 Let's start today. Thanks, everyone, for joining to this session. What we want to see today is what is hosted logging. I don't know if you are familiar with hosted logins. I don't know if some one of you had fight with the logging process in Drupal. You know how hard is customize something in Drupal about the login page, the login form, and it's even the user journey. So today I'm going to show you an easy ways with no code, with no implementation, nothing you have to do. Just click in buttons. This is something that we like. But before I introduce myself, this is me in the top bit. That's me, my lovely dog, my lovely daughter, and also my wife. Some people say that the picture on the top is Photoshop. That's not true. That's me. I'm a system lead working and also software architect working in Omega. But as my client, the client I'm working is actually in the same. This is one of the big companies, pharma companies in the world. We're in the top three, top five, the pen of the year. And we are a massive company. I'm coming from Barcelona. I'm living there actually. I'm over 10 years working in Drupal. Actually, I met 10 years this year. I like to ride in bicycle. I give you some links if you want to find me out. The LinkedIn, the Drupal profile, and also the Omega my company, who is sponsoring my co-op. I'm also the president. Something I didn't say today, I'm 38. Keep that in mind. I'm also the president of Drupal Eros. This is a Spanish-speaking community that we have around the world. Our objective is get some new people to Drupal. That's something hard. We have a lot of initiatives. If you want to join, if you want to come even to our sessions that we have, we're doing Spanish. But if you want to learn Drupal and learn Spanish, you can even, Joe, we actually help people also to join. I'll give you the links for all of this. If you want to sponsorize us, also come to me after. And I'll tell you how to do it. Also, yesterday, we created a new Slack channel in Drupal. If you want to join, this is the more global one, not Spanish. This is for all the people in Drupal, to try to get some new blood. So if you want to help us to bring some new people to the Drupal community, join to that Slack. And we can work this year and the rest. So let's see. What is it? I'm 38. Because tomorrow is my birthday. Yes, yes. Instead of being with my family, instead of being with my family, I'm with my older family. So it's very nice. So if you see me around, wish me birthday, OK? Let's say, what we're going to see today. I'm going to introduce you what this identity means, OK? What hosted logging means. I'm going to show you how easy it's implemented, the bands and filter that we have using hosted logging, and what's the filter. You're going to enjoy that, believe me. If you don't know what is that, you want to love it. Identity. One of the big deals that we have on the internet is what identity means, OK? So if I ask you guys, I'm sure I'm going to get different answers for all of you. Because identity is something that is not well defined on the internet. We don't have a clear, let's say, definition on the internet about what identity means. And it's something complex, OK? If I ask, for example, just to give you some examples, for instance, if I ask to bank account IT, that guy is going to tell me that identity means the bank account name. If I ask a phone company, the identity will be based on the phone name of the user. So it's very different things, and it's super complex to know. For example, for us, the pharma companies, the identity is based on the national document, doctor document that all the doctors have seen around the world. So for us, the identity is based on that number. So it's super hard across the companies, the business, to find what identity means. But we found this on Wikipedia, and we love it. We actually tried to, not for this slide, because I'm doing this session for another technologies. And it was hard the first time to define what actually means the identity, identity. What actually means? So we found that in Wikipedia, we love it, and we split the world. So identity is an information that the computer, the system computer use to represent an external agent. Maybe it doesn't say anything to you, but you're going to see how important that is. So the first thing you have to ask is how can I build my own identity for my own company? So the lease is very long, but near my team, we try to find a few points. The most important, actually, to put it in 40 minutes and see what's the best way to, or what's the best definition of how to build one identity. The first thing is know what kind of data you need from your user. That's very important, because many people, when go to find, try to create or build one identity, doesn't ask they serve what they need for their users. That's pretty, pretty important. So you cannot create an identity without thinking before what actually needs from your user. If I'm a bank account, what I need? I need the username, I need the UCID, I need the bank ID, I need a lot of things, right? So you need to make sure that you have all the data from your users. Actually, you have to keep in mind something, guys. If you don't ask that data at the first time, get that data after, it's super, super complex, okay? It's super complex, because it implies a lot of things, okay? But if I, the person