasmine Tang This scope is talk painting in the authentication service, which is the 10 currently. 0:10:15.160 --> 0:10:15.810 Eric Wong Yeah. 0:10:15.280 --> 0:10:16.650 Jasmine Tang Do it quick. 0:10:15.880 --> 0:10:20.370 Eric Wong So so my understanding is, yeah, this has nothing to do with the user sync. 0:10:20.560 --> 0:10:29.70 Eric Wong This is just more about what we have now importing the CSV file or whatever in the future, but just at the moment what we have is CSV. 0:10:29.320 --> 0:10:34.180 Eric Wong So just looking at what we have less than don't talk about the one way or anything, but just talk about what we have currently. 0:10:35.170 --> 0:10:42.360 Eric Wong I think this will still work quite a straightforward with some minor changes, because ultimately the actual. 0:10:44.900 --> 0:10:51.110 Eric Wong Implementation to actually push it back to the IDP is via the previous item, which is the. 0:10:53.810 --> 0:11:4.220 Eric Wong One of the the the odd zero provider itself, that that's some somewhere there that we will also still call that and it will call the endpoints and it will pass the payload. 0:11:4.230 --> 0:11:7.720 Eric Wong It's a similar way we create user from API. 0:11:7.730 --> 0:11:10.970 Eric Wong We create user from this bulk import. 0:11:11.20 --> 0:11:20.790 Eric Wong It will call the same call to do it, so that brings me to a question in terms of safe external user to Dynamo DB. 0:11:20.860 --> 0:11:25.910 Eric Wong Yeah, I think that is something that so trying to understand what what what is that about, yeah. 0:11:26.810 --> 0:11:32.170 Jasmine Tang And so Eric is not exactly same like keycloak like for audio is a bit different. 0:11:32.790 --> 0:11:33.10 Eric Wong Umm. 0:11:33.140 --> 0:11:34.550 Jasmine Tang 1st is a. 0:11:34.600 --> 0:11:35.310 Jasmine Tang Yes you can. 0:11:35.320 --> 0:11:39.10 Jasmine Tang You can call on zero API to create user one by one. 0:11:39.620 --> 0:11:39.860 Eric Wong Umm. 0:11:42.550 --> 0:11:42.750 Eric Wong Umm. 0:11:39.350 --> 0:11:48.330 Jasmine Tang They also have hot user features, but then the import feature user right, you go to reformat the data in Jason format instead of CSV. 0:11:48.730 --> 0:11:49.50 Eric Wong OK. 0:11:48.820 --> 0:11:56.240 Jasmine Tang So with the external user to Dynamodb is this part is different from Keycloak key code? 0:11:56.250 --> 0:12:0.580 Jasmine Tang You can create a user external user into the KEYCODE database. 0:12:0.590 --> 0:12:1.580 Jasmine Tang You can call it first. 0:12:1.820 --> 0:12:2.150 Eric Wong Umm. 0:12:1.640 --> 0:12:4.680 Jasmine Tang You can call the API and create first, but for all of 0, right? 0:12:4.690 --> 0:12:8.480 Jasmine Tang If it is an external user it little they don't on board user. 0:12:8.610 --> 0:12:11.550 Jasmine Tang That way you cannot on board an external user. 0:12:12.980 --> 0:12:20.200 Jasmine Tang How the user will be created like it's after they are successfully authenticated, then on zero add them automatically into their database. 0:12:21.690 --> 0:12:23.980 Jasmine Tang So this is how it works out in all zero. 0:12:24.210 --> 0:12:34.500 Jasmine Tang So what happened here is we need to control so that even though that user is a valid user in that directory, but if they are not granted access to that applications then we want to block them. 0:12:36.390 --> 0:12:41.130 Jasmine Tang And so for example, I didn't have an Ideagen directory, right? 0:12:41.170 --> 0:12:47.580 Jasmine Tang So every Ideagen staff can log in will be successful, but then may not be. 0:12:47.650 --> 0:12:56.850 Jasmine Tang All the user can access to that particular application so that like additional filtering to control the the the users of yeah. 0:12:56.860 --> 0:13:6.560 Jasmine Tang For example, I say IT service product we should not, we should not be authenticated to access although we are a valid uh user and the Ideagen directory. 0:13:6.970 --> 0:13:9.450 Jasmine Tang So there is the thing that we want. 0:13:9.460 --> 0:13:14.220 Jasmine Tang We is the work around that we have to implement in our zero because this is how it works. 0:13:14.570 --> 0:13:21.800 Jasmine Tang So what we do is we we create the user that we want the external user to allow in a separate database. 0:13:21.930 --> 0:13:28.820 Jasmine Tang Then in all zero will implement it so that we check that this user is exists, although they can authenticate successful. 0:13:28.930 --> 0:13:33.110 Jasmine Tang But if they are not exist right then we will reject their authentication OK. 0:13:35.660 --> 0:13:36.150 Jasmine Tang List. 0:13:36.190 --> 0:13:37.670 Jasmine Tang Let's say like me does. 0:13:37.680 --> 0:13:38.10 Jasmine Tang Alright. 0:13:39.190 --> 0:13:40.590 Jasmine Tang They could also, but at least. 0:13:40.940 --> 0:13:42.680 Jasmine Tang Uh, yeah, yeah, yeah, quite close. 0:13:43.700 --> 0:13:45.70 Jasmine Tang Yeah, cognito also like that. 0:13:45.120 --> 0:13:49.80 Jasmine Tang Once you authenticate successfully, it just although at you into the. 0:13:49.260 --> 0:13:54.630 Jasmine Tang Is there any difference between the native or zero and one that Federated 1 Federated? 0:13:54.640 --> 0:13:57.300 Jasmine Tang We also have to do that only Federated. 0:13:57.310 --> 0:13:58.970 Jasmine Tang We need to do this the native one. 0:13:58.980 --> 0:14:0.150 Jasmine Tang We can pre create. 0:14:0.740 --> 0:14:1.910 Jasmine Tang OK. OK. 0:14:2.270 --> 0:14:3.330 Jasmine Tang OK, I think it makes sense. 0:14:3.340 --> 0:14:6.530 Jasmine Tang The sometimes we sell the vacation to be organization. 0:14:6.700 --> 0:14:9.250 Jasmine Tang They just want to have maybe one the people to use. 0:14:9.660 --> 0:14:14.100 Jasmine Tang That's why they cannot allow all the people within the directory to use. 0:14:16.340 --> 0:14:17.990 Jasmine Tang Uh, regarding this right? 0:14:18.40 --> 0:14:22.510 Jasmine Tang Ohhh, when we do the estimation then I was you. 0:14:22.560 --> 0:14:33.610 Jasmine Tang I was making the assumptions that when platform, even though you have an API to do bug in port, but when you create the user in authentication service you are calling the API one by one. 0:14:37.380 --> 0:14:37.610 Eric Wong Yeah. 0:14:33.660 --> 0:14:38.20 Jasmine Tang Create user one by one and I I I see Cara. 0:14:37.620 --> 0:14:38.330 Eric Wong Yeah, correct. 0:14:38.480 --> 0:14:38.980 Eric Wong Yes, correct. 0:14:38.900 --> 0:14:39.530 Jasmine Tang Yeah. 0:14:39.620 --> 0:14:44.850 Jasmine Tang So I was making the assumption that we will not use the bulk import features for the authentication service. 0:14:45.80 --> 0:14:45.910 Jasmine Tang They say of zero. 0:14:45.920 --> 0:14:48.0 Jasmine Tang They have their own bulk import service. 0:14:50.330 --> 0:14:57.200 Jasmine Tang Like, but then recently we we saw some limitations on the rate in off 0. 0:14:57.770 --> 0:15:10.260 Jasmine Tang If we really cannot, if it really is a concern, then we might need to work on using their bulk import service, which means that you got to convert the user data into Jason format. 0:15:10.330 --> 0:15:21.80 Jasmine Tang You cannot import using CSV format, so he still unknown that I I was doing a I was in the process of testing actually the limit is quite good. 0:15:21.210 --> 0:15:22.900 Jasmine Tang It's not 50 user per minute. 0:15:22.970 --> 0:15:24.290 Jasmine Tang You you mean the Bower single? 0:15:24.300 --> 0:15:32.500 Jasmine Tang One single or I suggest we start with single first because single is slow, but at least we will be able to handle for multiple. 0:15:32.750 --> 0:15:36.530 Jasmine Tang So when we got time, we come back and then enhance to make a bad one. 0:15:37.250 --> 0:15:38.920 Jasmine Tang What was the difference with the CSV? 0:15:38.930 --> 0:15:40.230 Jasmine Tang Because Bob. 0:15:40.270 --> 0:15:55.950 Jasmine Tang Sorry, Bob and single also used USB or both support Jason single user users call their call their API passing the payload OK, but bulk import is you, uh outlook account. 0:15:57.180 --> 0:15:57.630 Jasmine Tang OK. 0:15:57.680 --> 0:15:59.200 Jasmine Tang OK, single user. 0:15:59.210 --> 0:16:0.210 Jasmine Tang You don't need a file. 0:16:0.300 --> 0:16:2.850 Jasmine Tang You just call the request and pass in the payload. 0:16:2.980 --> 0:16:8.270 Jasmine Tang So looks like single one should be a lot easier to implement. 0:16:8.280 --> 0:16:26.220 Jasmine Tang That maybe not much different opinion, but me testing voice, so I listen in platform, I listen I the CSV file, if I outlook 1000 user so how comfortable is you look through one by one and then create the user 1 by 1 right finger thread finger thread? 0:16:26.730 --> 0:16:27.770 Jasmine Tang So what I noticed the. 0:16:27.170 --> 0:16:28.160 Eric Wong Well, what? 0:16:28.330 --> 0:16:35.360 Eric Wong What happened in platform right is when we upload a file there will be a passer running to check everything is alright. 0:16:35.710 --> 0:16:43.970 Eric Wong So if everything is alright, then it will pump all this record into a a sync user table right? 0:16:44.400 --> 0:17:7.650 Eric Wong So once the pump the thing user table uh, there will be job to uh push all this data into the user table at the same time it will set some uh authentication Singh job right to actually depends on the status of each object of of each user. 0:17:7.660 --> 0:17:13.810 Eric Wong So if it will, it will do the job will do like a uh, in double loop, right? 0:17:13.820 --> 0:17:18.110 Eric Wong So it will pick up whatever under certain certain status. 0:17:18.120 --> 0:17:35.210 Eric Wong So once, once you pick out, let's say there's a, if I'm not mistaken, if I remember correctly, if there's 100 user then it will just use the 100 user and just loop it through and yeah call the payload, create a payload and call the keycode keycode API and just yeah, just populate into Kiko. 0:17:36.310 --> 0:17:37.680 Eric Wong That's how it works currently. 0:17:36.470 --> 0:17:40.740 Jasmine Tang Anything it is done using a single thread, right? 0:17:41.640 --> 0:17:42.30 Jasmine Tang They missed. 0:17:41.860 --> 0:17:45.970 Eric Wong Uh, I'm not sure I need to check back the code. 0:17:46.400 --> 0:17:47.990 Eric Wong Possibly yes. 0:17:49.730 --> 0:17:49.930 Jasmine Tang Yeah. 0:17:55.710 --> 0:17:55.910 Eric Wong Umm. 0:17:49.940 --> 0:17:59.620 Jasmine Tang So for all zero I I checked this now single thread right is the rate is like P3 cost per second. 0:18:0.540 --> 0:18:10.150 Jasmine Tang So if they say we are targeting to onboard 10,000 user, 20,000 user and the rate is 3/3 cores per second for a for one thread. 0:18:10.540 --> 0:18:10.750 Eric Wong Mm-hmm. 0:18:10.560 --> 0:18:13.160 Jasmine Tang If that is not acceptable, then we still have to do the bulk importer. 0:18:15.30 --> 0:18:15.810 Jasmine Tang I don't know. Like. 0:18:15.200 --> 0:18:22.310 Eric Wong Right, I think I think the last round we populated data I can't remember CK is there right for performance testing. 0:18:22.400 --> 0:18:23.40 Eric Wong I think it takes. 0:18:25.310 --> 0:18:26.470 Eric Wong At all one day I remember. 0:18:38.510 --> 0:18:38.720 Eric Wong Umm. 0:18:24.900 --> 0:18:39.790 Jasmine Tang No, but the the concern raised by being Ping is that there's a rate being made being set in the Office 0 whereby the the the key right can accept as many as possible right. 0:18:40.960 --> 0:18:43.830 Jasmine Tang The other zero days and we made, but there's only made the. 0:18:43.880 --> 0:18:49.760 Jasmine Tang Eight, he said it can burst up to 15 per seconds, but that one I I checked that it's provider. 0:18:49.770 --> 0:18:50.720 Jasmine Tang You have multiple thread. 0:18:51.590 --> 0:18:55.380 Jasmine Tang If you only have one thread running right then it's like 3 per seconds only. 0:18:55.970 --> 0:19:0.460 Jasmine Tang Ohh I see due to the latency I don't know because I was using Australia region. 0:19:0.790 --> 0:19:12.410 Jasmine Tang It's not too far, so I'm not using US, so they even limit limit the number of request per thread, not minutes or seconds. 0:19:12.420 --> 0:19:15.100 Jasmine Tang No, they don't limit that, but I was using J meter to test right. 0:19:15.110 --> 0:19:24.630 Jasmine Tang So I notice that if you have many requests coming concurrent, yeah, then the but the uh, the room will be higher. 0:19:24.640 --> 0:19:25.330 Jasmine Tang It would be high. 0:19:25.340 --> 0:19:25.790 Jasmine Tang I see you. 0:19:25.800 --> 0:19:26.580 Jasmine Tang Are you the only one? 0:19:26.590 --> 0:19:36.810 Jasmine Tang I didn't like it because every call so they there's I I would say that single thread should be fine as long as we handle the retrial. 0:19:37.100 --> 0:19:43.930 Jasmine Tang Let's say we are hitting a AI respond of, let's say limit. Rich. 0:19:44.260 --> 0:19:44.850 Jasmine Tang We try. 0:19:44.920 --> 0:19:55.700 Jasmine Tang So we just retry that and it it will it will, it will be longer, but at least this can be implemented first, then only we implement the multi thread. 0:19:55.960 --> 0:19:59.170 Jasmine Tang That will be a another step up the the red limit. 0:19:59.180 --> 0:20:4.410 Jasmine Tang I think with the three, three second three requests per second is is it doesn't hit their limits. 0:20:4.650 --> 0:20:5.790 Jasmine Tang Yeah, it does. 0:20:5.860 --> 0:20:10.40 Jasmine Tang Hey, can we accept and say we need to on what 10,000 user right? 0:20:10.50 --> 0:20:12.0 Jasmine Tang Then it's going to take long time. 0:20:12.10 --> 0:20:12.800 Jasmine Tang Very long. Yes. 0:20:13.30 --> 0:20:13.570 Jasmine Tang No one. 0:20:13.750 --> 0:20:16.960 Jasmine Tang All in that correct threes 3 per second time. 0:20:16.970 --> 0:20:30.420 Jasmine Tang 61 minute can 180 * 60 minute and one hour I think I think looks OK now if I think I feel like we should start single first and then worry about the about the the the bad one later. 0:20:30.490 --> 0:20:32.480 Jasmine Tang Yeah, as long as we have to retry that. 0:20:32.850 --> 0:20:40.770 Jasmine Tang Yeah, you can't really calculate on ourself on the on the red, but at least you have. 0:20:40.780 --> 0:20:41.260 Jasmine Tang You can. 0:20:41.550 --> 0:21:1.550 Jasmine Tang You can see it as a as a non fatal there are error response and then you can just do a retry but but take note that this limit right they have like production environment and development environment so development they they they have limits of lower limit try stay away you got the failure. 0:21:1.860 --> 0:21:9.870 Jasmine Tang So when we do development, I don't know whether we are going to use a production one or development or development and you mean testing? 0:21:10.340 --> 0:21:11.630 Jasmine Tang Yeah, we have a development now. 0:21:12.100 --> 0:21:16.30 Jasmine Tang We need a separate that we need a separate the cow or development. 0:21:16.400 --> 0:21:23.250 Jasmine Tang Yeah, separate account for development, but they still have the option to choose whether you want to go for development productions or staging. 0:21:23.400 --> 0:21:27.610 Jasmine Tang I don't know whether they will be any change difference in terms of charges or not. OK. 0:21:27.620 --> 0:21:34.860 Jasmine Tang But we want to ask them, but I would prefer a clear color between production and deep development. 0:21:34.870 --> 0:21:37.930 Jasmine Tang That one is OK, the one as long as you use different account. 0:21:38.60 --> 0:21:44.160 Jasmine Tang OK, but under the same account, should we use development or should we use production type? 0:21:44.170 --> 0:21:45.240 Jasmine Tang They have different types. 0:21:45.310 --> 0:21:45.750 Jasmine Tang OK. 0:21:45.790 --> 0:21:47.580 Jasmine Tang Maybe maybe dilemma wise. 0:21:47.670 --> 0:21:58.620 Jasmine Tang Sometimes it's good to have this kind of instant within their their their design, so features testing on this thing we can use development, our staging and release and develop. 0:21:58.630 --> 0:21:59.920 Jasmine Tang We can stick to production one. 0:21:59.960 --> 0:22:8.20 Jasmine Tang I mean for our, then then then we can something goes wrong then we can it because when we update some value then then equal problematic or already. 0:22:8.80 --> 0:22:13.980 Jasmine Tang So from our point of view, the develop just like a production for us, yeah, I understand. 0:22:13.990 --> 0:22:21.400 Jasmine Tang But what I want to raise now is so that we are aware that that during the development right you see this error. 0:22:21.410 --> 0:22:24.660 Jasmine Tang It doesn't mean when you switch to the production you are seeing the same error. 0:22:25.230 --> 0:22:31.810 Jasmine Tang Because it apply different rate limit to different types of environment, that OK OK could do not good. 0:22:31.820 --> 0:22:36.550 Jasmine Tang So if you if you see this and then if you can, then we switch to the production and test it out. 0:22:37.210 --> 0:22:46.610 Jasmine Tang You will see that the limit so often once once we have a clearer a situation, we can order people who involved in this project we can decide on how we want to. 0:22:47.720 --> 0:22:49.790 Jasmine Tang Ohh I have the same issue. 0:22:49.800 --> 0:22:50.970 Jasmine Tang How we gonna manage that? 0:22:51.140 --> 0:22:54.370 Jasmine Tang And then we also need to be make people aware. 0:22:54.520 --> 0:22:56.720 Jasmine Tang You certain certain different type of different? 