Internal Use Use Case JAYANDRA Infra (JI) is operating in Andhra Pradesh and Telangana which has 100 Serviced Apartments across Telangana and Andhrapradesh. All service apartments will provide free breakfast for all tenants. Safety& Security, Cleanliness and Food Quality are important for all its customers. J Telangan region is managed by Ram who is experienced with Hotel Management with limited IT knowledge. In Telangana region, JI has properties in Hyderabad, Warangal, Khammam, and Karimnagar. Hyderabad properties are managed by Raju, Khamman properties are managed by Shiva. JI has 100 employees including 20 managers. Each Manager manages at least 5 employees and an employee can report to two managers in different properties. JI uses Microsoft Azure AD and Office 365 for communicating with all the employees and to manage their work. All these employees make regular visits to the properties and fill the checklists and report to their managers. Ram was approached by GoAudits sales team and convinced him to try GoAudits. Step 1: Ram registered with GoAudits using the Signup Form from GoAudits. Solution: 1. Get the details of Ram and store them in User registrations collection in MongoDB a. User Details b. Authentication details c. Privacy Details d. Fingerprints e. Location f. Account Details (Account ProfileID) 2. Ram will be sent an email for verification and store this information in Registration_Confirmations collection a. UserRegistrationID b. Confirmation code : Email , Telephone c. Status (Sent / Verified) d. Expiry Date of the Code 3. Email confirmation a. Ram clicked the confirmation link and verified . i. The document with Registration confirmation code will get updated with the status - verified b. Ram forgot to confirm within the time i. GoAudits app will send information to Sales to follow up c. Ram confirmed more than twice i. GoAudits app will reject the second time 4. Email confirmed successfully a. Account profile will get created with Default name of the Account (which will be decided by GoAudits Business owners – Example: Ram_Company like that) i. Account Name Internal Use ii. Account ID iii. The remaining required details will be decided by GoAudits team b. User profile will get created with the details from the Registration i. User will be allocated one ID (ProfileID) ii. User Profile will have details about the Account. User can be part of multiple accounts so User profile contains an array of accounts. iii. As the user Ram subscribed on behalf of his company first time, he will be allocated DB based Authentication. Authentication Type should be part of the User Profile. He can have multiple types of authentications so User profile contains list of authentication types : DB, LDAP,SAML,AzureAD, Google Workspace, ADFS etc. c. User Authentication details will be added to User Authentication Tables in the Admin Database 5. Ram would like to give all employees access to GoAudits App. He want the onboarding process simple and straightforward. As his employees are using MicrosoftAccounts with the jayendrainfra.com domain emails and credentials( which are used for using office 365 and azure), he wants to make his employees to use the jayandra infra credentials and don’t want to create new credentials for GoAudits. a. Ram will login into the GoAudits Admin portal and enable External Authentication for his Account i. GoAudits will provide information to create a connection from GoAudits to Jayandrainfra Azure Active Directory 1. Typical information needed: a. Azure AD connection string ii. Solution 1: Using Mini Orange 1. The configuration details will be passed to MiniOrange and get the details (clientid etc.) 2. ClientID is saved in the Database (MiniOrangeAuth table) with the Url to connect to MIniOrange (which will take care of Authentication through Jayendra Infra Azure AD) 3. Option 1: GoAudits Users Module will provide functionality to add users. Ram will add Shankar as a user (selecting Azure AD as authentication) and invite him to GoAudits. GoAudits will fire and email with invitation link. As soon as Shankar click the link, It will ask to activate account by login to the system. Azure AD Authentication fires up and authenticate shankar and provide his details. GoAudits add a license to Shankar if Licenses are available. If not, it will through an exception (Licenses are not available) 4. Option 2: Ram sent an email to Shankar with the link to login to GoAudits. Shankar logs in with AzureAD credentials. As soon as Shankar add shankar@jayendrainfra.com , GoAudits application determines domain and links to jayendrainfra miniorange Azure AD authentication (the link saved in step 2 ). Mini Orange Azure AD plugin will take care of Authentication and gives back response the the return url of GoAudits. GoAudits will check if the shankar@jayendrainfra.com is available in the system linked with the JayendraInfra account. Internal Use a. If shankar is not there in the system, it creates shankar profile in the userpofile collection with authentication type : Azure AD. It also saves Shakar user name in User table (Auth.User_External) with Authentication type Azure AD with the details same as Auth.User table. It also add logs in failed logins , login history table etc. b. If shankar is in the system with Azure AD authentication type , linked the JI. Logs into authentication log table (if failed, add to failed logins table . All logins must be added to login history) c. If shankar is in the system with other than Azure AD authentication, adds Azure AD as authentication type in his profile in MongoDB. In SQL DB, Saves in it the user table same as above (a). 6. Solution 2: With GoAudits SSO App a. Similar to MiniOrange but there will not be any mini orange urls as there is no need to connect to Mini orange b. Configuration details will be saved in Connectors collection i. AccountID ii. Connector details: type azure ad and document specifying azure ad details 7.