who claim to be, okay, that's super important. This happened right now, guys. If you go around the website, how many websites are being hacked? Anyone can join being like you, right? And using the website like you are. So you have to make sure that when someone comes to your website, to your application, you know who is that guy, okay? Insert the level of security, okay? So you have to put the high level of security. This is something that no one take care of, okay? But when you get hacked in your website, the first thing that the hacker does, what the hacker do is they come, send you an email, and say, okay, I'm gonna send a Viagra email to all your users if you don't pay, right? So that's super important. I saw last week, actually, in Spain, we got a news from one big company where they were saying that we had to change all our passwords, because they've been hacked and they took all our passwords. So we have a big problem with that, because if it's that easy, who guarantee our identity, okay? Our identity, it's super important in the internet. And so the level of security about the authentication, that's super important too. It's not only safe, it's only validate who is that guy. It's not only put a password, okay? User password is super easy to hack, okay? Someone here for sure can hack some account. So make it super strong is the way, okay? Guarantee we store the data in the safe place. This is super important. These topics are super important, all of them, okay? Guarantee, if you can access to any database, okay? It's stupid to have an identity there, okay? Has to be super secure. And also, and also, complain with, comply the protection laws, okay? We have different, in my company, we're working with all the countries around the world. So all the countries has different laws, different ways to work with the entity. In USA, for example, you have to save the data in USA. In Europe, you have to save the data inside Europe. It's big complicated. But let's see, what hosted login is. Actually, the term of hosted login, it doesn't exist right in the internet, okay? There are few vendors who use hosted login as a brand, okay? But the thing is, we like to use hosted login. This is actually not a standardized process, okay? So I'm trying to boost the standardized this process and call it hosted login. Why? Because hosted login is easy to remember and actually says what it does, okay? That's super easy. What actually it does, okay? Hosted login, actually, hosted login, it's a model of work, okay? As you see, you can create your own hosted login or you can take someone from the vendor. I recommend to you to get someone from the vendor, okay? Don't do it by yourself, because you can do it, but it takes a long time, a lot of money. We actually try, and we decided to externalize this process because it's even cheaper, okay? How that works, you have a website, you have a login, right? The regular one, the one you have right now is you click in the login, you have a form, you put the email password and you log in or something else, right? And you log in, okay? So in this case, what we do is you have the login button, you click the login button, you get redirect to another page, it's another external page that's provided for your vendor or by your own. And then you have everything. You have the form, you have, I don't know, all the validation that we have, everything you want is gonna be there. In most of the cases you even don't have to code anything because the vendors provide everything you want, you wanna see that's awesome. Then you can authorize the user, then the provider will create the user if it doesn't exist and then it gets redirect to your website. It's super transparent for your user. Actually, you can customize the form as much as you want in most of the vendors, okay? So for the user, it's completely transparent. Actually, if the user doesn't really know what is happening, actually it doesn't gonna see the difference, okay? They're gonna think that they're still on the website, okay? Actually, you have a great example with JGPT. How many of you have login in JGPT? JGPT use hosted login, okay? And maybe you didn't realize that because it's super transparent for the user, okay? It's super cool. Something very important is that one, hosted login is not social login, okay? We have different things here. We have different points. Social login is more for login using social stuff, okay? You can login social or Gmail, okay? You can use Facebook, you can use Twitter, you can use whatever, but you don't have the full control of the process, and even you don't have the full control of the information that you receive from that social, okay? In hosted login, you get the full data. You have everything you need. You can set it up in the form and save it in your database, okay? And control the full process of the login, the usage journey, okay? So that's pretty cool. Why we use hosted login? This is the main important slide that you're gonna see today, okay? Why we have to use? First, because we externalize the process. As I said at the beginning, who many of you have been dealing with the form processing, with the form in Drupal, try to customize, try to add new file, try to add the multi-step. I don't know if you work guys with marketing teams. We have a big marketing team, and they are very creative, and you know. I got the