0:22:59.990 --> 0:23:0.210 Eric Wong Right. 0:23:0.220 --> 0:23:0.420 Eric Wong Yeah. 0:23:0.650 --> 0:23:1.840 Eric Wong Can you run through? 0:23:1.970 --> 0:23:9.780 Eric Wong Run us through on the roughly step by step on how how the Dynamo DB part, the safe external user come in place. 0:23:10.10 --> 0:23:11.30 Eric Wong What was the expectation? 0:23:15.630 --> 0:23:15.820 Eric Wong Umm. 0:23:12.300 --> 0:23:23.730 Jasmine Tang Uh, when you import a user right in the API, I noticed that in platform service the CSV file you have a flag to to say this is an internal external user MRI. 0:23:23.530 --> 0:23:24.520 Eric Wong Uh, yes, correct. Yes. 0:23:24.530 --> 0:23:25.330 Eric Wong Yes. Umm. 0:23:31.930 --> 0:23:32.140 Eric Wong Mm-hmm. 0:23:25.350 --> 0:23:38.970 Jasmine Tang So when you look through what it means for the external user, instead of calling the API to create the user calling the Office API to create the user for external user, you don't call but you add that entry into the Dynamodb. 0:23:41.40 --> 0:23:41.270 Eric Wong Right. 0:23:41.280 --> 0:23:41.710 Eric Wong So we should. 0:23:41.720 --> 0:23:42.410 Eric Wong I don't know DB. 0:23:44.170 --> 0:23:44.390 Jasmine Tang Will you? 0:23:42.420 --> 0:23:47.560 Eric Wong This is it, our own Dynamo DB or all zero Dynamo DB or yeah. 0:23:50.560 --> 0:23:50.800 Eric Wong OK. 0:23:48.760 --> 0:24:4.820 Jasmine Tang I will, under the more baby three we we should be having a separate authentication service that is in the Excel sheet after the platform so that authentication service should create a Dynamodb eventually when we're using the formula. 0:24:4.830 --> 0:24:6.840 Jasmine Tang So the telephone will create Dynamodb. 0:24:9.10 --> 0:24:9.600 Eric Wong Right. 0:24:10.420 --> 0:24:10.760 Jasmine Tang So far. 0:24:10.10 --> 0:24:17.910 Eric Wong So mean to say moving forward when we want to authenticate a user, it will go through the authentication service instead of directly to all zero. 0:24:20.110 --> 0:24:22.260 Jasmine Tang No, no, no, it's it's directly to the audio. 0:24:22.270 --> 0:24:29.800 Jasmine Tang The authentication service is to do a building, set up the off 0 setting because off 0 we need customization also. 0:24:30.290 --> 0:24:30.530 Eric Wong Umm. 0:24:33.690 --> 0:24:33.910 Eric Wong Mm-hmm. 0:24:30.90 --> 0:24:35.440 Jasmine Tang So the authentication service will do all those customizations and then pass the. 0:24:35.870 --> 0:24:46.40 Jasmine Tang And we need to stream the user authentication event to change log so the authentication service will do those kind of things are. 0:24:47.730 --> 0:24:48.0 Eric Wong Right. 0:24:48.10 --> 0:24:50.150 Eric Wong So OK, correct me if I'm wrong. 0:24:50.160 --> 0:24:52.940 Eric Wong So it sounds like authentication service is only used for external user. 0:24:56.100 --> 0:24:56.760 Eric Wong Is that how it goes? 0:24:56.10 --> 0:24:58.520 Jasmine Tang And no, uh, that's making. 0:24:58.530 --> 0:24:59.230 Jasmine Tang Scroll down please. 0:25:0.490 --> 0:25:4.80 Jasmine Tang Little authentic the auth service here like this. 0:25:6.30 --> 0:25:6.220 Eric Wong Mm-hmm. 0:25:4.90 --> 0:25:11.850 Jasmine Tang This this chunk right is to prepare the of 0 so that we can start using it. 0:25:13.700 --> 0:25:13.980 Eric Wong OK. 0:25:15.420 --> 0:25:20.540 Jasmine Tang So for example, if you see with the action. 0:25:23.830 --> 0:25:25.300 Jasmine Tang A line #20, right? 0:25:25.630 --> 0:25:28.600 Jasmine Tang 20 we will have a node JS for action for example. 0:25:29.300 --> 0:25:29.500 Eric Wong Mm-hmm. 0:25:29.580 --> 0:25:36.240 Jasmine Tang So what we need to do is we need to customize off 0 so that we get the user journey that we want. 0:25:37.270 --> 0:25:37.610 Eric Wong OK. 0:25:36.800 --> 0:25:41.850 Jasmine Tang For example, when user log in for the first time, we want them to do the consent. 0:25:47.860 --> 0:25:48.110 Eric Wong OK. 0:25:41.910 --> 0:25:50.60 Jasmine Tang We want them to do the reset password, so all zero doesn't come default with all these features, so we need to use to customize it. 0:25:51.40 --> 0:25:58.790 Jasmine Tang So the authentication service is to make those customizations available when we set up a new new new account in Outlook. 0:26:1.200 --> 0:26:2.10 Eric Wong Right, right. 0:26:3.160 --> 0:26:3.590 Eric Wong OK. 0:26:3.660 --> 0:26:8.130 Eric Wong Because OK, like like now when we do, uh, when the user log in right? 0:26:8.600 --> 0:26:19.530 Eric Wong I think we directly he think key code in the sense that the the particular uh realm URL to actually check if this user have a session. 0:26:19.540 --> 0:26:30.860 Eric Wong If not, then key code itself will actually prompt the login screen so the login screen is never on platform or on our spa, but a lot of people thought it's on the platform and spa, but it's actually from the key code. 0:26:31.60 --> 0:26:43.250 Eric Wong So in this sense, I can, I say moving forward with off 0, this particular journey will actually just hitting a the odd service and off service will do the rest dealing with all of 0. 0:26:44.300 --> 0:26:44.530 Jasmine Tang No. 0:26:44.540 --> 0:26:47.240 Jasmine Tang Uh, the off 0 will still do whatever keycode is doing. 0:26:48.90 --> 0:26:49.160 Eric Wong OK, OK. 0:26:49.310 --> 0:26:50.310 Eric Wong So you just OK. 0:26:51.250 --> 0:26:51.680 Eric Wong Sorry, go ahead. 0:27:1.350 --> 0:27:1.590 Eric Wong Umm. 0:26:49.430 --> 0:27:1.620 Jasmine Tang Of the reason just to off service is like you know, it's like when we customize on key code and then we deploy key code to to EKS something like that. 0:27:2.300 --> 0:27:7.110 Jasmine Tang So for obviously off service is to customize the off 0. 0:27:7.600 --> 0:27:16.680 Jasmine Tang So when you when user log in like you are hitting the off 0 login page of the of service itself don't have Low impatient. 0:27:18.840 --> 0:27:19.140 Eric Wong OK. 0:27:20.460 --> 0:27:24.150 Jasmine Tang But let's say uh off 0, right? 0:27:26.910 --> 0:27:27.140 Eric Wong Umm. 0:27:24.280 --> 0:27:35.260 Jasmine Tang It doesn't have a consent page, so the off service prepare a consent page so that when user log in, it got redirected to the consent page to to to give the content. 0:27:37.800 --> 0:27:44.640 Eric Wong So I mean, regardless the user when they log in, they will first thing that will always hit the off the off service first, right? 0:27:45.880 --> 0:27:47.520 Jasmine Tang Of zero hit directly. 0:27:47.40 --> 0:27:47.730 Eric Wong Of zero first. 0:27:49.960 --> 0:27:50.340 Eric Wong OK. 0:27:50.350 --> 0:27:55.280 Eric Wong And then from there you will talk to the off service to have the consent patients so on so forth. 0:27:57.250 --> 0:27:57.500 Jasmine Tang Uh. 0:27:55.290 --> 0:27:58.700 Eric Wong Is it this I'm trying to understand the user journey. 0:28:8.680 --> 0:28:9.80 Eric Wong Umm. 0:27:59.980 --> 0:28:12.890 Jasmine Tang I think I think I probably, I said knowledge sharing sessions are with the team on how off 0 works are and compared to keyboard we have a diagrams how the workflow move we teach. 0:28:12.900 --> 0:28:13.210 Jasmine Tang Maybe. 0:28:13.220 --> 0:28:14.90 Jasmine Tang Maybe we need one. 0:28:14.100 --> 0:28:19.350 Jasmine Tang So then people see that and sessions go through together with audio and Heimdall. 0:28:19.360 --> 0:28:21.260 Jasmine Tang So then and. 0:28:22.180 --> 0:28:27.290 Eric Wong Yeah, that, that, that would be that would be great actually, yeah, because I'm I'm trying to compare it with what we have at the moment. 0:28:27.560 --> 0:28:29.630 Eric Wong So that's that's the confusion here. 0:28:29.780 --> 0:28:37.330 Eric Wong And plus second thing is when you talk about putting Dynamo DB and then need to authenticate, so if it's not in all zero. 0:28:37.340 --> 0:28:45.330 Eric Wong So that's the reason I also want to find out that if it's not in off 0, what kind of authentication mechanism are we talking about to authenticate external user? 0:28:45.660 --> 0:28:48.490 Eric Wong Like is it through the external IDP first or how? 0:28:48.620 --> 0:28:49.520 Eric Wong Does that work? 0:28:49.530 --> 0:28:51.880 Eric Wong You know, before you pump into off zero, yeah. 0:28:52.850 --> 0:28:55.520 Jasmine Tang I think it will be easier that I carry out the sessions. 0:28:56.260 --> 0:28:56.930 Eric Wong Hmm, OK. 0:28:56.910 --> 0:28:58.120 Jasmine Tang I feel like, yeah. 0:28:58.870 --> 0:28:59.530 Eric Wong Alright, thanks. 0:29:1.530 --> 0:29:10.760 Jasmine Tang Ignore the external user with you used the dynamic panel TV or you can have alternative to use the the base connection. 0:29:10.810 --> 0:29:11.640 Jasmine Tang Ohh sorry sorry. 0:29:14.200 --> 0:29:15.670 Jasmine Tang Yeah, sorry. 0:29:15.720 --> 0:29:16.350 Jasmine Tang Ohh yeah, yeah yeah. 0:29:16.360 --> 0:29:16.600 Jasmine Tang Thanks. 0:29:17.290 --> 0:29:28.800 Jasmine Tang That number did was for the committal for all zero is, yeah, we are using back there that they are database but they have their own database connection. 0:29:29.310 --> 0:29:34.960 Jasmine Tang But then we cannot be storing the local user and the external user to the same database. 0:29:34.970 --> 0:29:42.190 Jasmine Tang We are using their data one separate database to solve the external user, but not not anybody be able. 0:29:42.200 --> 0:29:42.840 Jasmine Tang Should we call it? 0:29:42.850 --> 0:29:47.610 Jasmine Tang Just popped through database I the link is something that we can define. 0:29:47.620 --> 0:29:49.970 Jasmine Tang So I just called the OHS, so we did a visa. 0:29:51.340 --> 0:29:59.610 Jasmine Tang OK, what else for I said, this is the what's the worst thing that it's for external user like user. OK. 0:30:1.360 --> 0:30:1.600 Jasmine Tang OK. 0:30:3.870 --> 0:30:4.180 Jasmine Tang Thank you. 0:30:4.400 --> 0:30:6.90 Jasmine Tang And doing it so fast. 0:30:6.600 --> 0:30:7.650 Jasmine Tang Don't do anything. 0:30:7.660 --> 0:30:10.870 Jasmine Tang OK, I just my eyes cannot catch up. 0:30:13.880 --> 0:30:20.650 Jasmine Tang I think we need to add 1 more column here and we be or not so we can let people the prioritize nicely done. 0:30:21.60 --> 0:30:21.470 Jasmine Tang OK. 0:30:21.660 --> 0:30:24.220 Jasmine Tang So OK it is. 0:30:26.40 --> 0:30:26.650 Jasmine Tang I've seen it. 0:30:26.660 --> 0:30:28.540 Jasmine Tang Yeah, this is the off 0 connection, right? 0:30:28.620 --> 0:30:31.110 Jasmine Tang They have their own user DB, right? 0:30:31.160 --> 0:30:33.120 Jasmine Tang And they manage it themselves. 0:30:33.130 --> 0:30:34.470 Jasmine Tang We don't know how they manage it. 0:30:34.680 --> 0:30:36.810 Jasmine Tang User DB like their own user did their own user. 0:30:36.970 --> 0:30:40.630 Jasmine Tang Let's call 0 user, but we can create many user DB. 0:30:40.860 --> 0:30:49.970 Jasmine Tang Yeah, we can define and then send send as a connection like to tell the off 0 to use that connection so. 0:30:52.400 --> 0:30:52.960 Jasmine Tang We don't need to. 0:30:53.290 --> 0:31:1.380 Jasmine Tang Many already talked to the DB, so it's just yeah, it's just a matter of tell the of 0 to use that connection. 0:31:1.590 --> 0:31:1.880 Jasmine Tang There's. 0:31:1.890 --> 0:31:5.690 Jasmine Tang So where do we saw the flat for those concerns? 0:31:5.700 --> 0:31:10.0 Jasmine Tang Thing is, it also in the user DB is a users meta data. 0:31:10.50 --> 0:31:12.370 Jasmine Tang OK, so every user will have meta data. 0:31:14.590 --> 0:31:15.820 Jasmine Tang Little Sin. 0:31:17.740 --> 0:31:22.110 Jasmine Tang OK, so extends to this particular scope. 0:31:22.120 --> 0:31:28.840 Jasmine Tang I think that's a have the section first between the keycloak and there's all zero. 0:31:30.460 --> 0:31:32.170 Jasmine Tang So regarding this particular. 0:31:33.650 --> 0:31:35.130 Jasmine Tang Requirement right. 0:31:35.200 --> 0:31:36.950 Jasmine Tang I think I have something to share about. 0:31:37.80 --> 0:31:38.390 Jasmine Tang Like what? 0:31:38.400 --> 0:31:45.150 Jasmine Tang I home BAU is carrying practicing right now and if we will need to change this and what is the impact of it? 0:31:45.270 --> 0:31:51.220 Jasmine Tang So right now at this moment, I think the logic is I think first thing first is we provide an option. 0:31:52.700 --> 0:31:57.630 Jasmine Tang For the user Frater or the service team to block the lift. 0:31:58.700 --> 0:32:8.940 Jasmine Tang So basically, how do they actually bug delete the user is I think whoever user that currently in system we actually have a protected field. 0:32:9.280 --> 0:32:14.240 Jasmine Tang OK, so example right now in the application system itself, I have been paying. 0:32:14.250 --> 0:32:17.930 Jasmine Tang I have just so and then I have all the team normal member. 0:32:18.0 --> 0:32:26.970 Jasmine Tang So right now my objective is to keep thing Ping and just mean in this particular application, but the rest of the people I would like to remove it so the. 0:32:28.470 --> 0:32:34.310 Jasmine Tang Procedure will be we need to set the protected field for pimping and need to be true first. 0:32:34.610 --> 0:32:40.920 Jasmine Tang There is a UI that we can set that and then in the import we also have the function to set that as well, right? 0:32:41.90 --> 0:32:47.960 Jasmine Tang So once this is done, then the user administrator or the service derating they can just import the empty file. 0:32:48.490 --> 0:32:54.900 Jasmine Tang So all the Members that without protected it set it will be bug delete. 0:32:55.400 --> 0:32:58.450 Jasmine Tang So this is part of the feature that last time is required. 0:32:58.460 --> 0:33:1.460 Jasmine Tang So we have this particular features and also. 0:33:2.320 --> 0:33:3.220 Jasmine Tang Uh. 0:33:4.560 --> 0:33:12.790 Jasmine Tang Need to say there will always be a comparison between the user import file versus the system. 0:33:13.140 --> 0:33:19.170 Jasmine Tang So as long as the the user protected flat is being set as false, false. 0:33:19.430 --> 0:33:27.970 Jasmine Tang So the user in the system will be deleted from the system as long as it does not detect in the user import file, right? 0:33:28.400 --> 0:33:33.380 Jasmine Tang So regarding this requirement cannot delete user, they are not found in the file. 0:33:33.390 --> 0:33:35.470 Jasmine Tang Need to provide ability to update. 0:33:35.480 --> 0:33:36.540 Jasmine Tang Some ideas that go around? 0:33:36.840 --> 0:33:37.730 Jasmine Tang Yeah. Right. 0:33:38.390 --> 0:33:39.430 Jasmine Tang Umm. 0:33:39.730 --> 0:34:5.880 Jasmine Tang Then we need to see, I think, because the whole process for this right is more or molding new user when you wanted to delete something we shouldn't use the Excel spreadsheet to do something like maybe that should have a function in the iPhone to select those user one to delete and then just leave retinal at this moment if you want to delete from the table itself, I think you need you only can go to buy 1 by 1 manually. 0:34:6.150 --> 0:34:9.340 Jasmine Tang So this is for the bug delete purposes. 0:34:9.690 --> 0:34:19.250 Jasmine Tang So I think the next question is if we were to have this particular requirement, so are we also need to support in terms of bug delayed? 0:34:19.630 --> 0:34:29.500 Jasmine Tang So if we need to support our bug delete, then we need to see how this can be worked to achieve in the same goal as you need support the bug delete function as well as it also support this. 0:34:29.510 --> 0:34:34.270 Jasmine Tang But this definitely going to change the current logic already, as in the protected field. 0:34:34.680 --> 0:34:49.690 Jasmine Tang As in, how do we compare the CSV and the the user that in the application itself the protected feel right is stopped in I home database and but you don't store anything in the key corner existing. 0:34:49.860 --> 0:34:56.130 Jasmine Tang I don't think it's going to be seen the iPhone itself, so sounds like we don't need the radio because we didn't know. 0:34:56.180 --> 0:35:9.580 Jasmine Tang I think this recommended because we didn't know there's a work around with protected from ability and but in the future I think we need a ability to do bulk delete from the screen, but then I can do later that we OK yeah, but. 0:35:8.760 --> 0:35:14.830 SueAnn See Umm, so so the the main thing to consider here is that this is not a one time importer. 0:35:14.920 --> 0:35:27.710 SueAnn See Because what happened right now is that there one way of central they all right, they have this facility for clients to upload a CSV file, put it into a queue and then the next day you'll be automatically imported. 0:35:27.920 --> 0:35:31.710 SueAnn See So that means it's a ongoing onboarding process. 0:35:31.800 --> 0:35:32.930 SueAnn See It's not just one time. 0:35:34.610 --> 0:35:38.260 Jasmine Tang They can set the user to be protected, not then it doesn't need to. 0:35:38.840 --> 0:35:39.370 SueAnn See Now who? 0:35:39.380 --> 0:35:44.120 SueAnn See Who is going to stand so very dangerous if by default it's not protected? 0:35:45.980 --> 0:35:57.860 Jasmine Tang I think the tenant admin have to do that, but I I believe that we cannot cater for all the needs are if if looking at the there's a work around with that of, they're definitely content of all the production. 0:35:59.610 --> 0:36:0.390 Jasmine Tang I think so too. 0:35:59.620 --> 0:36:4.940 SueAnn See Maybe it's just set it to default as protected, right? 