marketing team, right? And it's super hard for us to provide the better solution for them, because they are super creative. They want to like things, super extremes, okay? And it's hard, right? So using externalizing the process, you can make it something easy. Something easy, like I said, I don't know, HTML files with CSS, JavaScript, and do whatever you want the marketing team, okay? So that is that easy. Then, have all the data in the safe place. That's a cool thing, that is coming with also the next point. We're gonna have in a different database, okay, we can match it together, but you know, I don't recommend them, that you can have a different database, okay? To store all the user data that you have, okay? That's also pretty cool, because if you get to have that next point, if you get half your website, okay? I don't care, okay? If you send me an email and say, ah, well, I don't care, no, but I don't care, because if you ask me to pay to recover all the users, do it. You're gonna find some surprise in the database, because I anonymize all my users in my database in Drupal. So I only use the Drupal database to use the Drupal call. That's all. If you go to the database, you're gonna see something like one, two, three, five, at example.com. One, A, B, C, at example.com. So I don't try to send an email, I don't care, because I have the real data. It's storing my own database, in another database, okay, in my Bendo database. So that's pretty cool. Another thing is we can work by default, guys. That's super important, by default, single sign-on. How many of you try to implement a single sign-on system in your company? Did you try it? I did, and it's super, super, super complicated. It implies a lot of things, security things, marketing things, sheet things, you know, a lot of things. So here, you have single sign-on by default. If you know what single sign-on means, it's basically that you can log in, okay, in all your websites, using the same session, okay? So that's pretty cool. You can share the session, the user session, across the website, all your websites, okay? So that's super cool. Easy to implement the new filters market. You're gonna see a lot of filters. I'm gonna show you now, there's a lot of filters. If you make, if you can have an idea how long it takes to implement only one functionality, you're gonna see the full list that we have here. If you have to implement all of them, you're gonna say, okay, now, I externalize the process because it's pretty cool. And also, it helps for marketing team. Improve the UX, the user experience, that's also cool. You're gonna see the user experience. Super cool, because you don't need, we actually hate password, okay? We are fighting inside, bearing it to remove all the password as much as possible and use another technologies, like one time code, one time link, pass key that the super set the end. So we have different solutions rather than just password, okay? The power is easy to hack. Easy to integrate with social logging. This is why I say it's different. So you can integrate social logging in hosted logging. You have endpoints to manage your application. So if you need to do something else, okay, something complex, or you want to integrate that better with your application, you can put some code, you have endpoints and API and do whatever you want. And you have, this is the main difference with social logging, you have a backend where you can manage the user data. You can export the data, you can see the data, you can do whatever. Social logging doesn't give you that, okay? The social logging doesn't say, okay, that user exists, I guarantee that this user, it's validated some more and leave it coming, okay? So that's pretty cool. So let me show you quickly how that works, okay? Don't blink, because you miss it, okay? Super fast. As you see, you are seeing now how to enable the model. We are using OpenID model. You have different protocols, we like this because this is super secure and super easy to use. You enable the OpenID connect model. You go to config, you enable, this is the old one, okay? But you put the endpoints, don't worry about endpoints and clients ID because we removed that, so try to access, but you're not gonna get that. So you put the client ID, you put the client secret, you put the endpoints, everything is provided by your vendor, okay? You don't need to worry about that. You need to know actually what the hell is happening because everything is provided by your vendor, okay? So see, click the button in the login, this is the login button, right? You put your email, this is actually a group of words, ah, you are in, shit, that fast. How long it take? 40 seconds, to implement this, 40 seconds. And you see, you are in, you are validated, you are actually signed up, you are signed in, you do whatever you want and it's super easy to implement. Of course, I'm not showing you the vendor part, but the vendor part is that easy, okay? It depends on the vendor you choose, okay? But it's that easy. It's go to somewhere, create one tenant and put some configuration that you have to put and it's that easy, you see? You are in and you are, this is super secure, but we use password in this case, right? Why? Because we have advanced features. In advanced features, we have different things. This is one of my favorite one, mostly for marketing things, okay? This is the process profiling. Process profiling, I'm gonna say something. Not all the features that you're gonna see here are provided for all the vendors, okay? This is all the features that our main vendor provide to us, but we saw that different vendor provide something similar, okay? Process profiling, what that means? Imagine that you have a long, long form for registered users, okay? What happened? The people won't see that, the user won't see that. There's a login, it doesn't sign up, okay? Because it doesn't want to fill up that amount of fields in your form, right? So what we do? We do the first punch, okay? It's super easy. Put me your email, put me somewhere else, okay? And I will ask you the next time in your website, I'm gonna ask you extra data, okay? The extra data that I need from you. That has another benefit, because this is something that we use a lot in Beringer that imagine, we are using another three-party tool to validate the users. So we have like a CRM, okay? With all the doctors that we have working for Beringer, or not working, no, in Beringer. And we have that list in our CRM, okay? And we have already some data of that doctors. No, not all the data, but most of the cases we have 99% of the information coming from the doctor. So if you come to the website and you need the next data, you can get this in your website, in your website, in Drupal site, okay? And do whatever you want. You can call the CRM using the APIs and say, okay, this is what I have. This is the doctor that tried to contact. Do we have some information? Yes, okay. This field, I'm not gonna show you. This field, I'm not gonna show up. This field, I'm not gonna show up. So at the end, one form of 10 fields, it's gonna be coming two, three fields. So it's easy, it's easy to implement. Imagine, imagine how long it will take to implement this in Drupal by default. That's super, super hard, I'll tell you now, because we try, this is why we're using this. Let me show you quickly, okay, how that works. So we have a Drupal website, so you click on Generic, you come here, you try to register, okay, that's super easy, ask email and password. I'm gonna show you password, because I want to impress you in the next slide, okay? So you see here, I'm asked for the terms and condition, accept terms and condition. This is the Drupal site, you are already logged in. And we have already the terms and conditions stored. You don't believe me? I show you, here I said terms and condition is there safe. This is the vendor site, okay, this is actually something that the vendor provide. I have all the information you see, testing, the email, the one is logging, when everything. And I have the user metadata, terms and condition, check. So the same thing, you can ask the address, you can ask whatever you want, you can store there. And it's super safe, because it's not in Drupal. Actually, I forgot to put it, but if I go to Drupal, the unique thing you're gonna see is a dummy user. You're never gonna know what the hell is that, okay? Cause everything is in here, okay? That's the super thing. Fingerprint, fingerprint is actually something that have been changed, okay? Cause this is another solution that we are trying to use, but pass key actually replace. It's using the same protocol, so I have no demo to show you. Because we try to update the demos and I don't know why fingerprint and pass key are using the same protocol, so we cannot use it. But the fingerprint is actually the same thing, okay? Instead of use the password, when you put the email, you can access to your website using the fingerprint of your laptop, okay? If you have a fingerprint in your laptop, so you can enter. This is actually super cool, cause it's frictionless, high level of security and easy to set up. You know, how can we set up this? Just check one, check box. That's all, save it, it's working. Easy, it take less than the other video, okay? So imagine how easy is that, right? One time code and one time link. This is one of the things, one of the protocol that we use to login users in Beringale, okay? This is the most famous one, okay? All the marketing want this, cause you don't need password. You can't guarantee that the user is who's claim to be cause you have the email, it's super hard that the user get the hack, the email and also the password and everything, but it could happen, okay? And it give you a better user experience, okay? I'm gonna show you cause I have a clear example of this. You're gonna see, I'm trying to login again. Let me press. I'm trying to login again. You see, I don't have password here. I click here. Yeah, I get the code. I just copy the code. Paste the code, click continue. In. Did you see any password in the process? No, you see how easy is for the user. We have here two things. One, no password. Two, we can't guarantee that the user has that access to that email, okay? It's not two factor authentication, of course. It's just one, but we can say that this give some extra security, right? For your accessibility to the website. Identity first, that this is one of the things that in my opinion is gonna change the rules of the games, okay? Identity first, imagine that you are in a big company, you have different users accessing to your applications, right? You have a big company, and you have two, three. Wait, let's say two. One is working, working