0:36:5.610 --> 0:36:8.730 Jasmine Tang Actually, salsa, I mean depends. 0:36:8.830 --> 0:36:41.40 Jasmine Tang Depends what the usage and it's hard to say really need to talk to those product but but that request like that right request Ideagen this one is inherited from iPhone BAU like the Qi mean, the QPC and essentially what it called QPC and also the yeah essential but then this is this particular features is in IHOME via U 2.1 we need to say the one you click so the one in production basically don't have but last time I think we have this particular requirement I can't remember I think it's from bins that have this particular requirement. 0:36:41.250 --> 0:36:41.560 Jasmine Tang Don't you? 0:36:41.570 --> 0:36:42.380 Jasmine Tang Don't one. 0:36:42.390 --> 0:36:43.160 Jasmine Tang We don't have visa. 0:36:43.270 --> 0:36:43.870 Jasmine Tang You have this as. 0:36:43.880 --> 0:36:44.820 Jasmine Tang Ohh you have. 0:36:45.610 --> 0:36:47.980 Jasmine Tang Yeah, same logic because it's inherited from iPhone. 0:36:48.100 --> 0:36:54.100 Jasmine Tang Yeah, that's like maybe need you to think a bit ohm how you want the logic to be. 0:36:55.260 --> 0:36:57.670 Jasmine Tang But I think difficult cattle for all the all the. 0:36:57.680 --> 0:36:58.260 Jasmine Tang Yeah, this one. 0:36:58.300 --> 0:37:0.460 Jasmine Tang So I can just do something that more sensible? 0:37:0.660 --> 0:37:1.110 Jasmine Tang Yep. 0:37:1.160 --> 0:37:13.230 Jasmine Tang But I think in the release mode, or even how do we actually pass the information to service delivery team is maybe we need to let them know the stack of it because right now ask is already practicing that. 0:37:13.240 --> 0:37:22.670 Jasmine Tang So you just need to when you import the user, you just need to ensure it by default you set the flag everything to yes, so all of the user is already being in the protected. 0:37:23.60 --> 0:37:33.430 Jasmine Tang Yeah, but if you look at normally how people do software when you meet import it really very importantly doesn't release thing the user. 0:37:35.550 --> 0:37:36.680 Jasmine Tang It is my my. 0:37:36.690 --> 0:37:37.20 Jasmine Tang It's OK. 0:37:37.30 --> 0:37:42.70 Jasmine Tang I think we can partner aside cause as long as there's a little round, we protect the probability. 0:37:45.280 --> 0:37:45.450 Jasmine Tang OK. 0:37:46.710 --> 0:37:53.450 Jasmine Tang Let me just, but can you create the column with MPs so so I just, yeah, yeah. 0:38:2.490 --> 0:38:5.740 Jasmine Tang OK, you can, Eric. 0:38:6.230 --> 0:38:11.350 Jasmine Tang He's highlight if you see anything missing like because my knowledge for platform also needed. 0:38:11.940 --> 0:38:15.940 Jasmine Tang So I just I just put down whatever that I can catch a lot. 0:38:16.300 --> 0:38:16.730 Eric Wong Yeah. 0:38:16.740 --> 0:38:17.30 Eric Wong Yeah. 0:38:17.80 --> 0:38:18.290 Eric Wong No, no worries about that. 0:38:18.440 --> 0:38:20.930 Eric Wong It's just that the cannot delete user part. 0:38:21.80 --> 0:38:33.560 Eric Wong I also was thinking when you guys discussed it, I was just thinking that the reason, if I'm not mistaken, the reason one of the reasons why this was uh put in is because they are still some user who prefer to do things on Excel sheet. 0:38:34.830 --> 0:38:35.460 Eric Wong Yeah. 0:38:36.290 --> 0:38:36.620 Jasmine Tang I. 0:38:35.630 --> 0:38:42.820 Eric Wong So they just not just create new user but more like using that instead of use you I to do things in a batch. 0:38:42.830 --> 0:38:44.200 Eric Wong They wanna do things in the batch, yeah. 0:38:50.530 --> 0:38:50.770 Eric Wong Mm-hmm. 0:38:45.580 --> 0:38:54.810 Jasmine Tang For this dinner is more like the features in platform with the allowed or not allowed can or cannot do so much on whether the authentication service support or not support. 0:38:55.630 --> 0:38:56.170 Eric Wong Hmm, OK. 0:38:55.480 --> 0:38:57.90 Jasmine Tang You know, because you didn't delete things. 0:38:59.940 --> 0:39:0.230 Eric Wong Right. 0:39:7.990 --> 0:39:8.290 Eric Wong Right. 0:38:57.100 --> 0:39:8.610 Jasmine Tang Just call the API to delete the user key code obviously for the so I think this one has nothing to do with the based off 0 optical Python service itself. 0:39:10.340 --> 0:39:14.230 Eric Wong Just out of curiosity, where do they point cannot delete user that are not found in file come from? 0:39:17.80 --> 0:39:19.0 Jasmine Tang But OK, not either by Mia did it. 0:39:20.60 --> 0:39:20.650 Eric Wong I don't know who. 0:39:21.30 --> 0:39:24.270 SueAnn See No, because it it is. 0:39:20.100 --> 0:39:24.970 Jasmine Tang You bringing only me as well because I think that. 0:39:24.280 --> 0:39:27.680 SueAnn See Uh, because the product has the requirement. 0:39:27.950 --> 0:39:38.430 SueAnn See Currently they have this facility where client can just upload a file and it will be automatically process so nobody is going to go into the system and you'll set protected. 0:39:39.440 --> 0:39:42.440 SueAnn See So it's a change of the operational workflow. 0:39:42.680 --> 0:39:56.220 SueAnn See So if let's say we say for MVP, we're not gonna make any changes to our system, some wanted to go and communicate all these steps to all the respective products that we are integrating and make sure that they are OK and agreeable with all these steps. 0:39:58.440 --> 0:39:58.640 Eric Wong OK. 0:40:0.900 --> 0:40:5.630 Jasmine Tang And then I did this thing we thought has a parking 1st and then that key to do it. 0:40:5.640 --> 0:40:8.350 Jasmine Tang So the rest of it looks like quite solid. 0:40:18.550 --> 0:40:24.510 Jasmine Tang So I will be the similar concept and thing is just that this is more on the. 0:40:26.770 --> 0:40:27.40 Jasmine Tang Singh. 0:40:27.190 --> 0:40:27.820 Jasmine Tang User right? 0:40:27.830 --> 0:40:29.160 Jasmine Tang So yeah, OK. 0:40:29.210 --> 0:40:34.690 Jasmine Tang It's about important and creating the user handling now, so it's two different or different. 0:40:34.700 --> 0:40:35.300 Jasmine Tang OK, alright. 0:40:35.310 --> 0:40:38.520 Jasmine Tang So if you if you choose to go for single user first then we don't. 0:40:39.890 --> 0:40:41.840 Jasmine Tang We can ignore about import the shop. 0:40:43.200 --> 0:40:52.230 Jasmine Tang I think for about import we put estimation not available first love but we we work on the single user first but just OK sign out when we put down. 0:40:52.240 --> 0:40:57.750 Jasmine Tang Here I we're talking about the bulk import for the obvious zero itself, not platform. 0:40:59.350 --> 0:41:2.240 Jasmine Tang Platform you can support bug import, but you can call in. 0:41:2.510 --> 0:41:7.810 Jasmine Tang Ohh yeah, you mean the the the platform called the zero, the one by one. 0:41:7.940 --> 0:41:12.290 Jasmine Tang OK, I think it make me kill it clear bit this decide. 0:41:12.590 --> 0:41:19.810 Jasmine Tang Originally this list all zero, no additional features about if the if the if it because I was thinking of three. 0:41:19.820 --> 0:41:26.920 Jasmine Tang If you can support single user then the so just call the loop and call the single yes look. 0:41:26.930 --> 0:41:29.670 Jasmine Tang Then she currently platform in in the right. 0:41:29.760 --> 0:41:34.130 Jasmine Tang That means we are the important CSV, then we don't need to change so many in the background. 0:41:34.140 --> 0:41:34.920 Jasmine Tang You are calling keycloak. 0:41:36.820 --> 0:41:37.680 Jasmine Tang Thank great. 0:41:37.690 --> 0:41:40.110 Jasmine Tang User one by one one by one, right? 0:41:40.300 --> 0:41:40.810 Jasmine Tang So. 0:41:40.880 --> 0:41:48.830 Jasmine Tang So in that case we are using the create single user features are but because all zero you can also do a bulk import. 0:41:49.100 --> 0:41:50.80 Jasmine Tang Yeah, so. 0:41:52.870 --> 0:41:54.960 Jasmine Tang But you would thought you bought us all this. 0:41:55.10 --> 0:42:10.0 Jasmine Tang Is is it just to just to populate the data in the database on our database and then the the end there's a back end background Provisioner will pick up, pick up the data yeah and it will just sync with keycloak one by one. 0:42:10.50 --> 0:42:13.500 Jasmine Tang In this case it will be off 01 by 1. Yeah. 0:42:13.510 --> 0:42:14.200 Jasmine Tang Yeah. 0:42:14.530 --> 0:42:20.280 Jasmine Tang So so when we talk about this one right, not really referring to the platform service before. 0:42:21.30 --> 0:42:31.70 Jasmine Tang So when you say this is actually not one by one, but it's more like a parallel real but from platform like you can also pass one file to all zero. 0:42:31.120 --> 0:42:35.440 Jasmine Tang OK, let me create all the user as an OX0 features. 0:42:35.450 --> 0:42:41.160 Jasmine Tang There's an audio features take OK if you want to leave then that's. 0:42:41.170 --> 0:42:42.770 Jasmine Tang I think that just hold on. 0:42:45.20 --> 0:42:50.660 Jasmine Tang Having a real body and the that's the that's just for girls single user. 0:42:50.670 --> 0:42:56.700 Jasmine Tang Since the limit looks like not not like totally very very very low limit. 0:42:56.750 --> 0:42:57.460 Jasmine Tang OK. 0:42:57.510 --> 0:42:57.610 Jasmine Tang Yeah. 0:42:58.450 --> 0:43:0.420 Jasmine Tang So this is like uh, if compared to keycloak. 0:43:0.430 --> 0:43:4.640 Jasmine Tang This like a sharp features that that they already have it embedded that we can use it. 0:43:4.710 --> 0:43:9.200 Jasmine Tang But I think people will have to read massage your CSV because it cannot accept CSV. 0:43:9.710 --> 0:43:14.450 Jasmine Tang True, that means you got to accept your CSV. 0:43:14.460 --> 0:43:19.430 Jasmine Tang Then you reconstruct a Jason because they can't even be different format, right? 0:43:19.480 --> 0:43:27.940 Jasmine Tang Even format you don't don't even have that, so the bug import here is means of 0 features, not platform service. 0:43:28.790 --> 0:43:30.700 Jasmine Tang But if we testing need to test all. 0:43:30.710 --> 0:43:39.510 Jasmine Tang So after you've done the single user then need to make sure the import the platform import still can work. 0:43:41.690 --> 0:43:45.950 Jasmine Tang Then we need to test that because I I believe it's called calling in the end, calling the same call. 0:43:46.980 --> 0:43:47.370 Jasmine Tang So. 0:43:47.380 --> 0:43:55.610 Jasmine Tang So there's been two things out we need to support the app user add single user into all zero need to convert the CCSU CSV format to Jason. 0:43:56.630 --> 0:44:9.440 Jasmine Tang After that we all the implementation in the all the form, all zero at the top that I think that should worry but the the 1st and but import is not an NPR right? 0:44:10.410 --> 0:44:11.610 Jasmine Tang Then I heard is not right. 0:44:12.400 --> 0:44:15.110 Jasmine Tang I think like we can buy something because we do the same thing. 0:44:15.300 --> 0:44:21.540 Jasmine Tang We doing the same thing with the most high scalable way we we can come back and do that later when we settle all the. 0:44:21.550 --> 0:44:31.90 Jasmine Tang That's why better have a column where MVP and market 1st it's, but it's not part of MVP is not using all 0SMP or there's no feature for but upload for. 0:44:31.910 --> 0:44:34.160 Jasmine Tang It's not outlook in headphones still valid. 0:44:34.850 --> 0:44:39.390 Jasmine Tang You're able to see what is behind that, but important. 0:44:39.510 --> 0:44:41.880 Jasmine Tang They're giving you natural voices are available. 0:44:43.530 --> 0:44:43.890 Jasmine Tang So. 0:44:43.900 --> 0:44:47.270 Jasmine Tang So imagine the current import user in the platform. 0:44:47.280 --> 0:44:59.780 Jasmine Tang We still need to maintain, I mean we can maintain the CSU CSV, but in at the end when you store to you because it's in the way the same as per how we practice for people. 0:45:0.650 --> 0:45:0.940 Jasmine Tang Yeah. 0:45:1.160 --> 0:45:2.710 Jasmine Tang And we can, you know, where is it? 0:45:1.320 --> 0:45:4.570 SueAnn See But you you cannot just maintain, right? 0:45:4.580 --> 0:45:6.340 SueAnn See You have to add the custom fields also. 0:45:7.320 --> 0:45:10.720 Jasmine Tang Yeah, I understand that is a separate thing that need to think about. 0:45:11.360 --> 0:45:12.250 Jasmine Tang Yeah, I understand that. 0:45:12.400 --> 0:45:16.850 Jasmine Tang So I mean specifically on this area, just want to reconfirm that. 0:45:17.200 --> 0:45:18.580 Jasmine Tang So that's not failing. 0:45:18.590 --> 0:45:23.630 Jasmine Tang Mentioned the bug report here is specifically on the feature on the All zero itself, right? 0:45:23.720 --> 0:45:30.350 Jasmine Tang So right now I think the MVP current reset has no first, but I think we still need to proceed with this. 0:45:30.680 --> 0:45:31.590 Jasmine Tang That's that. 0:45:31.810 --> 0:45:41.300 Jasmine Tang And then the current bug import function that only by a platform still need to maintain but is in the sense of like. 0:45:41.310 --> 0:45:46.20 Jasmine Tang How do we do it for keycloak like 1 by 1 as per the API call? 0:45:46.110 --> 0:45:46.930 Jasmine Tang I mean right? 0:45:47.850 --> 0:45:57.280 Jasmine Tang I I suggest that because I some just CSV information putting at the bar import we should move it to the Group One single single serve one. 0:45:57.700 --> 0:46:6.890 Jasmine Tang So when Buu import me, believe me later no for this one it as long as we don't mix it with platform features that will be fine and you mean no? 0:46:7.200 --> 0:46:7.710 Jasmine Tang Maybe. 0:46:7.800 --> 0:46:13.730 Jasmine Tang Maybe I will kind of like separate out this one is about import for all zero and then I just separate another one. 0:46:13.740 --> 0:46:18.990 Jasmine Tang Is spot import for platform itself and then what are the scope then we can review again and see. 0:46:19.60 --> 0:46:19.950 Jasmine Tang Yes, I can. OK. 0:46:26.720 --> 0:46:27.350 Jasmine Tang Uh, sorry. 0:46:27.360 --> 0:46:28.590 Jasmine Tang So the the, the, the. 0:46:28.600 --> 0:46:30.770 Jasmine Tang Then what they should change to the bug? 0:46:30.780 --> 0:46:31.470 Jasmine Tang Zero database. 0:46:32.770 --> 0:46:33.290 Jasmine Tang Yeah. OK. 0:46:38.380 --> 0:46:39.140 Jasmine Tang 8 but. 0:46:41.660 --> 0:46:41.860 Jasmine Tang Zero. 0:46:43.420 --> 0:46:43.980 Jasmine Tang Yeah. 0:46:44.30 --> 0:46:45.370 Jasmine Tang Fox space, right? 0:46:45.380 --> 0:46:48.970 Jasmine Tang OK, they narrator, narrator window. 0:46:49.80 --> 0:46:50.50 Jasmine Tang Welcome to naric. 0:46:50.60 --> 0:46:50.550 Jasmine Tang No, no. 0:46:50.560 --> 0:46:54.600 Jasmine Tang Next to no next edit box, I thought that exiting narrator. 0:46:58.990 --> 0:47:0.390 Jasmine Tang That we use any AI tools. 0:47:1.40 --> 0:47:12.10 Jasmine Tang I don't know why sell, but notice accessibility, but that's come from where we wish and he's on my laptop. 0:47:12.20 --> 0:47:15.680 Jasmine Tang How come you got the minute ago into Jasmine that? 0:47:18.270 --> 0:47:20.900 Jasmine Tang Into Dawood for this. 0:47:25.330 --> 0:47:27.630 Jasmine Tang Uh, Yeah, play organization. 0:47:27.640 --> 0:47:30.820 Jasmine Tang This part have not to show the scope as well. 0:47:30.890 --> 0:47:35.180 Jasmine Tang This is the new this is a different features in office zero. 0:47:35.250 --> 0:47:42.920 Jasmine Tang They don't have something like Ryan in Keycloak, but there's something organizations they call organizations. 0:47:42.990 --> 0:47:46.130 Jasmine Tang So yes, he could learn to the tenant, right? 0:47:49.10 --> 0:48:1.870 Jasmine Tang Southside sounds like that laugh, but they are not, like, not everything can be controlled at all levels and so so it's still not very confirmed that whether we are going to use these features or not. 0:48:2.800 --> 0:48:6.100 Jasmine Tang Uh makes it will have involved with the discussion first. 0:48:7.90 --> 0:48:14.950 Jasmine Tang OK, if if you are not then so how how do we support between these users belongs to which tenant database connections are OK? 0:48:16.340 --> 0:48:20.140 Jasmine Tang Is there any advantage you be at the ocelot organized here? 0:48:20.150 --> 0:48:37.430 Jasmine Tang Anything we can do about, I think it can group like let's say this organization is organization, you can say which you enable which external database connection then you don't have to like do it for every single application that belongs to that tenant. 0:48:37.480 --> 0:48:40.80 Jasmine Tang Sorry, because I montage if we do that, we can. 0:48:40.140 --> 0:48:42.860 Jasmine Tang I mean the car operation maybe need to manage it. 0:48:44.200 --> 0:48:58.120 Jasmine Tang Say example are the the the sandy do want to use our software ID it is that helpful if you have this it's disabled entire organization not really not really then then why they have these features. 0:48:59.880 --> 0:49:3.370 Jasmine Tang Uh, like, complain space? 0:49:3.520 --> 0:49:5.40 Jasmine Tang They need two layer, right? 0:49:5.120 --> 0:49:10.100 Jasmine Tang They said the food for because organization to wait, who use it are that you have two options. 0:49:10.480 --> 0:49:18.690 Jasmine Tang You can say you choose the organization ID first, but then only you you look in the other way is you log in. 0:49:18.740 --> 0:49:21.310 Jasmine Tang Ohh, assigned to two organization. 0:49:21.320 --> 0:49:36.860 Jasmine Tang Then you choose you want to log into which organizations so that the combined case and is it some group of people are they are using school hospital as an example, so they might need to access to two different schools and some group of user. 0:49:36.870 --> 0:49:40.320 Jasmine Tang They can only access to one, maybe for the. 0:49:47.220 --> 0:49:48.350 Jasmine Tang And Lee, he can't. 0:49:48.360 --> 0:49:55.20 Jasmine Tang Actually, I think as people product really let's say let's say let's say about 1 user wanted to assess the two two different school. 0:49:55.180 --> 0:49:56.810 Jasmine Tang So each school is two different. 0:49:59.720 --> 0:50:6.270 Jasmine Tang Yes, we don't have a concept of like 1 user belongs to two that I'm right right now four for our use case. 0:50:6.280 --> 0:50:10.850 Jasmine Tang No, but for complaints, they seems like they need that for certain group of users. 0:50:10.900 --> 0:50:27.290 Jasmine Tang It said difficult if we don't have this and then we want to enhance later because we knew patching back to at any existing data with the tenant that we need to push it back then in the organization level you are just enabling which conditions, OK, I think we should do that. 0:50:29.280 --> 0:50:35.630 Jasmine Tang But you will override and let's say you you enable that then the same thing and application level will be overwritten. 0:50:35.920 --> 0:50:36.420 Jasmine Tang OK. 0:50:36.490 --> 0:50:37.80 Jasmine Tang But it's good to know. 0:50:45.550 --> 0:50:51.410 Jasmine Tang So the create organizations like Infinite then will be against just called one API. 0:50:53.420 --> 0:50:57.350 Jasmine Tang Wiki and then assign the data connection to the. 0:50:57.960 --> 0:50:59.770 Jasmine Tang Let let let's say cloud operation. 0:50:59.780 --> 0:51:9.880 Jasmine Tang They want to maintain the the things that be a lot easier if they have organization type in user so they can fill the organization or something that give you sample. 0:51:9.890 --> 0:51:10.600 Jasmine Tang I think we should do it. 0:51:11.370 --> 0:51:12.530 Jasmine Tang If it's not, then then only. 0:51:16.900 --> 0:51:17.820 Jasmine Tang Then I think we leave it. 0:51:17.830 --> 0:51:18.250 Jasmine Tang Leave it. 0:51:18.260 --> 0:51:19.600 Jasmine Tang Leave it there for no, for now. 0:51:22.570 --> 0:51:34.600 Jasmine Tang No, I think anything on 1st, I mean not only do do we love you the way unless something we need love because I know there's a good features there but but it doesn't look like we need there. 0:51:37.270 --> 0:51:39.470 Jasmine Tang It's any specific reason you proposed this? 0:51:40.880 --> 0:51:45.870 Jasmine Tang I propose that the music, because complaints they say they are, you worry about the scenario. 0:51:45.880 --> 0:51:49.880 Jasmine Tang Access to view their recording, we decided to evaluate on the features. 0:51:50.480 --> 0:51:55.560 Jasmine Tang I think we first first combined, so you also another question. 0:51:55.640 --> 0:51:57.380 Jasmine Tang So you might not know E no. 0:51:57.390 --> 0:52:2.840 Jasmine Tang If you look at the, there's a few more questions, but understand how much it is that very complicated. 0:52:2.850 --> 0:52:13.720 Jasmine Tang If you do like the they they feel to be some, because if we roll out to the 1000 organization really 1010 and then after that we don't have, then we need to patch it back. 0:52:13.970 --> 0:52:15.160 Jasmine Tang So that's why I ask all this. 0:52:14.650 --> 0:52:20.870 SueAnn See But actually we don't know whether Devon way of Central Place, where you have this scenario, we don't know. 0:52:23.860 --> 0:52:29.250 Jasmine Tang Uh PC view build headphone set of 1. 0:52:29.260 --> 0:52:44.90 Jasmine Tang User accessing multiple of them but they have different authentication provider, so that's mean the same user can log into different, so there's one for that. 0:52:44.100 --> 0:52:48.820 Jasmine Tang I can have multiple multiple SSO, so I can still OK you want me there? 0:52:48.830 --> 0:52:49.120 Jasmine Tang I don't know. 0:52:57.240 --> 0:53:1.230 Jasmine Tang After the discussion with you have any clearer nomination? 0:53:1.240 --> 0:53:3.600 Jasmine Tang I will update you guys have better to use this one. 0:53:6.590 --> 0:53:8.110 Jasmine Tang So now it's like crap. 0:53:10.710 --> 0:53:15.90 Jasmine Tang The global world #9 there are different way of handling the database. 0:53:15.150 --> 0:53:20.930 Jasmine Tang So it's either we put everything under one database or one customer one database is so also something haven't decided. 0:53:21.950 --> 0:53:32.640 Jasmine Tang So if they say the direction is all customer sharing one database, then the UI item number 9 will no longer need the impression you will move to the offer visa. 0:53:33.620 --> 0:53:40.40 Jasmine Tang OK, even if yes, shouldn't be this this job done by the teams. 0:53:41.110 --> 0:53:41.370 Jasmine Tang Bye bye. 0:53:43.60 --> 0:53:44.70 Jasmine Tang And the also visa. 0:53:44.200 --> 0:53:45.410 Jasmine Tang Ohh need to call. 0:53:45.420 --> 0:53:48.590 Jasmine Tang This is calling the the services OK. 0:53:48.640 --> 0:54:2.90 Jasmine Tang I I don't understand why the credit database storing the customer is is part of the platform service term because implicit the password complexity right is set at the database level. 0:54:2.300 --> 0:54:7.690 Jasmine Tang So it basically the requirement is every customer should allow to have their own password complexity. 0:54:8.100 --> 0:54:13.550 Jasmine Tang Then in that case we need to do it in platform service, because only when you're on board a user. 0:54:14.240 --> 0:54:14.410 Jasmine Tang Yeah. 0:54:14.420 --> 0:54:16.560 Jasmine Tang And what customer you create the connection? 0:54:16.650 --> 0:54:18.240 Jasmine Tang Then you define the complexity, then. 0:54:18.550 --> 0:54:19.180 Jasmine Tang OK. 0:54:19.270 --> 0:54:22.560 Jasmine Tang So on the authentication service, do we need to do any work? 0:54:23.810 --> 0:54:25.520 Jasmine Tang Or just order was done by you. 0:54:26.150 --> 0:54:29.560 Jasmine Tang If if every customer has their own database, thing is done here. 0:54:29.800 --> 0:54:41.170 Jasmine Tang If they say we say all customers share one database, then the authentication service has to pre create a database first, then only platform service can call the API to add user to database. 0:54:42.220 --> 0:54:43.890 Jasmine Tang Ohh OK alright. 0:54:43.900 --> 0:54:56.980 Jasmine Tang I just very curious that sorry I I I have a I just wake curious why the job is part of the platform service not the service even regardless we create multiple database or create a single one. 0:54:58.970 --> 0:55:2.660 Jasmine Tang We cannot pre create we we wouldn't off service. 0:55:2.670 --> 0:55:7.480 Jasmine Tang I wouldn't know when on which customer is going to buy or for that month. 0:55:7.490 --> 0:55:11.40 Jasmine Tang Yeah, that's actually I I starting like personal service. 0:55:11.190 --> 0:55:13.960 Jasmine Tang They will call one API in the OR service they be done. 0:55:13.970 --> 0:55:19.520 Jasmine Tang The our service will create the No no, not all service performed service call directly to all zero API. 0:55:20.130 --> 0:55:21.620 Jasmine Tang We don't have to create another layer. 0:55:21.630 --> 0:55:22.400 Jasmine Tang That's OK. 0:55:22.410 --> 0:55:23.680 Jasmine Tang That's OK, that's OK. 0:55:24.700 --> 0:55:25.910 Jasmine Tang OK, then I think email also. 0:55:25.290 --> 0:55:27.70 Eric Wong Uh, question question for me. 0:55:27.80 --> 0:55:34.740 Eric Wong I've been so if imagine if we are not using each customer or each tenant having a single DB right? 0:55:34.810 --> 0:55:39.170 Eric Wong I'm just curious how how do the tendency being handled for different users? 0:55:41.390 --> 0:55:43.230 Jasmine Tang How do their tendency being handled? 0:55:43.930 --> 0:55:44.530 Eric Wong Yeah. 0:55:44.540 --> 0:55:47.540 Eric Wong As in which user belongs to which tenant. 0:55:47.680 --> 0:55:49.740 Eric Wong In the I mean if everyone sharing the same DB. 0:55:51.220 --> 0:55:54.160 Jasmine Tang They basically don't care or not they just authenticated. 0:55:58.960 --> 0:55:59.800 Eric Wong Ohh. 0:55:54.170 --> 0:56:2.540 Jasmine Tang Then depending on your client, if this redirected to the clients of even can feel the you can filter by tenant ID or something. 0:56:2.550 --> 0:56:4.440 Jasmine Tang Still OK if you lump somewhere together. 0:56:8.790 --> 0:56:9.140 Eric Wong Really, the. 0:56:4.450 --> 0:56:17.260 Jasmine Tang I think most are difficult operation, very difficult to do maintenance on because they they are they are they are situation like this maybe this customer the one continue business with us we need them we need to remove that. 0:56:17.510 --> 0:56:21.630 Jasmine Tang So we need to take care of some of this work, Keith. 0:56:20.990 --> 0:56:25.270 Eric Wong So so can I say, can I say if if let's say everything is going to be one DB right? 0:56:25.770 --> 0:56:31.300 Eric Wong Because like how key code works is like we detect the the user is from which tenant. 0:56:31.370 --> 0:56:36.900 Eric Wong From there, we know which room it is, and from there we know which you are. 0:56:36.910 --> 0:56:37.370 Eric Wong Authority. 0:56:37.380 --> 0:56:43.180 Eric Wong You URL it is to point this user to hit to actually authenticate itself. 0:56:43.250 --> 0:56:48.600 Eric Wong So in this case, can I assume that every user will have the same authority URL in a way? 0:56:49.630 --> 0:56:49.980 Jasmine Tang Yeah. 0:56:51.110 --> 0:56:52.20 Eric Wong Ah, OK, OK. 0:56:49.990 --> 0:56:57.0 Jasmine Tang Yes, Singh, then URL, but uh different application you just pass in different client ID. 0:56:58.110 --> 0:56:58.800 Eric Wong OK. 0:56:58.840 --> 0:57:6.880 Eric Wong OK, different application, but the application is more like for like product instances right in in a concept right? 0:57:7.520 --> 0:57:8.200 Jasmine Tang This product. 0:57:7.470 --> 0:57:11.400 Eric Wong So so it's nothing to do with the tenant, right? 0:57:11.410 --> 0:57:13.30 Eric Wong So, OK, OK. 0:57:14.310 --> 0:57:14.770 Eric Wong Right. Thanks. 0:57:28.890 --> 0:57:30.450 Jasmine Tang For the fun, you know now, correct. 0:57:30.460 --> 0:57:31.520 Jasmine Tang That's what you lose. 0:57:31.570 --> 0:57:32.110 Jasmine Tang Yeah. OK. 0:57:37.790 --> 0:57:38.170 Jasmine Tang Right. 0:57:42.230 --> 0:57:57.120 Jasmine Tang This one is to create the product in that if the like client level in keycloak so when be on board uh again I think Son also there are two options do they haven't decided to go for which options because we can. 0:57:59.780 --> 0:58:4.110 Jasmine Tang Like for example if the multi tenant, multi tenant products, right? 0:58:4.410 --> 0:58:30.800 Jasmine Tang So there is an option to say only 111 client created at all zero and we can still support multi tenant or there is another options that every customers have one client in off 0 just like how we use key code people is a bit different because we put it under a Yang to separate by the customer. 0:58:31.280 --> 0:58:34.810 Jasmine Tang But for all zero, there's no real concept. 0:58:35.150 --> 0:58:40.230 Jasmine Tang So with one application and because they support wild card they you can also. 0:58:42.290 --> 0:58:50.900 Jasmine Tang Make it like putting the organization name dynamically into the copy URL at they say for outright. 0:58:50.960 --> 0:58:55.470 Jasmine Tang How they do the multi tenancy is by using the sub domain to differentiate. 0:58:55.480 --> 0:58:57.970 Jasmine Tang This is coming from which customer right? 0:58:57.980 --> 0:58:59.410 Jasmine Tang So all zero. 0:58:59.420 --> 0:59:7.680 Jasmine Tang If they say we use the subdomain as an organization name, then we can only have one client, but the. 0:59:9.800 --> 0:59:10.510 Jasmine Tang Subdomain. 0:59:10.520 --> 0:59:13.770 Jasmine Tang Use it as a copy URL, then it can work already. 0:59:15.350 --> 0:59:22.540 Jasmine Tang So we have an option to create only one client for product but not product instance. 0:59:27.40 --> 0:59:28.870 Jasmine Tang OK, So what we are not there. 0:59:30.140 --> 0:59:39.940 Jasmine Tang No one client is not not really is a product instance in the KEYCLOAK world is a product instance, one product instance, one client. 0:59:41.290 --> 0:59:42.650 Jasmine Tang My client and keycloak right. 0:59:46.220 --> 0:59:56.100 Jasmine Tang Because in key code we go to group, drop the customer by the young but in all zero we can we we cannot be group customer. 0:59:59.280 --> 1:0:5.690 Jasmine Tang No, because in in Keycloak right, every customer they their authority server you are will be different because of the. 1:0:6.50 --> 1:0:6.720 Jasmine Tang But in all zero. 1:0:8.670 --> 1:0:10.720 Jasmine Tang We only have one one authority server. 1:0:10.730 --> 1:0:18.230 Jasmine Tang You out over time for all the time for all the products you know for all the products. 1:0:20.420 --> 1:0:24.500 Jasmine Tang So this this is going to be better that. 1:0:20.530 --> 1:0:25.620 Eric Wong Yes, in key in Kiko is actually. 1:0:26.870 --> 1:0:27.840 Eric Wong Uh. 1:0:28.50 --> 1:0:32.980 Eric Wong Even even the Home SBA itself have its own client. 1:0:33.690 --> 1:0:38.940 Eric Wong The mobile have its own client and individual product instance has own client as well. Yep. 1:0:39.90 --> 1:0:39.420 Jasmine Tang Yes. 1:0:39.630 --> 1:0:44.910 Jasmine Tang Yeah, but in in keycloak they say we have two customer by app. 1:0:47.830 --> 1:0:47.980 Eric Wong Yes. 1:0:49.970 --> 1:0:50.750 Eric Wong Yes, correct. 1:0:50.830 --> 1:0:51.240 Eric Wong Correct, yes. 1:0:45.580 --> 1:0:54.720 Jasmine Tang Then we will have two young and two products I buy off so we can have an option to say we only have one. 1:1:0.40 --> 1:1:0.320 Eric Wong Uh-huh. 1:0:56.450 --> 1:1:0.740 Jasmine Tang One uh they call applications are applications. 1:1:0.980 --> 1:1:3.240 Jasmine Tang Zero is the client in Keycloak. 1:1:5.240 --> 1:1:5.800 Eric Wong Right. 1:1:5.100 --> 1:1:8.630 Jasmine Tang So if he want application, he also work. 1:1:8.780 --> 1:1:12.950 Jasmine Tang We create two different application for two different customer with the same product. 1:1:12.960 --> 1:1:13.650 Jasmine Tang It also works. 1:1:15.480 --> 1:1:16.10 Jasmine Tang Let's see. 1:1:15.270 --> 1:1:18.620 Eric Wong Right then, then what is the deliberation on direct site? 1:1:18.630 --> 1:1:20.520 Eric Wong And just curious, there must be something cost. 1:1:23.100 --> 1:1:27.980 Jasmine Tang I think few things are how complex to manage and then do we have other implications or not? 1:1:41.510 --> 1:1:41.790 Eric Wong Hmm. 1:1:27.990 --> 1:1:43.50 Jasmine Tang Because when Duraid was suggesting this, then if we go for one application that then we go to think of change how the way to implement or change will be differently because we were detecting by applications to decide which product influence is it. 1:1:43.760 --> 1:1:43.960 Eric Wong Mm-hmm. 1:1:43.460 --> 1:1:53.60 Jasmine Tang So if we if we don't, if we go for one applications, they will have to find a different way to identify that this login is coming from which customer. 1:1:53.660 --> 1:1:54.300 Eric Wong Right. OK. 1:1:56.590 --> 1:1:59.780 Jasmine Tang It sounds like you need to one by one of other. 1:1:59.790 --> 1:2:3.120 Jasmine Tang You cannot like lump sum together really. 1:2:3.250 --> 1:2:4.580 Jasmine Tang I also think 1 by 1. 1:2:4.590 --> 1:2:10.430 Jasmine Tang Easier to manage it, but then you will end up with lots of applications in the in the and then the thing that you know. 1:2:10.810 --> 1:2:16.230 Jasmine Tang But if if you don't do that, then there's no way to differentiate really, right? 1:2:16.290 --> 1:2:18.970 Jasmine Tang You cannot be detected by the organization name. 1:2:19.500 --> 1:2:22.10 Jasmine Tang That means you go to use together with the organization features. 1:2:23.710 --> 1:2:24.110 Jasmine Tang OK. 1:2:25.530 --> 1:2:31.440 Jasmine Tang So we should organization, not product organizations, denoma. 1:2:31.450 --> 1:2:36.650 Jasmine Tang So this mean E if you don't implement this, can we know which product not not? 1:2:36.660 --> 1:2:46.210 Jasmine Tang I mean which tenant which product that's the can because it uh one of the features are easy, they can detect you by your domain email domain. 1:2:46.680 --> 1:2:52.750 Jasmine Tang They say when you log in ideagen.com right then it's HRDC features or something like the HID features. 1:2:52.980 --> 1:2:57.90 Jasmine Tang So from that then they can find you belongs to which organizations. 1:2:57.540 --> 1:2:58.210 Jasmine Tang OK. 1:2:58.460 --> 1:3:3.760 Jasmine Tang OK, which organization looks OK because organization how about which product? 1:3:4.220 --> 1:3:5.860 Jasmine Tang Which product is made in the client ID? 1:3:8.100 --> 1:3:9.820 Jasmine Tang And E OK. 1:3:9.830 --> 1:3:15.280 Jasmine Tang Please point I know important for this because user title then not Type 2 product, right? 1:3:15.330 --> 1:3:21.870 Jasmine Tang Uh, still important, because if the same user has access to two different products, there is no way. 1:3:22.280 --> 1:3:24.510 Jasmine Tang Yeah, that is coming from concess. 1:3:25.510 --> 1:3:27.320 Jasmine Tang What do we need to give? 1:3:27.330 --> 1:3:31.840 Jasmine Tang We know that then this cannot, cannot, cannot see the different area is that. 1:3:31.910 --> 1:3:32.660 Jasmine Tang Is that crucial? 