people, okay? You're working from your company. You have an external people working in your company, and you have the regular user, okay? You have someone coming from Google to show you on Google some search and access to your website and try to access. Okay, what happened? You're gonna give the same usage journey for all of them? That's something that we did in the past, but with the new identity first, that changed the rules. Think that if I'm a worker and I have my company domain, like example.com, and my company is example.com, okay? So I come, I put my name, Raul at example.com, then I'm using example.com, oh, shit. I'm using, for example, Azure, okay? To validate, I have a big CRM, Azure, another provider who allow me to access to the website. So I'm using Azure, so for all the people coming from example.com, I'm gonna use Azure to connect, okay, to leave access to the user. If I want, for example, someone else come from Gmail, okay, I'm gonna use Gmail solution, okay? To access to the website. If someone else come and I don't know who they are, I can put a one-time code or social login or whatever you want, or password even password if you want, okay? I show you, have a look. You access again, okay? This is the first email. I'm gonna show you with Gmail, okay? If you put, if you put block, for example, you see it asks you a password, okay? If you put Gmail, it doesn't, it's the same form, it's the same form. If they're direct to Google.com, okay? So you can do all the redirections you want, why? Because here, the identity is the priority. So here, the email that the user put in the form is the priority. Depend of the domain you're using is where you're going, it's gonna define the way, the journey you're gonna get during the process. So that's super cool, because you can have the same tenant for all your application, setting the social login and give different usage journey depending of the domain, okay? That's super cool. And we have a lot of things, okay? We have a lot of things. I'm not gonna show you all, because we don't have that time, but there are, for example, two factor authentication. This is something super cool that we have to use. Most of the company actually are requiring this. We can use two factor authentication, just clicking buttons, okay? Social integration, something that is hard sometimes. Here is super easy. We have a adaptive MFA. That's super cool too, because this is something that provides our vendor, and this is something, it depends of where is coming the user. I mean, the IP of that user, it will detect automatically if you need an extra double factor authentication or not, okay? That's super cool, because for example, there is an erosion in the session. Okay, if someone comes from Russia, we know that sometimes you try to hack, right? So, sorry, but this happens in Spain sometimes. So, I can say, okay, if someone comes from Russia, from China, from Taiwan, from all these, the looks, okay, they'll get me wrong, okay? But some of the guys come from there, and if they come from that countries, we can say, okay, no, no, no, no. I want to factor authentication to fully guarantee that the user is who come to be, okay? So, and that's automatic, you have to do nothing here. Just check button, I love check button, you wanna see. IP throttling, that's all the thing, okay? Bridge password detection. One of the cool thing that have is you get a vendor, if most of them, they have 24 seven support, okay? So, they have person, we have a lot of people working behind this filter, this system itself, okay? So, you're gonna see, if they detect something weird, the first thing that they do is send you an email, okay? The first thing is automatically, but if they detect that someone could have been breached, or they've been attacked, or something, they always contact you and tell you, okay? To check that everything, if everything is going, it's going expected or not, okay? You can use different protocols. We use mostly OpenID Connect, because it's the most used protocol, okay? You have OAuth, that's the second one, OAuth and OpenID, it's pretty similar. We had SAML, and we have LDP, LADAP also, okay? You can also integrate it with OpenTrust, and Persona, whatever, okay? At the end, this is part of the authorization. If you want to validate also the user with your CRM or with any CRM, you can even synchronize, okay? The filter. Let me say that when I created this slide, that this was the filter. Sadly, a few weeks ago, Google launched the PASC functionality in the Chrome, okay? That's super cool, and I'm gonna show you why. PASC is, whatever we saw now, it's all, okay? Whatever we saw, whatever I saw you right now, it's completely all. This is the new thing that is coming. The truth is, this is super new. There are some gaps, okay? Because PASC is implemented not only by Google, it's only implemented by Microsoft, Apple has already implemented this, year ago, with the last update, if you are using Mac, for example, and iPhones, the same identity, it gets synchronized, okay? So you can access, you wanna say, oh, you can access with the same profile, with the same identity, using different devices. That's pretty cool thing, okay? So here, the first thing is, you don't need password, okay, this is fully password, you need a password, because you have to access some hole, okay? But the password that you need to