1:3:32.670 --> 1:3:33.230 Jasmine Tang Is that crucial? 1:3:34.690 --> 1:3:38.70 Jasmine Tang Crucial to decide that otherwise it's difficult for us to proceed. 1:3:39.50 --> 1:3:42.650 Jasmine Tang So about this area, is there any further conversation? 1:3:42.660 --> 1:3:46.850 Jasmine Tang We do this to there's a Duraid you need another 2-3 hours long discussions. 1:3:48.870 --> 1:3:51.740 Jasmine Tang Put that OK did you mention schedule? 1:3:51.750 --> 1:3:57.760 Jasmine Tang With him this week, you think he's full one and next week also he will be full. 1:3:57.900 --> 1:3:59.720 Jasmine Tang Uh, I think this week. 1:3:59.810 --> 1:4:7.60 Jasmine Tang Yeah, I think besides that also, OK, now my I think these are still got time a bit we can do later we start some of the work at the top. 1:4:7.130 --> 1:4:7.660 Jasmine Tang OK. 1:4:8.130 --> 1:4:8.480 Jasmine Tang Yeah. 1:4:8.490 --> 1:4:18.720 Jasmine Tang I think on the discussion itself also need to confirm with you right on the the UI that he and TCP but for for the create client that I think still cannot run away equal to do it in platform. 1:4:19.700 --> 1:4:38.410 Jasmine Tang One way it does if we go for one one product, one client and then that means when you create the product you go to call the API to create the client at the application and if you go for every customers 11 application site then that means whenever you create a product instance you call the API. 1:4:40.170 --> 1:4:44.80 Jasmine Tang So no matter what you got to handle it, platform is all set. 1:4:46.10 --> 1:4:47.0 Jasmine Tang Bring which possessed. 1:4:47.10 --> 1:4:48.220 Jasmine Tang Then you call the API log. 1:4:48.310 --> 1:4:49.760 Jasmine Tang Probably different process of if. 1:4:50.130 --> 1:4:51.340 Jasmine Tang If you go for a different approach. 1:4:52.220 --> 1:5:4.830 Eric Wong So can that can I rephrase so if it's a if we're going by the route of each particular product instance as a single app on all zero. 1:5:4.840 --> 1:5:8.130 Eric Wong So where we create a product instance, we need to create the app itself, right? 1:5:9.140 --> 1:5:9.280 Jasmine Tang Yes. 1:5:10.110 --> 1:5:18.260 Eric Wong And then if we go by each Hannon as an app itself, as each client they are each each customer. 1:5:18.370 --> 1:5:21.350 Eric Wong So in that case, when we create a tenant, we need to create that. 1:5:19.10 --> 1:5:23.500 Jasmine Tang No, not but each customer each product. 1:5:25.830 --> 1:5:26.900 Jasmine Tang But at least the app. 1:5:24.480 --> 1:5:27.450 Eric Wong Each product or each product. 1:5:27.460 --> 1:5:27.770 Eric Wong OK. 1:5:27.780 --> 1:5:28.470 Eric Wong OK. 1:5:29.20 --> 1:5:29.920 Eric Wong Or each product. 1:5:31.620 --> 1:5:32.260 Eric Wong Uh. 1:5:33.730 --> 1:5:35.20 Jasmine Tang You have a new extent right? 1:5:36.250 --> 1:5:36.710 Jasmine Tang The version. 1:5:33.530 --> 1:5:54.140 Eric Wong How the product concept where we have API to create we have API to create product but in the product also have different version of product so each version OK each product have different versions and each product instance is tied to a specific version of a product. 1:5:57.910 --> 1:5:59.200 Eric Wong At least that's that's what it is now. 1:6:2.600 --> 1:6:4.180 Eric Wong Ah, yes, yes. 1:6:0.330 --> 1:6:6.80 Jasmine Tang This on the platform service level, but what what in the office level that it's just a mess. 1:6:5.400 --> 1:6:10.490 Eric Wong So that's why how how this will tie back to each product when there's I'm trying to ask. 1:6:11.150 --> 1:6:12.840 Eric Wong Uh, ping ping. 1:6:12.850 --> 1:6:21.840 Eric Wong How how would this tie back to the to the each app when she mentioned about creating each product like art, a product having a single app? 1:6:25.370 --> 1:6:28.650 Jasmine Tang As a product, having a single app, how does it type? 1:6:28.220 --> 1:6:30.190 Eric Wong App, yeah. 1:6:32.50 --> 1:6:34.170 Jasmine Tang Does it have X2 to what? 1:6:34.30 --> 1:6:34.990 Eric Wong So each product instance. 1:6:37.70 --> 1:6:39.610 Jasmine Tang Yeah, you don't have it to product instance anymore. 1:6:39.620 --> 1:6:44.340 Jasmine Tang In that case, no more, no more multiple product is. 1:6:44.390 --> 1:6:47.900 Jasmine Tang I think it's a click the different client. 1:6:47.910 --> 1:7:3.130 Jasmine Tang OK, currently we are have different product instance with different client but in off we have uh the different product instance with the same product but using the same client in in off 0. 1:7:3.720 --> 1:7:10.300 Jasmine Tang So this is what pimping like a little maintain multiple version for the same products. 1:7:10.700 --> 1:7:16.310 Jasmine Tang Then I would imagine in all you know your create as two different applications of. 1:7:16.980 --> 1:7:17.840 Eric Wong Right. OK. 1:7:17.140 --> 1:7:21.760 Jasmine Tang Then it each that will be identified by the client ID for that application. 1:7:24.820 --> 1:7:25.520 Eric Wong Right. OK. 1:7:26.500 --> 1:7:32.140 Eric Wong Well, I think I think the session you're gonna have this will give us a better picture in the sense because I'm I was one. 1:7:32.150 --> 1:7:33.260 Eric Wong I'm trying to visualize this. 1:7:33.350 --> 1:7:44.660 Eric Wong How differ is off 0 works with how Keycloak working now so that we can you know know what's the gap and in scenario like create product instance in scenario like create tenant and so on. 1:7:44.730 --> 1:7:46.380 Eric Wong How would this all tied together? 1:7:46.430 --> 1:7:48.90 Eric Wong Yeah, I think that that will help us. 1:7:50.980 --> 1:7:52.370 Jasmine Tang Yeah, nothing would last. 1:7:52.380 --> 1:7:56.410 Jasmine Tang Also, the cops zero when we try to create a new tenant. 1:7:56.530 --> 1:8:2.800 Jasmine Tang What this means, creating a new organization or creating a new client? 1:8:2.810 --> 1:8:3.10 Jasmine Tang Yeah. 1:8:3.20 --> 1:8:6.450 Jasmine Tang If you go for organization label then it's creating a new organizations. 1:8:6.520 --> 1:8:15.970 Jasmine Tang If you go, if you don't use organization features, then depending other we separate one custom one database per customer or not. 1:8:16.400 --> 1:8:26.560 Jasmine Tang So if one database server, then when you create a tenant you create one database, if no then basically nothing that you need to do for the tenant level. 1:8:28.670 --> 1:8:30.760 Jasmine Tang I mean Carissa, ohh, you don't mind? 1:8:30.770 --> 1:8:33.930 Jasmine Tang It is island and there must be a reason why I think we need to find out a bit. 1:8:35.440 --> 1:8:36.850 Jasmine Tang Did you ask matter? 1:8:37.340 --> 1:8:39.70 Jasmine Tang I know what the the the why? 1:8:39.80 --> 1:8:40.920 Jasmine Tang What was the usage of this organization? 1:8:40.930 --> 1:8:44.310 Jasmine Tang And because it looks like there's a lot duplicate things around. 1:8:47.310 --> 1:8:48.660 Jasmine Tang There must be some some reason. 1:8:52.220 --> 1:8:52.830 Jasmine Tang OK, all good. 1:8:53.100 --> 1:8:54.750 Jasmine Tang OK, they told me. 1:8:54.800 --> 1:8:57.330 Jasmine Tang Maybe they want you still access to two, right? 1:8:58.240 --> 1:8:58.800 Jasmine Tang How about that? 1:9:4.0 --> 1:9:5.290 Jasmine Tang How about the client one? 1:9:5.340 --> 1:9:8.290 Jasmine Tang What was the purpose with the client? 1:9:8.810 --> 1:9:10.650 Jasmine Tang The client is OK. 1:9:12.610 --> 1:9:19.540 Jasmine Tang Uh, that the the the application client here is is the one that will define it. 1:9:19.550 --> 1:9:20.550 Jasmine Tang It will generate those. 1:9:22.310 --> 1:9:24.210 Jasmine Tang Idea the OK. 1:9:24.360 --> 1:9:27.870 Jasmine Tang The stuff about this, the idea, the ID will be used to generate a token. 1:9:28.780 --> 1:9:29.130 Jasmine Tang OK. 1:9:29.140 --> 1:9:34.820 Jasmine Tang OK, OK, alongside Dusi client cannot run away. 1:9:35.320 --> 1:9:36.770 Jasmine Tang OK, definitely we need. 1:9:36.840 --> 1:9:43.720 Jasmine Tang We need one is either we create one client per product instance or one client per product. 1:9:44.910 --> 1:9:52.100 Jasmine Tang One comment because one product can have many product instance, I think we need to put instead. 1:9:52.470 --> 1:9:54.950 Jasmine Tang Maybe due to security reason, right? 1:9:57.420 --> 1:10:9.870 Jasmine Tang I also think they say more detail more better instead of like, yeah everyone share the same thing, but we do during the time Duraid ask this is because we don't know whether there is a limitation of application for the tenant. 1:10:9.880 --> 1:10:10.790 Jasmine Tang Is it all zero? 1:10:10.800 --> 1:10:14.530 Jasmine Tang Or how about the database I go with the database on? 1:10:14.540 --> 1:10:20.60 Jasmine Tang Is there any performance thing if we queue hey we won you either send it always. 1:10:20.70 --> 1:10:21.240 Jasmine Tang I feel like they could be. 1:10:21.450 --> 1:10:23.30 Jasmine Tang They know that they. 1:10:23.220 --> 1:10:23.880 Jasmine Tang No, no, no. 1:10:25.550 --> 1:10:26.840 Jasmine Tang In like this are better. 1:10:26.850 --> 1:10:34.600 Jasmine Tang We have one customer, 11B, but there's something to do it and see how it's easier to manage. 1:10:34.610 --> 1:10:37.770 Jasmine Tang Like they say, the customer decided not to use it. 1:10:37.780 --> 1:10:40.200 Jasmine Tang Then we just delete their connection to. 1:10:40.830 --> 1:10:42.780 Jasmine Tang You got to look through and then find which you. 1:10:42.230 --> 1:10:44.380 Eric Wong I I think 1 area we need to look at it. 1:10:44.390 --> 1:10:54.990 Eric Wong So I'm not sure whether this case a A makes sense or not, but there are customer which I understand that there one that that are to be segregated from other organization so. 1:10:54.380 --> 1:10:55.570 Jasmine Tang But to good? 1:10:55.620 --> 1:10:56.10 Jasmine Tang Goodbye. 1:10:56.20 --> 1:10:56.740 Jasmine Tang Goodbye. Goodbye. 1:10:56.880 --> 1:10:57.40 Eric Wong Yeah. 1:10:58.670 --> 1:11:6.50 Jasmine Tang Just we, we will, we will have the requirement to say every customer allowed to set their own password complexity, right? 1:11:6.890 --> 1:11:14.980 Jasmine Tang So if you have that, then we we we got to make every customer have their own DVR because it's decided at that level. 1:11:15.330 --> 1:11:16.280 Jasmine Tang OK, OK. 1:11:16.450 --> 1:11:16.700 Jasmine Tang Yeah. 1:11:16.710 --> 1:11:18.580 Jasmine Tang I think then negotiate with today. 1:11:18.590 --> 1:11:22.340 Jasmine Tang Maybe you can tell him about our requirement here then. 1:11:22.350 --> 1:11:33.470 Jasmine Tang So he can and leave it, but that is a good point, because then linked one the if it's between the one database and multiple. 1:11:35.210 --> 1:11:40.200 Jasmine Tang Yes, I think, yeah, to talk about one, this one is for multitenancy. 1:11:40.210 --> 1:11:42.830 Jasmine Tang Another one is for the single tenancy for each instance. 1:11:44.840 --> 1:11:47.390 Jasmine Tang So far you start early, that's. 1:11:49.170 --> 1:11:49.540 Jasmine Tang OK. 1:11:49.550 --> 1:11:52.260 Jasmine Tang And then and then the assigned identity provider. 1:11:52.270 --> 1:11:55.440 Jasmine Tang I also, depending on whether we're using organization. 1:11:55.490 --> 1:11:58.880 Jasmine Tang If you use then that assignment will be done at the organization level. 1:11:59.210 --> 1:12:2.620 Jasmine Tang If you don't, then that assignment will be done at the application level. 1:12:3.730 --> 1:12:6.210 Jasmine Tang Yeah, there's a diagram there. 1:12:6.400 --> 1:12:11.860 Jasmine Tang Jasmine, look at the link there and there's a degraded 3. 1:12:11.870 --> 1:12:20.470 Jasmine Tang My feeling is like inclue tie back to then and no because our user very much is big problem you know. 1:12:22.340 --> 1:12:23.350 Jasmine Tang But this is the. 1:12:23.440 --> 1:12:23.560 Jasmine Tang Yeah. 1:12:23.880 --> 1:12:29.270 Jasmine Tang A A single database with multiple the paper. 1:12:29.960 --> 1:12:32.310 Jasmine Tang Uh, I'm gonna zation, I believe. 1:12:32.320 --> 1:12:32.410 Jasmine Tang Yeah. 1:12:33.420 --> 1:12:38.80 Jasmine Tang So there's only one database connection and there will be one login page. 1:12:40.40 --> 1:12:45.570 Jasmine Tang Or customers for all the customer think uh scrolling down, scrolling down there will be. 1:12:48.600 --> 1:12:51.520 Jasmine Tang Or yeah, so this is the multiple. 1:12:53.580 --> 1:12:55.950 Jasmine Tang Uh, we thought instance of database. 1:12:58.360 --> 1:13:1.930 Jasmine Tang Multiple tenant for each single tenant instance. 1:13:1.940 --> 1:13:2.80 Jasmine Tang Yeah. 1:13:2.980 --> 1:13:4.910 Jasmine Tang So there will be multiple instance for this case. 1:13:7.120 --> 1:13:9.750 Jasmine Tang And this instant will have one database connection. 1:13:13.930 --> 1:13:14.940 Jasmine Tang Please have two model. 1:13:22.990 --> 1:13:23.820 Jasmine Tang Happens right? 1:13:23.830 --> 1:13:28.450 Jasmine Tang Meaning that there's no concept of RAM or no, no, there's no. 1:13:28.820 --> 1:13:30.40 Jasmine Tang Become confusing. 1:13:30.50 --> 1:13:30.700 Jasmine Tang Confusing, right? 1:13:30.710 --> 1:13:31.920 Jasmine Tang Yeah. Confusing. 1:13:31.930 --> 1:13:33.10 Jasmine Tang So they're not be some more. 1:13:33.720 --> 1:13:34.430 Jasmine Tang Yeah, yeah. 1:13:50.10 --> 1:13:58.350 Jasmine Tang So this one this knowledge and I think yeah, go into the per product instances personally. 1:13:58.360 --> 1:13:58.860 Jasmine Tang Yeah, right. 1:13:58.870 --> 1:13:59.810 Jasmine Tang But that's also like that. 1:14:0.200 --> 1:14:3.550 Jasmine Tang Yeah, I think you have to confirm check deviancy. 1:14:4.290 --> 1:14:5.130 Jasmine Tang They yeah. 1:14:5.140 --> 1:14:10.70 Jasmine Tang So that's what I was saying that under these sections are based in assign identity provider item. 1:14:10.960 --> 1:14:18.550 Jasmine Tang So this one also is not sure whether it's done here or it's done at the organization level depending whether we are using the organization features or not. 1:14:21.190 --> 1:14:26.430 Jasmine Tang So in this we will, but the government do it first. 1:14:28.180 --> 1:14:29.340 Jasmine Tang The the discussion. 1:14:38.730 --> 1:14:41.280 Jasmine Tang That's a nice home, I. 1:14:45.920 --> 1:14:52.270 Jasmine Tang Not be the book all zeroman this this particular UI and this is going People right? 1:14:52.280 --> 1:14:56.290 Jasmine Tang This is more on the application platform platform 7. 1:14:58.210 --> 1:15:2.640 Jasmine Tang The mice that you know, it's not me doing calling door. 1:15:2.690 --> 1:15:4.310 Jasmine Tang Sorry, I just think it would take. 1:15:4.590 --> 1:15:6.690 Jasmine Tang Ohh OK, starting to do it. 1:15:6.700 --> 1:15:9.280 Jasmine Tang The login pitch to customize and logging pitching. 1:15:9.450 --> 1:15:19.30 Jasmine Tang OK, think of people is that every tenant you, you can define cognito is more like key code whether you can like 1 customer one realm like this one customer 1 user two. 1:15:19.410 --> 1:15:20.960 Jasmine Tang Ohh of zero. 1:15:21.30 --> 1:15:22.270 Jasmine Tang When I read on that right. 1:15:22.350 --> 1:15:27.600 Jasmine Tang So depends on which the multitenancy talk. 1:15:27.770 --> 1:15:39.690 Jasmine Tang Yeah, let's say you are choosing the single database for multiple customer, then only once locking page could be, yeah Kathy can be configured. 1:15:40.30 --> 1:15:44.960 Jasmine Tang Ohh so there there won't be having a per customer for long. 1:15:45.470 --> 1:15:54.930 Jasmine Tang If they say you want to per customer login page then you will you will you choose the second option which is the multiple instance with multiple customer. 1:15:55.960 --> 1:16:3.340 Jasmine Tang Yeah, I mean want to have their own individual knowing benchmarks, separate database, separate database, yes. 1:16:3.350 --> 1:16:17.120 Jasmine Tang Then mostly, we still stick to them because the some sometime organization they want to have their own local appearing there in the but the customization because we need to customize that UI that that one is handled at the organization level. 1:16:17.410 --> 1:16:21.320 Jasmine Tang But if you do, if you go for the UI customizations then it will override. 1:16:23.110 --> 1:16:26.510 Jasmine Tang OK, so so so still can be done that. 1:16:27.540 --> 1:16:27.920 Jasmine Tang OK. 1:16:27.980 --> 1:16:28.970 Jasmine Tang What do you mean by that? 1:16:29.260 --> 1:16:29.810 Jasmine Tang Is it there? 1:16:30.750 --> 1:16:32.460 Jasmine Tang Ohh 0 have their own tenant. 1:16:33.680 --> 1:16:37.300 Jasmine Tang The cannon is like Keycode product instance that the whole key code. 1:16:39.400 --> 1:16:41.110 Jasmine Tang The whole key cooked the Anna. 1:16:41.320 --> 1:16:45.330 Jasmine Tang OK, so still one tenant, they they call it a tenant. 1:16:45.420 --> 1:16:46.830 Jasmine Tang OK, OK, OK. 1:16:46.840 --> 1:16:58.860 Jasmine Tang So what they can do is in one account right they can have you can create multiple tenant at different region and under the same tenant you can choose production the one tenant. 1:16:59.220 --> 1:17:4.400 Jasmine Tang When you choose when you create the tenant, you can choose whether this is a production tenant or this is a development tenant. 1:17:4.470 --> 1:17:5.0 Jasmine Tang OK. 1:17:5.670 --> 1:17:18.950 Jasmine Tang So they also, yeah, they don't look like they wrote tenant is very different for our tenancy, very different, very different zero organization equivalent to our tenant tenant is like our key code instance. 1:17:19.10 --> 1:17:22.670 Jasmine Tang You said one click OK only have 150 rounds, right? 1:17:22.840 --> 1:17:29.190 Jasmine Tang So after 350, we go to spin up another key problem that is their Pennant. 1:17:29.370 --> 1:17:29.710 Jasmine Tang OK. 1:17:29.750 --> 1:17:31.170 Jasmine Tang Then then how's the? 1:17:31.260 --> 1:17:31.540 Jasmine Tang Where? 1:17:31.550 --> 1:17:37.10 Jasmine Tang Where when we can customize the the login page, tenant level or OK. 1:17:37.220 --> 1:17:41.40 Jasmine Tang But the reason we don't need we don't need to allow customer to customize their own logo. 1:17:42.810 --> 1:17:43.690 Jasmine Tang I'm not sure we need to. 1:17:45.270 --> 1:17:46.300 Jasmine Tang OK, OK. 1:17:47.180 --> 1:17:51.700 Jasmine Tang You're currently we have this one single picture right for people. 1:17:51.870 --> 1:17:54.100 Jasmine Tang So this is kind of like new feature. 1:18:5.900 --> 1:18:8.470 Jasmine Tang Any other functions that I miss? 1:18:8.480 --> 1:18:9.300 Jasmine Tang Are let's say. 1:18:12.680 --> 1:18:14.30 Jasmine Tang If Wong service calling KEYCLOAK. 1:18:19.460 --> 1:18:19.830 Jasmine Tang If you. 1:18:19.980 --> 1:18:20.440 Jasmine Tang So yeah. 1:18:20.450 --> 1:18:21.660 Jasmine Tang Yeah, just interrupt. 1:18:21.670 --> 1:18:27.260 Jasmine Tang Still, if you don't allow people to customer or this locally now, why do we need to pay about password complexity? 1:18:28.560 --> 1:18:44.260 Jasmine Tang Because we can have like 1 password complexity for those people who don't use SSO puzzle could basically is different that the the the log in the log in is like the color the logo welcome. 1:18:44.590 --> 1:18:46.610 Jasmine Tang I just feel like we should. 1:18:46.790 --> 1:18:54.550 Jasmine Tang We should put a standard internal apply the the the possible compulsive complexity, then either UI. 1:18:55.560 --> 1:19:0.350 Jasmine Tang I think the puzzle convexity is like some company and they have their own policy. 1:19:0.360 --> 1:19:0.670 Jasmine Tang One. 1:19:1.660 --> 1:19:4.240 Jasmine Tang OK, so it doesn't reset one then the then. 1:19:6.790 --> 1:19:8.400 Jasmine Tang Different company, different policy. 1:19:9.50 --> 1:19:14.180 Jasmine Tang But I was thinking like this because if the company wants to have their own parser complicity, they should. 1:19:14.190 --> 1:19:20.810 Jasmine Tang If they should integrate with their own active title, or so right is any data. 1:19:20.820 --> 1:19:24.20 Jasmine Tang I have their owner and then they want they want their own. 1:19:24.300 --> 1:19:26.110 Jasmine Tang Own personal complexity so. 1:19:28.410 --> 1:19:29.700 Jasmine Tang He built A1. 1:19:29.750 --> 1:19:32.940 Jasmine Tang He built something and also why don't just stick to one? 1:19:32.950 --> 1:19:38.620 Jasmine Tang Maybe alone easier, but in the longer term for us, we need to manage so many different customers different. 1:19:40.20 --> 1:19:40.930 Jasmine Tang I will also busy. 1:19:40.940 --> 1:19:44.930 Jasmine Tang There's my general feeling that so so we can we can have like a few options. 1:19:44.940 --> 1:19:55.200 Jasmine Tang So if you either have their own design of the apartment parcel complexity, we choose the most complex pattern, then if you don't want then you have to use your own SSO to integrate. 1:19:55.210 --> 1:19:56.140 Jasmine Tang Then we don't need to hit that. 1:19:56.150 --> 1:19:59.50 Jasmine Tang We all this customization, I feel they are. 1:19:59.120 --> 1:20:3.400 Jasmine Tang I mean, I think from the future of the our Ideagen product. 1:20:6.990 --> 1:20:7.630 Jasmine Tang Anything, yeah. 1:20:6.840 --> 1:20:11.360 Eric Wong Do we need to customize the parcel complexity on all zero? 1:20:11.370 --> 1:20:12.90 Eric Wong I thought it's supported. 1:20:14.740 --> 1:20:15.840 Jasmine Tang A tower imported. 1:20:16.290 --> 1:20:17.300 Eric Wong The Potter the potted. 1:20:16.60 --> 1:20:32.720 Jasmine Tang What supported is is aborted, but it's set at the connection level, so it depends on our requirement that if they say, we say every customer need to have their own, uh, what's the complexity, right? 1:20:32.730 --> 1:20:36.490 Jasmine Tang They miss every customer need to have their own database connection now. 1:20:38.370 --> 1:20:38.740 Eric Wong Right. 1:20:38.750 --> 1:20:52.680 Eric Wong So I think in that case the the bigger answer, the bigger question to answer is more about whether we want to have a each customer, their own DB to manage in the sense of like tenant so or realm. 1:20:52.690 --> 1:21:0.260 Eric Wong So if that's the case, then I think it's OK to support the the password complexity in the sense otherwise we don't. 1:21:0.270 --> 1:21:5.760 Eric Wong Because again, I think what Jack mentioned, so if let's say we're gonna build something in house. 1:21:6.90 --> 1:21:11.360 Eric Wong Yeah, it's kind of complex to support more of these features, but if it's our boss from all zero, I think it's OK to use. 1:21:13.190 --> 1:21:22.680 Jasmine Tang E and I don't think that, I mean I think we will see the Christopher did mention about like we can have like a standard of password complexity a few few choice. 1:21:23.170 --> 1:21:25.70 Jasmine Tang So I think eventually for what? 1:21:25.80 --> 1:21:27.160 Jasmine Tang Repent because cognito cannot support that. 1:21:27.450 --> 1:21:35.520 Jasmine Tang So I think that discussion with Duraid was we make it simple, only fix that is because the so. 1:21:35.530 --> 1:21:37.300 Jasmine Tang So the final one is fixed up. 1:21:37.610 --> 1:21:37.780 Jasmine Tang No. 1:21:37.790 --> 1:21:40.60 Jasmine Tang No, because right now, uh zero can support them. 1:21:40.70 --> 1:21:41.470 Jasmine Tang You actually give me open. 1:21:44.560 --> 1:21:45.280 Jasmine Tang I'd be concerned. 1:21:45.290 --> 1:21:47.300 Jasmine Tang I don't longer terms or listing. 1:21:48.810 --> 1:21:49.780 Jasmine Tang Yeah, long time. 1:21:49.830 --> 1:22:26.570 Jasmine Tang Because it it they say you are talking about the long term long term maintenance like then if if we use only one database connection all customer sharing right then when customer living then we also have problem clearing their database mine the data OK if you go for one database one customer on that point is easier to manage be there we need to separate even then different database either for the same like tenas all for the data the customer they want to share that data along with this one maybe I can understand but I'm talking about this. 1:22:26.770 --> 1:22:29.460 Jasmine Tang Password complexity I I don't. 1:22:29.470 --> 1:22:31.70 Jasmine Tang I mean in this context, I don't. 1:22:31.920 --> 1:22:38.440 Jasmine Tang Personally, I don't feel I just feel a bit like 2 too much thing too. 1:22:38.490 --> 1:22:42.140 Jasmine Tang Making too flexible for the for the for the then the. 1:22:42.570 --> 1:22:43.720 Jasmine Tang I mean, if you stick to that. 1:22:43.950 --> 1:22:44.340 Jasmine Tang OK. 1:22:44.350 --> 1:22:46.260 Jasmine Tang I I just bring this topic up. 1:22:46.330 --> 1:22:51.580 Jasmine Tang Maybe we should review again how we should build our next generation product. 1:22:51.690 --> 1:23:2.230 Jasmine Tang Imagine I'll be marketer can beat market less to customize different parcel complexity, though there's only one they are parcel conversely and then you can say so to connect to it and you can do their own. 1:23:3.190 --> 1:23:8.920 Jasmine Tang So then that's my that's my view as a as a product view. 1:23:12.990 --> 1:23:13.700 Jasmine Tang But never. 1:23:13.710 --> 1:23:19.730 Jasmine Tang I just maybe something to think about, but I was thinking we don't want support team to maintain or the 8. 1:23:19.740 --> 1:23:22.820 Jasmine Tang How come my how come I cannot type this password then they need to maintain this. 1:23:22.950 --> 1:23:32.670 Jasmine Tang So if you have one flat rules for all the authentication user that don't have access to one, once that rules the most complex parcels and complexity after that. 1:23:32.680 --> 1:23:42.130 Jasmine Tang If you want to have your own customization own MFA, whatever, then you have to use your own to connect to all zero and then platform service. 1:23:42.140 --> 1:23:44.150 Jasmine Tang Don't allow the features to update. 1:23:44.480 --> 1:23:48.900 Jasmine Tang When you go in one day you need, then you still have the flexibility for, yeah, eight. 1:23:49.830 --> 1:23:58.860 Jasmine Tang I feel like definitely to separate into two different databases are because of like one to maintain and also data similarity issue. 1:23:58.910 --> 1:24:1.300 Jasmine Tang So these are the thing we need to be careful. 1:24:1.470 --> 1:24:7.610 Jasmine Tang Currently, the spectrum allowed to set password for media or fakes, it's not. 1:24:7.660 --> 1:24:13.580 Jasmine Tang It's not, uh, at three there's a there's a quote about the password policy stuff. 1:24:13.860 --> 1:24:14.160 Jasmine Tang Yeah. 1:24:14.690 --> 1:24:37.970 Jasmine Tang Uh, something to have something that's really hard coded, maybe imaginary if you support that, then the tester need to test me with and then the the way how we also need to test need to deploy 3 different types, so I think we make things a bit too complicated for the slide I think yeah, right now we study as a regular expression in the keycloak and also our services about Soo policy. 1:24:38.140 --> 1:24:39.50 Jasmine Tang If I remember correctly. 1:24:42.160 --> 1:24:49.990 Jasmine Tang Yeah, I think our service also have that, but it's fixed on that means you you don't you don't translate during the creation, it's fixed. 1:24:50.0 --> 1:25:1.390 Jasmine Tang It's hard to the yeah, he does that during the question there will check the password policy that we set in our services and also that we check at the key club as well. 1:25:2.820 --> 1:25:13.430 Jasmine Tang Pastor, you saw that 16 user or let's say Apple Deal, they already have a have tenant and user really they wanna come here. 1:25:13.440 --> 1:25:20.310 Jasmine Tang I can understand the the import part that can the migration part that can import to the CSE. 1:25:20.780 --> 1:25:23.70 Jasmine Tang Once we're done this, they can, they can. 1:25:23.660 --> 1:25:55.120 Jasmine Tang They can import the user to the system, but how the user know hey I changed authentication and I need to reset my password or something and then do we have that kind of scenario we have when you need to create right then we can when we create a user and then you import a user right whether need to change password or not we we we store this in the user meta data so by default effective we want to force them to reset then we set the metadata the flag to false so when they log in then. 1:25:55.660 --> 1:25:59.610 Jasmine Tang When they log in from of zero then it will detect. 1:25:59.780 --> 1:26:5.610 Jasmine Tang So if they check that they haven't at the reset password, didn't you force them to do password? 1:26:5.780 --> 1:26:7.950 Jasmine Tang Well, Paul should write the code to send out the email. 1:26:8.220 --> 1:26:9.190 Jasmine Tang It's the good jazz. 1:26:9.320 --> 1:26:11.930 Jasmine Tang Ohh that OK now wake up already. 1:26:12.320 --> 1:26:15.640 Jasmine Tang OK, now I just want to make sure we cover all the get there. 1:26:16.560 --> 1:26:17.10 Jasmine Tang OK, good. 1:26:17.20 --> 1:26:17.150 Jasmine Tang Good. 1:26:18.800 --> 1:26:19.370 Jasmine Tang Maybe this? 1:26:19.540 --> 1:26:24.490 Jasmine Tang I think maybe can I think need to inform the product, tell them about something like this. 1:26:25.670 --> 1:26:26.930 Jasmine Tang Just say they need to build your way. 1:26:28.180 --> 1:26:33.670 Jasmine Tang Majority Ideagen are two very important scenario is like on boarding new user uh not. 1:26:33.680 --> 1:26:47.770 Jasmine Tang And I need to have problem OK and assisting user on the migration part so they the product need to find the gap then the migration actually they they do have a solutions that for the user to reset password one OK. 1:26:47.780 --> 1:26:52.450 Jasmine Tang But I think Duraid to highlight it, Ideagen doesn't accept that functions. 1:26:52.520 --> 1:26:53.210 Jasmine Tang OK. 1:26:53.220 --> 1:26:53.420 Jasmine Tang OK. 1:26:54.480 --> 1:26:57.70 Jasmine Tang Because uh, because they do. In order. 1:26:57.120 --> 1:27:6.720 Jasmine Tang Yeah, they they because they they say when user not in that they can actually capture the password really ohg take some OK then then they just use that to save back to the database. 1:27:7.110 --> 1:27:12.580 Jasmine Tang So during it was saying that from the experience of the Azure B2C to keycloak migration. 1:27:14.490 --> 1:27:14.880 Jasmine Tang Which team? 1:27:14.890 --> 1:27:16.740 Jasmine Tang I'm greedy team. 1:27:16.890 --> 1:27:18.580 Jasmine Tang They don't accept this solution. 1:27:18.590 --> 1:27:20.170 Jasmine Tang OK, OK, makes sense. 1:27:22.480 --> 1:27:30.240 Jasmine Tang Maybe if they don't accept the means, uh, we won't have their password to force them to do the reset password despite those so. 1:27:33.490 --> 1:27:51.460 Jasmine Tang But in that also means we cannot use their their feature that then I had that that they have to keep out to the show migration to 0 migration maybe we need to use that features also for for for yeah he's talking what I don't know there's that. 1:27:53.750 --> 1:27:55.340 Jasmine Tang Don't cool, OK? 1:27:58.590 --> 1:28:4.350 Jasmine Tang But it looks like on the case right now it doesn't need to do that migration. 1:28:5.830 --> 1:28:7.200 Eric Wong But be to see to Kiko. 1:28:5.800 --> 1:28:10.630 Jasmine Tang Doesn't need to do uh, the the the. 1:28:10.950 --> 1:28:13.50 Jasmine Tang Let let's say example D1 way. 1:28:13.60 --> 1:28:15.970 Jasmine Tang Wanted to on board their existing user. 1:28:16.30 --> 1:28:16.730 Jasmine Tang What should we do? 1:28:16.800 --> 1:28:18.70 Jasmine Tang Do we need to do anything along? 1:28:18.640 --> 1:28:21.250 Jasmine Tang I think we need to think true about this new yourself need to worry. 1:28:21.260 --> 1:28:30.160 Jasmine Tang All these things should cover the new user on boarding, but the as they sing as they Singh user, I think we didn't write some step there to list down what should we do. 1:28:31.170 --> 1:28:33.270 Eric Wong But in particular, yes. 1:28:33.410 --> 1:28:37.390 Jasmine Tang About you'll do some other cannot, cannot like. 1:28:38.240 --> 1:28:41.340 Jasmine Tang Just remember we need to do some right on that. 1:28:42.840 --> 1:28:43.190 Eric Wong Umm. 1:28:51.320 --> 1:28:52.990 Jasmine Tang I just create one more. 1:28:53.160 --> 1:29:0.390 Jasmine Tang Office will show you forget on create one more road to mention about documentation on onboarding existing users. 1:29:0.750 --> 1:29:3.770 Jasmine Tang Migration in school out of bed. 1:29:4.190 --> 1:29:11.950 Jasmine Tang They will keep call on my talking about like the one way migrate to all zero off center me to have one for us should forget one. 1:29:12.180 --> 1:29:13.190 Jasmine Tang What are they using? 1:29:13.800 --> 1:29:14.840 Jasmine Tang They don't need to find out. 1:29:15.200 --> 1:29:22.180 Jasmine Tang I think the one where I think their own thing that their own, I think password normal password login on this thing. 1:29:22.250 --> 1:29:25.460 Jasmine Tang I don't think they use for external provider. 1:29:28.430 --> 1:29:31.0 Jasmine Tang It's all this one he got to you, alright? 1:29:31.10 --> 1:29:37.100 Jasmine Tang So only do that per product, like the one way or off central migrate to authentication right? 1:29:37.110 --> 1:29:39.360 Jasmine Tang There will be another migration scope. 1:29:39.370 --> 1:29:45.240 Jasmine Tang I think what we just need one right because based on what you have described being I think it looks like we just need to have one. 1:29:45.350 --> 1:29:47.620 Jasmine Tang No, no, no. 1:29:47.630 --> 1:29:49.580 Jasmine Tang I mean, do you Wong way? 1:29:49.730 --> 1:29:51.280 Jasmine Tang Let's say they do. 1:29:51.290 --> 1:29:51.540 Jasmine Tang You want. 1:29:51.550 --> 1:29:56.130 Jasmine Tang We have to do the assign, so I'm I I'm more worried about on our side. 1:29:56.140 --> 1:29:56.710 Jasmine Tang What should we do? 1:29:57.670 --> 1:29:59.140 Eric Wong This is more on you this thing right? 1:29:59.150 --> 1:29:59.720 Eric Wong I'm just. 1:29:59.810 --> 1:30:1.690 Eric Wong The one we're gonna be product instance, right? 1:30:2.740 --> 1:30:3.950 Eric Wong If that would come on but. 1:30:5.250 --> 1:30:16.940 Jasmine Tang OK, let's say it's on the the only way already have a tenant and have 1000 users they want to come to platform they want to integrate with platform. 1:30:18.270 --> 1:30:18.810 Jasmine Tang What did you do? 1:30:21.0 --> 1:30:21.310 Eric Wong Right. 1:30:21.360 --> 1:30:21.740 Jasmine Tang They should. 1:30:21.320 --> 1:30:32.620 Eric Wong So OK, when you say 11 tenant and 1000 user, I'm assuming that the one way is actually like art as a product and that source of truth is on their side. 1:30:32.710 --> 1:30:42.820 Eric Wong So now you wanna move the users onto platform and eventually somehow uh go in using odd zero as authentication provider. 1:30:43.180 --> 1:30:43.890 Eric Wong Is that what you're? 1:30:44.690 --> 1:30:48.140 Jasmine Tang Yeah, but then then what will be the steps to do they do? 1:30:48.150 --> 1:30:53.360 Jasmine Tang Do we let them to use the user import and work out metadata they need to fit in? 1:30:53.670 --> 1:30:57.120 Jasmine Tang How that trigger the reset password? 1:30:57.530 --> 1:31:4.700 Jasmine Tang There's another question so so I'm not sure if it looks like the reset password flag needed to appear in the user imports. 1:31:4.710 --> 1:31:5.160 Jasmine Tang All right. 1:31:5.350 --> 1:31:18.370 Jasmine Tang OK, if that's if if you have that, then if you how how we do right is beside the missing or cost, OK, don't don't say no then don't set first time you will be missing that then it will force them to reset. 1:31:20.160 --> 1:31:20.670 Jasmine Tang OK. 1:31:21.180 --> 1:31:25.250 Jasmine Tang Then then, then when you tell people all this stuff what to do, then people see. Really. 1:31:25.260 --> 1:31:26.870 Jasmine Tang OK, I want to do my. 1:31:26.880 --> 1:31:27.370 Jasmine Tang I don't. 1:31:27.380 --> 1:31:32.510 Jasmine Tang After we have some of this, they want to do a POC on the migration, then they will test it out. 1:31:32.560 --> 1:31:34.30 Jasmine Tang I think we need better. Nice it out. 1:31:34.40 --> 1:31:34.520 Jasmine Tang How we. 1:31:37.100 --> 1:31:43.410 Jasmine Tang Like the product, the one where they are not going to call the off 0 API directly like I don't think so. 1:31:43.420 --> 1:31:49.410 Jasmine Tang It's either the the tools that we develop or go through platform service using the user import. 1:31:50.710 --> 1:31:51.910 Jasmine Tang Do we need to develop the two? 1:31:56.430 --> 1:32:0.960 Jasmine Tang And all still too early to, I don't know. 1:32:1.30 --> 1:32:7.530 Jasmine Tang So you're saying that the only thing that we need to migrate is the user in the beginning? 1:32:7.540 --> 1:32:8.0 Jasmine Tang We migrate. 1:32:8.10 --> 1:32:10.670 Jasmine Tang The users are the the rest of the thing we we don't cover. 1:32:10.740 --> 1:32:15.40 Jasmine Tang We have to have the rest of the team radina like that. 1:32:15.500 --> 1:32:19.40 Jasmine Tang The application client, the connection and then umm. 1:32:20.340 --> 1:32:30.60 Jasmine Tang But I think what, what what I worry is that we need some documentation that after this like what should we do the bombard new user and assisting user. 1:32:33.510 --> 1:32:39.980 Jasmine Tang It looks like the user import me to improve a bit like you have a flat that do you want to reset password or not, right? 1:32:40.130 --> 1:32:44.700 Jasmine Tang Yeah, I think you have that recovery maybe put this together with the user singer. 1:32:44.760 --> 1:32:50.10 Jasmine Tang Then we got to have a separation that you cannot sing back the user again to the product because of the users. 1:32:50.20 --> 1:32:50.490 Jasmine Tang Are you there? 1:32:51.610 --> 1:32:55.250 Jasmine Tang So, but but on certain scenario you have to sing the user to the product. 1:32:56.50 --> 1:33:1.10 Jasmine Tang True, true, true, we we there's a few ways actually. 1:33:1.640 --> 1:33:3.400 Jasmine Tang Even if Singh back also. 1:33:5.470 --> 1:33:9.920 Jasmine Tang Also, also OK, I'm the only man. 1:33:10.250 --> 1:33:17.440 Jasmine Tang If you the if the user access down there, the solution is by creating the library that allow for that to plug in. 1:33:17.450 --> 1:33:20.700 Jasmine Tang I think we subscribe to the create user event. 1:33:20.710 --> 1:33:21.220 Jasmine Tang OK. 1:33:21.230 --> 1:33:23.340 Jasmine Tang Then then, then there will be OK. 1:33:23.350 --> 1:33:29.200 Jasmine Tang OK, so so this means that if the user import uh see the CSV file, we need to have two. 1:33:29.210 --> 1:33:35.220 Jasmine Tang That one fact is to reset password along the other one is a dual the sync back to the product alone, right? 1:33:35.490 --> 1:33:44.100 Jasmine Tang If you have that, then you you you were able to handle all scenario really new user also can handle uh isn't use. 1:33:44.110 --> 1:33:50.20 Jasmine Tang Also, can we we can we can make the reset password flat as like a optional. 1:33:50.110 --> 1:34:1.880 Jasmine Tang I think I think if we have that flag right, then when we do the like importing existing user then platform will have to make it as an update instead of yeah to create that. 1:34:3.930 --> 1:34:22.630 Jasmine Tang Uh, because I think we might need, you know, platform might we might have, uh like product instance ID, tenant ID which the product itself or you don't have they'll be if they say we want those in four to fall back to the products database then you will be an update. 1:34:22.640 --> 1:34:24.570 Jasmine Tang So maybe not. 1:34:24.920 --> 1:34:25.890 Jasmine Tang Maybe prefer one. 1:34:25.900 --> 1:34:32.840 Jasmine Tang Doesn't need to know platform, just do exactly, but the users need to know perform is the one that publishing to the call. 1:34:33.20 --> 1:34:35.870 Jasmine Tang I thought topic or update topics off. 1:34:35.960 --> 1:34:36.590 Jasmine Tang OK. 1:34:36.600 --> 1:34:37.410 Jasmine Tang OK, OK. 1:34:37.680 --> 1:34:38.980 Jasmine Tang I thought user Singh would do that. 1:34:38.990 --> 1:34:40.70 Jasmine Tang OK, then I agree with you. 1:34:40.120 --> 1:34:40.860 Jasmine Tang I think it makes sense. 1:34:40.870 --> 1:34:42.50 Jasmine Tang Maybe some handle that? 1:34:42.120 --> 1:34:45.950 Jasmine Tang So I think the the we, we don't have to build additional things. 1:34:46.160 --> 1:34:48.880 Jasmine Tang We should utilize the funny you say pot. 1:34:49.210 --> 1:34:49.960 Jasmine Tang Use the. 1:34:50.50 --> 1:34:51.140 Jasmine Tang Use the flag to control. 1:34:51.150 --> 1:34:58.590 Jasmine Tang So that's mean I I think the status scenario which should cover the new onboarding one, that's mean existing customer. 1:35:0.620 --> 1:35:3.250 Jasmine Tang Yeah, they only have to use the flat light. 1:35:3.260 --> 1:35:10.10 Jasmine Tang Do I need to sync the product and do I need to reset password because moving moving ahead in the future, right? 1:35:10.400 --> 1:35:12.450 Jasmine Tang We we don't want to be the other. 1:35:12.460 --> 1:35:13.970 Jasmine Tang The Bala we want to be the Bala. 1:35:14.100 --> 1:35:14.510 Jasmine Tang So. 1:35:14.520 --> 1:35:25.580 Jasmine Tang So this mean the scenario always handle for new onboarding user but specific flat control to manage the existing customer user. 1:35:27.550 --> 1:35:29.860 Jasmine Tang Maybe you don't need to build additional things around. 1:35:30.350 --> 1:35:41.20 Jasmine Tang If you color Newport preform already had these features like and he said password no we import that you but importing Sir and then if we import again the user is already existed. 1:35:41.630 --> 1:35:44.880 Jasmine Tang How will we handle, ignore or update any? 1:35:44.890 --> 1:35:49.300 Jasmine Tang Right now, we still proceed with the, but there's some updates and updates are updates. 1:35:49.390 --> 1:35:51.570 Jasmine Tang Is that yeah. 1:35:51.410 --> 1:35:52.920 Eric Wong Unless they protected right. Just mean. 1:35:52.930 --> 1:35:53.390 Eric Wong Is that right? 1:35:56.100 --> 1:36:3.60 Jasmine Tang That part I need to check and confirm, but I remember if lesson is the existing give it will proceed with the update defeated. 1:36:7.210 --> 1:36:7.450 Eric Wong OK. 1:36:3.70 --> 1:36:9.760 Jasmine Tang Yeah, input data is not not not the same as the one day being imported previously. 1:36:11.60 --> 1:36:11.370 Eric Wong OK. 1:36:10.550 --> 1:36:11.690 Jasmine Tang You ohh sorry to be. 1:36:11.730 --> 1:36:13.640 Jasmine Tang Yeah, but we we need to ask that question too. 1:36:13.650 --> 1:36:17.520 Jasmine Tang Do you only add the product if I update the user is view that trigger any other thing? 1:36:17.530 --> 1:36:26.30 Jasmine Tang Sometimes I might not know your triggers are email on the other side, so it's better to have a flat that control how we need. 1:36:27.780 --> 1:36:39.330 Jasmine Tang So example the the CSU import Excel spreadsheet, we need to have sounds like we need to have two more additional control flat one is do I need to sync back to product? 1:36:39.380 --> 1:36:44.270 Jasmine Tang I think we do have this facility, some problems should do something else, maybe with trigger event and then some. 1:36:44.280 --> 1:36:45.390 Jasmine Tang Something big will happen. 1:36:45.980 --> 1:36:53.890 Jasmine Tang The other thing is to reset password not OK let's say when the cloud operation they want to do migration on existing product. 1:36:54.180 --> 1:36:55.850 Jasmine Tang You can set the user you want to migrate. 1:36:55.860 --> 1:36:58.170 Jasmine Tang Important to iPhone, but you have a flag to control. 1:37:0.340 --> 1:37:10.140 Jasmine Tang For species to understand better product, not one that's been 10 then the one, then the other face to refund to reset password or not. 1:37:10.630 --> 1:37:13.30 Jasmine Tang Then from there we can, I think we can control better. 1:37:17.780 --> 1:37:23.50 Jasmine Tang To all these control flat is sick in whitefish and should be in the special. 1:37:23.170 --> 1:37:25.720 Jasmine Tang How are you placing some product? 1:37:25.870 --> 1:37:27.20 Jasmine Tang Some product don't need that. 1:37:27.70 --> 1:37:37.760 Jasmine Tang Then you can control for them, but you won't import user ones on here for dependable products, no import you so sure importer then one it wouldn't. 1:37:37.770 --> 1:37:39.320 Jasmine Tang It wouldn't be for that one. 1:37:39.450 --> 1:37:45.860 Jasmine Tang It would be for that one because some product, some some, some user, they don't, they they haven't removed migrate. 1:37:45.870 --> 1:37:52.290 Jasmine Tang Everything will be one by one, one month it will be Best Buy best one if you need to inform before we migrate them to Irma. 1:37:52.790 --> 1:38:3.720 Jasmine Tang Uh, some support team or a comment also have to inform that we migrate you to this sauce platform and he will trigger reset password. 1:38:3.730 --> 1:38:11.940 Jasmine Tang He definitely need to do organization and batch, but organizations are, but then they say this group of users have access to this product. 1:38:12.550 --> 1:38:17.0 Jasmine Tang The other group user have access to the the other, another one that had a molex. 1:38:18.30 --> 1:38:24.220 Jasmine Tang Then you need that to some need to sing that someone need to sing that because they're going to abort product by product. 1:38:24.230 --> 1:38:28.710 Jasmine Tang You won't go like suddenly on my bike went two products together. 1:38:30.720 --> 1:38:32.330 Jasmine Tang It was like a thing on how to. 1:38:32.920 --> 1:38:33.790 Jasmine Tang Yeah, you're right. 1:38:33.800 --> 1:38:41.50 Jasmine Tang Because they could be too product 2 product, they could be a product that could be much cheaper. 1:38:41.60 --> 1:38:45.840 Jasmine Tang Couple user or could be some user that is already have common access to both products. 1:38:47.110 --> 1:38:51.550 Jasmine Tang Hopefully our side, we just we just see issues, Sir. 1:38:52.810 --> 1:38:54.860 Jasmine Tang We will sing to, to product. 1:38:55.840 --> 1:38:58.790 Eric Wong At the moment in the BAU happened. 1:38:58.800 --> 1:39:4.210 Eric Wong Is each user will have details of the product instances it has. 1:39:4.650 --> 1:39:15.210 Eric Wong It has access to and I think beta based on that there is active or inactive or something like that to determine whether anything about this user need to sync back to that product instance or not. 1:39:16.630 --> 1:39:27.250 Jasmine Tang And yeah, maybe, maybe, maybe you need to think about the scenario where we, I think the most complicated case are is like at least you have two product and how do we do it? 1:39:30.590 --> 1:39:32.960 Jasmine Tang Actually I'm not sure up. 1:39:32.970 --> 1:39:34.60 Jasmine Tang You can come here. 1:39:34.300 --> 1:39:34.900 Jasmine Tang You can be here. 1:39:36.900 --> 1:39:38.20 Jasmine Tang Can be a multiple. 1:39:39.810 --> 1:39:50.480 Jasmine Tang Beat wise, where you or something that reset password for user might not problem 01 by another column is like you can determine which product you want to sing. 1:39:51.350 --> 1:39:55.190 Jasmine Tang All or one if the field is a bit wise then you can enter it. 1:39:55.200 --> 1:40:6.780 Jasmine Tang Yeah, one one or three then this mean, you know which product on the same design that do we need to handle for that also as another question you be be wise you can good enough. 1:40:13.0 --> 1:40:13.410 Jasmine Tang Easier. 1:40:15.530 --> 1:40:19.20 Jasmine Tang No, that migration everything here it's not only migration though. 1:40:19.350 --> 1:40:20.160 Jasmine Tang OK, OK. 1:40:20.170 --> 1:40:21.960 Jasmine Tang Ping things are all your concern is about like. 1:40:21.970 --> 1:40:22.240 Jasmine Tang OK. 1:40:22.280 --> 1:40:29.320 Jasmine Tang OK, maybe one to sync to the one way, but the one to sync the web Sentral right something OK you use speed wise then you can do really. 1:40:33.380 --> 1:40:38.460 Jasmine Tang Just thinking how how the process is going to work, are they say how we do right effectively go for the? 1:40:41.270 --> 1:40:49.800 Jasmine Tang The library method that they missed we we develop a library that those products can plug in which it will subscribe the event, right? 1:40:49.810 --> 1:40:54.550 Jasmine Tang So let's say we onboard, we we uh, my great 31 way first. 1:40:55.170 --> 1:41:5.660 Jasmine Tang Then during the time we use the user import features and then platform service will create the events use either update user email or create user event. 1:41:6.210 --> 1:41:7.690 Jasmine Tang Then people will subscribe. 1:41:8.70 --> 1:41:13.270 Jasmine Tang Then after that, when we, uh on, but let's say off central. 1:41:15.390 --> 1:41:20.170 Jasmine Tang Because to reimport the user and this user when very import right? 1:41:20.520 --> 1:41:27.300 Jasmine Tang Some might be like overlap with the existing user that I I think it's almost off center as a second product. 1:41:27.340 --> 1:41:30.220 Jasmine Tang I think we need a features in the platform to set. 1:41:30.260 --> 1:41:34.550 Jasmine Tang OK, I want this file user to people of Central Dan. 1:41:34.630 --> 1:41:38.950 Jasmine Tang Something should trigger the the the the users. 1:41:39.390 --> 1:41:40.160 Jasmine Tang I feel they will. 1:41:40.330 --> 1:41:51.750 Jasmine Tang I I I Eric, if I say 1 user have access to two products like are we going to create two different events or create 1 events? 1:41:53.580 --> 1:41:55.300 Eric Wong At the moment it will be 1 event. 1:41:56.510 --> 1:42:1.10 Jasmine Tang One event then in that event will show like this user have access to which products are. 1:42:1.710 --> 1:42:4.960 Eric Wong Uh, I believe yes, that will be. 1:42:6.810 --> 1:42:13.790 Eric Wong If I remember correct, that would be separate event that is more linking about which user to which product instance. Umm. 1:42:13.950 --> 1:42:14.920 Jasmine Tang But they're still OK. 1:42:15.150 --> 1:42:17.270 Jasmine Tang OK, at least you had this information. 1:42:17.450 --> 1:42:18.530 Jasmine Tang Better than don't have no. 1:42:19.920 --> 1:42:24.430 Eric Wong I don't recall in uh user event actually has product instances. 1:42:24.440 --> 1:42:24.880 Eric Wong I'm not sure. 1:42:24.890 --> 1:42:41.710 Eric Wong I don't think so, but I do know that if you link a user to a product instance or remove a user from to a product instance, that will be an event and by default now when the new user on board, if there's existing product instances, that user will automatically on board with this. 1:42:43.650 --> 1:42:45.190 Eric Wong Linked to this, uh, product instances. 1:42:48.680 --> 1:42:55.980 Jasmine Tang But how we notify the product that they go to either updates or create the user, right? 1:42:57.950 --> 1:42:59.30 Jasmine Tang Oops there I think. 1:42:58.120 --> 1:43:5.290 Eric Wong Is it when when we create a new user there would be a user event fire into product that already link right? 1:43:5.700 --> 1:43:21.80 Eric Wong So and then if when you link a product, there will be already be considered have this product as a product instances in in the particular tenant and when we onboard a new user, the user will be automatically linked into existing product instances. 1:43:21.90 --> 1:43:31.980 Eric Wong So there will be another event fire saying that this user is linking to these product instances, so there will be 2 events, minimally 2 events. 1:43:35.130 --> 1:43:35.320 Jasmine Tang Like. 1:43:34.700 --> 1:43:39.80 Eric Wong One is the user created into the system and another one is the user is linked to these product instances. 1:43:40.10 --> 1:43:42.920 Jasmine Tang I can see there will be issues are like in platform. 1:43:42.930 --> 1:43:58.830 Jasmine Tang You will have a record saying that this user have access to this problem, but then because the product is not, I subscribe to the events, so the user will be missing from the from the from the other database. 1:44:0.60 --> 1:44:5.400 Eric Wong Yeah, so so at least, OK, at least if you look at the scope of art, right, they need to listen to the event. 1:44:7.180 --> 1:44:9.680 Eric Wong So those products that integrate just need to listen to the events. 1:44:10.480 --> 1:44:14.270 Jasmine Tang Yeah, but but then you see, yeah, let's say come first, then up. 1:44:16.20 --> 1:44:17.830 Eric Wong Mm-hmm. Umm. 1:44:14.280 --> 1:44:18.390 Jasmine Tang Already got the data, then the one will come next, so you won't. 1:44:18.540 --> 1:44:25.640 Jasmine Tang You will not publish the to create the same user again, so the one way we don't know that this user need to be added. 1:44:27.280 --> 1:44:28.290 Eric Wong Uh. 1:44:30.540 --> 1:44:32.980 Eric Wong That's where we talk about the two way Singh rate. 1:44:33.380 --> 1:44:35.230 Eric Wong Previously, I'm not sure what the yeah. 1:44:33.870 --> 1:44:36.790 Jasmine Tang Ah, but I think so. 1:44:36.920 --> 1:44:38.130 Jasmine Tang We will go one way, right? 1:44:38.300 --> 1:44:38.630 Jasmine Tang Yeah. 1:44:39.680 --> 1:44:42.70 Jasmine Tang Yeah, but he's OK. 1:44:42.290 --> 1:44:44.660 Jasmine Tang This one can, yes. 1:44:44.20 --> 1:44:46.830 Eric Wong This one is more more this one is more about thinking user. 1:44:46.840 --> 1:44:49.630 Eric Wong I mean this is more for the more for the initial stage, right? 1:44:50.260 --> 1:44:50.520 Jasmine Tang So. 1:44:50.160 --> 1:44:58.960 Eric Wong But in terms of linking to the to the product itself, so the instances are already there and the user not created, then we have to link it manually. 1:44:58.970 --> 1:45:4.650 Eric Wong So meaning to say if a product instance is created after the users, the link, you have to be done individually. 1:45:7.850 --> 1:45:9.50 Eric Wong Then there will be an event as well. 1:45:6.630 --> 1:45:11.320 Jasmine Tang Uh, listen, then you take the accusation. 1:45:12.340 --> 1:45:12.480 Eric Wong Uh. 1:45:11.330 --> 1:45:15.630 Jasmine Tang Example AQ pulse are for it to do the authorization partner. 1:45:16.160 --> 1:45:16.380 Eric Wong Mm-hmm. 1:45:16.40 --> 1:45:17.600 Jasmine Tang That means authentication done really. 1:45:21.840 --> 1:45:22.30 Eric Wong Mm-hmm. 1:45:25.690 --> 1:45:25.900 Eric Wong Yes. 1:45:28.110 --> 1:45:28.470 Eric Wong Uh-huh. 1:45:17.610 --> 1:45:28.820 Jasmine Tang Then you need to check this user have access to what module, what features E they got to have the user in their own database, storing whatever Keepass is needed that so. 1:45:37.520 --> 1:45:37.660 Eric Wong Yes. 1:45:29.270 --> 1:45:43.50 Jasmine Tang So what I mean is, uh, if the by the time the point that has been on boarded the user is already exists in platform then you will you will not create the you will not publish a create user event again. 1:45:44.110 --> 1:45:44.750 Eric Wong Yes, correct. 1:45:43.660 --> 1:45:48.160 Jasmine Tang Then that keeplist upright, so it will be missing in their own database. 1:45:49.590 --> 1:45:50.280 Eric Wong Yes, correct. 1:45:57.810 --> 1:45:58.520 Jasmine Tang Yes, yes. 1:45:50.290 --> 1:45:58.970 Eric Wong So in that sense, it's what I'm saying when it comes to newly on board product, right, then something needs to be done on the user sync part, yeah. 1:45:58.890 --> 1:46:0.60 Jasmine Tang Yeah, yeah. 1:46:3.930 --> 1:46:4.500 Jasmine Tang Open. 1:46:4.510 --> 1:46:8.160 Jasmine Tang Probably we need to like reimport the user again, then perform we have to fill. 1:46:8.270 --> 1:46:11.570 Eric Wong And we could always we could always. 1:46:11.580 --> 1:46:12.30 Eric Wong I don't know. 1:46:12.40 --> 1:46:21.700 Eric Wong I mean on top of my head, we could always create create a specific endpoint or a feature to just say OK we publish selected user to this particular product instance. 1:46:22.490 --> 1:46:23.330 Jasmine Tang Not yet, yeah. 1:46:24.410 --> 1:46:29.580 Eric Wong Then we just republished the events and of course all this event will be published into the topic. 1:46:29.860 --> 1:46:36.740 Eric Wong If anyone subscribed to the topic, they would receive it, so it's also up to them how they want to see whether they want to hand. 1:46:36.750 --> 1:46:45.170 Eric Wong I mean, they want to do something about the event or not and that's where the so called product instance ID and so on tenant ID comes in place. 1:46:49.610 --> 1:46:50.40 Jasmine Tang Yeah. OK. 1:46:49.450 --> 1:46:58.560 Eric Wong But again, up we'll get the same same same event, but if they want to, you know, even though if there is not, there are art product instance and then they wanna do something about it, then that's up to them, right? 1:46:58.790 --> 1:46:59.420 Eric Wong That's what I'm saying. 1:47:1.320 --> 1:47:1.680 Jasmine Tang But for. 1:47:1.0 --> 1:47:6.540 Eric Wong So we can have a feature to actually republish to a specific tenant product instance, I would say. 1:47:8.640 --> 1:47:22.130 Jasmine Tang If you do that, I think you better notify all the products that because they I don't think they will expect that you will be republishing the events 2 times are without the application is already handled for that or not. Uh. 1:47:24.10 --> 1:47:26.50 Eric Wong Or another way is. 1:47:30.130 --> 1:47:33.820 Eric Wong Yet to find some interfacing to to their product in a way, yeah. 1:47:34.740 --> 1:47:34.910 Jasmine Tang So. 1:47:34.230 --> 1:47:38.340 Eric Wong But now we are just talking solely about eventing, but it could be some other thing. 1:47:38.350 --> 1:47:38.820 Eric Wong I'm not sure. 1:47:38.830 --> 1:47:41.200 Eric Wong Yeah, that's the gap there. 1:47:41.270 --> 1:47:42.430 Eric Wong I agree that's a gap there. 1:47:46.880 --> 1:47:47.0 Eric Wong Yeah. 1:47:44.100 --> 1:47:49.570 Jasmine Tang Yeah, something that we need to think about, we put the whole thing to actually, should I? 1:47:49.580 --> 1:47:57.450 Jasmine Tang I'm not sure how I feel like when triggered the event for users should inside the same vent should know the user belongs to what product. 1:47:57.510 --> 1:47:59.50 Jasmine Tang That easy, ready for users thing. 1:47:58.350 --> 1:48:3.320 Eric Wong There is there is as far as I remember, there's always tenant ID and product instance ID. 1:48:4.440 --> 1:48:6.330 Jasmine Tang And then then should be good enough for. 1:48:6.380 --> 1:48:11.240 Jasmine Tang Maybe it's is we need to link back to user sync discussion in the Supreme Court. 1:48:12.740 --> 1:48:16.940 Jasmine Tang The user Sin must know where is the user belongs to. 1:48:27.860 --> 1:48:35.70 Jasmine Tang Two regarding this now the the JK mentioned about the migration things, what do we need to specifically put thing? 1:48:36.250 --> 1:49:9.830 Jasmine Tang I think you have to inform the some of the suggestion that maybe he thinks he's going to feel like we just make our of a workflow flexy birth or difference in area not and show show show you be some cases like big, big, mentioned one and due to certain reason on boarding existing user cannot sync to certain product due to some reason but some product OK and because certain product might have their own logic and then something when you when under the user something figure at the end and do something really. 1:49:9.840 --> 1:49:16.540 Jasmine Tang So we need to be more careful as long as we have the flexibility, then we can entirely cover majority of the cases. 1:49:17.560 --> 1:49:28.890 Jasmine Tang The the scenario where we need to migrate this type is is the product is using their own database not using any of the external IDP external IDP. 1:49:28.900 --> 1:49:30.460 Jasmine Tang We can just set up the external IDP. 1:49:30.470 --> 1:49:31.630 Jasmine Tang We don't have to do migration. 1:49:34.450 --> 1:49:34.760 Jasmine Tang Uh. 1:49:34.770 --> 1:49:36.810 Jasmine Tang True, you may SSO one. 1:49:38.50 --> 1:49:43.440 Jasmine Tang They say they are using Azure but they are not using like that. 1:49:43.450 --> 1:49:44.210 Jasmine Tang The external IDP. 1:49:44.220 --> 1:49:46.420 Jasmine Tang Then he could wait on it. 1:49:46.890 --> 1:49:55.920 Jasmine Tang But when we want to integrate, we just set up the SSO so that they don't have to do user didn't reset password, no need for external SSO. 1:49:55.980 --> 1:49:59.370 Jasmine Tang We can do it and I cannot but but but. 1:49:59.610 --> 1:50:10.30 Jasmine Tang But the thing to which products still under our control right now, the the migration thing that you mentioned is now is for the scenario where they manage their own database, they don't use anything. 1:50:10.990 --> 1:50:12.720 Jasmine Tang It seems that they are quite lost scenario. 1:50:12.730 --> 1:50:13.660 Jasmine Tang We need some, right? 1:50:13.760 --> 1:50:15.440 Jasmine Tang Yeah, because we need to say that. 1:50:15.450 --> 1:50:20.320 Jasmine Tang OK, what is the user journey for user that under IDP one? 1:50:20.830 --> 1:50:30.590 Jasmine Tang Once the user journey under zero negative during the migration process, I am saying everything so we need to write down so then we can see the whole thing in the big picture. 1:50:30.600 --> 1:50:34.280 Jasmine Tang Right now, it's like, hey, we wanna have their own technology and then we are talking around. 1:50:34.290 --> 1:50:35.360 Jasmine Tang So it could be very good. 1:50:37.220 --> 1:50:38.290 Jasmine Tang I guess it turns out. 1:50:38.300 --> 1:50:38.890 Jasmine Tang Thank you. 1:50:39.200 --> 1:50:39.930 Jasmine Tang The babysitter. 1:50:39.980 --> 1:50:40.400 Jasmine Tang But then? 1:50:42.610 --> 1:50:47.570 Jasmine Tang E It's more user journey of the users have the the user journey of the scenario. 1:50:50.240 --> 1:50:50.800 Jasmine Tang So let's see. 1:50:52.750 --> 1:50:58.660 Jasmine Tang I think it's gonna mention he called for the SSO and native Port 0 so. 1:51:0.970 --> 1:51:10.50 Jasmine Tang I think the terminology that you use external the external IDP mean SSO for the corporate. 1:51:11.920 --> 1:51:17.350 Jasmine Tang The Azure of time OK, this means the corporate already had their own assessor E, right? 1:51:17.940 --> 1:51:19.640 Jasmine Tang Yeah, on directory. 1:51:22.410 --> 1:51:26.610 Jasmine Tang That that is standard either or IDC or several. 1:51:27.970 --> 1:51:31.60 Jasmine Tang I 0 support more than that actually, but. 1:51:33.140 --> 1:51:37.650 Jasmine Tang Getting majority are in hydrogen engine ID a 1890% several tour. 1:51:39.360 --> 1:51:40.970 Jasmine Tang Umm, it's OK. 1:51:41.20 --> 1:51:44.10 Jasmine Tang This is more to testing purposes. 1:51:44.520 --> 1:52:2.50 Jasmine Tang The user journey needs some right now, like uh onboarding assisting customer with SSO onboarding, assisting customers, customer with native Fox 0 on building new user on boarding user with multiple product with a few disconfirmation where we have that. 1:52:2.60 --> 1:52:3.30 Jasmine Tang Then you know what to do. 1:52:3.450 --> 1:52:6.880 Jasmine Tang Holding for new is covered the other side already. 1:52:6.890 --> 1:52:10.290 Jasmine Tang Man, that's how we have the user import, but we need we write down. 1:52:10.300 --> 1:52:11.860 Jasmine Tang You write down things that we need to. 1:52:13.960 --> 1:52:16.220 Jasmine Tang Is this sessions is small for the migration now? 1:52:16.970 --> 1:52:18.610 Jasmine Tang The accessing assisting 1. 1:52:20.810 --> 1:52:29.420 Jasmine Tang Almost daily, that mostly the scenario where you will deploy user to two different product will happen in either one of the user journey because it's a combination month. 1:52:29.750 --> 1:52:36.350 Jasmine Tang So that's mean, naturally you will have, like pull up five to six different scenario. 1:52:37.560 --> 1:52:38.380 Jasmine Tang He sounds very important. 1:52:39.790 --> 1:52:41.880 Jasmine Tang If this didn't change the score Honolulu. 1:52:44.970 --> 1:52:47.200 Jasmine Tang And once we had no these are then we know what to do really. 1:52:59.100 --> 1:53:3.570 Jasmine Tang But maybe the user journey we we leave it to keep to do some right online. 1:53:3.580 --> 1:53:5.250 Jasmine Tang I think we need to make some decision. 1:53:7.970 --> 1:53:13.960 Jasmine Tang So it looks like there by 5:00 to 6:00 condition, then yeah, like something like that. 1:53:13.970 --> 1:53:17.950 Jasmine Tang The corporate complete on boarding with new SSO. 1:53:19.330 --> 1:53:20.610 Jasmine Tang I'll bet on boarding weed. 1:53:21.930 --> 1:53:27.760 Jasmine Tang Uh native possible corporate on boarding with multiple product. 1:53:29.710 --> 1:53:30.230 Jasmine Tang And then also. 1:53:31.870 --> 1:53:37.200 Jasmine Tang Company migrating assisting of the Asia. 1:53:37.340 --> 1:53:42.600 Jasmine Tang If you think of, but I think if you get up together permutation looks like we have like 6 scenario. 1:53:46.410 --> 1:53:52.910 Jasmine Tang And I think once we have that, then we we we we looked at the whole thing again and see do we miss out anything? 1:54:4.360 --> 1:54:10.810 Jasmine Tang To adapt to here to kinda reflect the little bit on the platform side to store and show you line. 1:54:11.380 --> 1:54:14.940 Jasmine Tang So the use the UI part in this one. 1:54:15.840 --> 1:54:16.910 Jasmine Tang Need a separate discussion? 1:54:16.920 --> 1:54:23.150 Jasmine Tang We give a direct, but I think we can consolidate all the UI related uh stocking. 1:54:23.160 --> 1:54:30.890 Jasmine Tang One call we do it and this one I think just now you mentioned is for the Incognito scope, right? 1:54:30.900 --> 1:54:35.40 Jasmine Tang So I read the card Ping and ohh this button. 1:54:35.230 --> 1:54:35.830 Jasmine Tang What baby? 1:54:36.30 --> 1:54:39.320 Jasmine Tang So they don't confuse confusion on the user pool. 1:54:39.940 --> 1:54:40.320 Jasmine Tang Delete that. 1:54:44.330 --> 1:54:46.430 Jasmine Tang OK and. 1:54:50.100 --> 1:54:56.160 Jasmine Tang So the bug report I think is one is specifically for all zero and bedded features. 1:54:56.450 --> 1:55:20.740 Jasmine Tang So currently the decision is set as no first but some of the scope of here later will be moved to a separate column which is as part of the enhancement on platform services current dot import People functions alright and there will be a separate section that contact by Bing Bing to go through the user journey. 1:55:20.750 --> 1:55:27.150 Jasmine Tang Difference between people and all zero and this one is aligned. 1:55:27.160 --> 1:55:38.150 Jasmine Tang That will be part of the MVP and I think on the US copy will be further aligned with Keith and also Duraid, right. 1:55:38.160 --> 1:55:48.290 Jasmine Tang So organization and data based creation currently parked as to be confirmed 1st and separate discussion and confirmation would be conducted with Duraid. 1:55:49.480 --> 1:56:6.700 Jasmine Tang And I think this one uh, I just setting a topic mobile, but I know just now I think this is something that we need and I think this one involved two part that I think one of the part is that there will be a further conversation with you. 1:56:7.520 --> 1:56:22.870 Jasmine Tang Uh, there is per product instances or per product, but I think based on the discussion today it is more you know more leaning to the area of product census and separately UI scope. 1:56:22.880 --> 1:56:47.610 Jasmine Tang I didn't cover part of the discussion with ease, and so all the UI related I will sync up with during active on set it any questions before we wrap up today and also for this migration just now as part of the Ohh additional scope that we discussed. 1:56:47.620 --> 1:57:4.680 Jasmine Tang I think I just put it here and then later I will try to compile the some of the error that just does not JK mentioned and then we go through again and see whether we miss out anything on the on the area or the use case that may not just have to go. 1:57:4.690 --> 1:57:6.260 Jasmine Tang I mean for performance I can understand. 1:57:6.270 --> 1:57:8.970 Jasmine Tang I think we need to go through with the cipher group again because. 1:57:10.180 --> 1:57:16.670 Jasmine Tang Ohh user seeing people who work on user Singh need to understand the whole thing because these are all together. 1:57:16.680 --> 1:57:18.960 Jasmine Tang That's that's not the whole project is together on. 1:57:27.270 --> 1:57:27.940 Jasmine Tang Thank you. 1:57:28.10 --> 1:57:29.120 Jasmine Tang Thinking along. 1:57:29.580 --> 1:57:30.870 Jasmine Tang Thank you, Eric. 1:57:31.930 --> 1:57:32.370 Eric Wong Right. Thanks. Extract all the main points of the meeting based on the transcript above. Re-read the transcript twice and amend your answers before you give out your final answers.

question:Go thru your answers and re-read the transcript again to find out if any points were missed. Add any points missed and re-write your answers in more details.

question:香港創新科技署擬於明年 12 月舉辦全港學生創意手機應用程式設計比賽，藉此激發學生對設計手機應用程式的興趣。假設你們負責該項活動，試撰寫一份計劃書向上司交代整個計劃。計畫書內容包括： 1. 時間(01/01/2025-30/05/2025: 比赛正式开始，截止报名申请；竞赛记者发布会 01/06/2025-31/08/2023: 联络相关专业，联络相关专业大学学生并分组 01/09/2025-30/10/2025: 初赛参赛作品提交，参赛组提交独立完成作品；与大学生组别配对 01/11/2025-30/11/2025: 预备后期评审工作，联络展演场馆，做详细方案；将初版作品提交至评委组 01/12/2025: 决赛参赛小组通知，参赛组别提交完善后的作品完整版本 02/12/2025-17/12/2025: 决赛参赛者准备，入围决赛参赛者自行准备 17/12/2025-20/12/2025: 决赛分组现场比拼 20/12/2025: 公布比赛结果；联络获奖队伍 21/12/2025: 准备展演，为获奖队伍展演提供帮助；展演场馆布置 24/12/2025 比赛展演，获奖队伍作品展示，颁发奖项奖品。 決賽: 15/12/2025-20/12/2025，每日具體時間: 10:00-16:00) 2. 地點(香港創新科技署) 3. 參賽資格 (人數/對象: 分為小學生、中學生包括初中生和高中生三個組別) 4. 報名方式 (報名日: 1/1/2025-1/6/2025，具體方式) 5. 比賽方式(比賽項目，具體比賽內容，具體安排) 6. 競賽流程(表格詳細說明每日流程，包括具體賽前安排及準備) 7. 評分標準(詳細標準) 8. 評審：教授、業界專業人士（設計、電腦科學、商業界…） 9. 獎勵方式（獎勵：表揚:優秀作品構想作為藍本，與合作公司實現出來，向全港市民宣傳科技署及其工作）頒獎典禮（人數/對象: 家長、老師、校長，在學校推動，頒獎、演講，具體安排) 你負責寫1-9項，寫1500字。

question:要詳細一點