put, okay, to remember, is the one you have to access to your laptop, okay? It's gonna use the same password that you have in your laptop. Hold it, does, I show you now. Fully password experience, available for all the devices, is what I say. If you want to test it, save this, okay? Save this link. This is a link where you can fully test it, that this functionality, it's free, it doesn't create, and you say, just to test, okay? I believe this was created by Google, actually for this, not to test the full functionality. You want to see how that works? I'll show you, this is the same page, okay? You put the email here, okay? This is the password key integrated in on Google. So you add the first time, you click here, you put the email, you want to create the account, then you want to create the password key, okay? This is the next step. This is something that we are dealing with this. Then you say, where do you want to do it? In iCloud or in the Google one, okay? So with this iGoogle, we continue, here is it. You see this prompt? This prompt is coming from Mac, okay? It's not for the website, it's coming from Mac. So you are already in, you have already created the username in this place, we log out. I'm going to show you two ways. One is, again, you see now it's coming, the identity is already created, the past key is already created in Google, so it shows the pop-up. And now you have the button here, the past key button. So it's the same thing, okay? It's actually the same way. You see, again, another thing. So if you use password to access to your laptop, put that power. If you use fingerprint, fingerprint. If you use iWatch, iWatch. If you use Face ID, Face ID. If you use code to access by your phone, code. So see how powerful is that. This is actually the future. This is something that, it's super neat, okay? Actually, one of our vendors released this a few months ago. Okay, we are still playing and we saw some gaps. Google just released this a few weeks ago. So I believe it's in beta, well, let's say, because when they put something in production, we know that that's better for us. And you can do this. You see how easy is that, how easy is the implementer. And you know how can you implement that? Just click one button. Just check something in the configuration of your tenant. That's the easy ways, no? And that's all. That's all from today. If you want to know more about hostility and how that works, please come to me and ask me. If you want to know about Drupaleros, also come to me. Or if you want to know something about how to get new people to Drupal, also come to me or Carlos, the way up there. Thank you. Thank you to be here. If you have any question, we can discuss now. For the server, you have the links here. And this is the last phrase. There is no privacy without security. So that's all. Thank you guys for coming today. So now, if you have any questions, free to shot. One question is already online. You demonstrated storing the TNC checkbox submitted value in the user's metadata. But the checkbox was on the Drupal page. How do you define what form elements to use and put them on the Drupal page? This is actually a Drupal form. It's everything integrated. So whatever you do there, it's a Drupal form. That's a good thing of the process for finding. You can create a regular Drupal form. Like always, you create a Drupal form. Actually, for this example, we create one manually, by code. And you can take the data coming from outside. Actually, for our vendor, actually, the vendor gives you all the data you need. And you have to give back that data with the new data store to store. So it's super easy. It's well-documented. There is no, for this case, for this profiling, you need to know how to code, how to create forms. But for the rest of the things, you don't need to know even code. Anything else, anyone? So this hosted login, is it a module, or is it just built as a concept on OpenID? It's a concept. It's actually a system itself. So you don't need to install any module rather than the OpenID connect, for example, to connect to the disk. But this is happened outside Drupal. You can integrate this to Drupal, to Salesforce, to any of them. Because as soon as you use the same protocol, you can use it. But this is external. This hosted login is completely external of the Drupal. So PESC key, is this also OpenID, or is it a module? No, no, no, that's another concept. PESC key, it's a solution coming from the laptop, or in this case, for Google Chrome. Okay, this is an external functionality. Okay, you can use it, or no, that's up to you. But at the end, you have that solution there. If you want to implement the pop-up you saw, it's coming from the Google, not from the website. So you have to code in it. That's already cool. Anyone else? Anymore. No? Okay. Wait, wait, wait, wait. You showed how to enable this on a new website, on new users. How would you go about enabling this on an existing database with a lot of users? Well, good questions. That's a big deal, because if you don't do it from scratch, you have to reveal all the Drupal database. Because if you, you have two choices, okay? You can still use in the same database, okay? So that's fine, the same email without anonymize. So you can leave the user access and the user that is going to create in your Drupal site is gonna be with the real email, okay? I don't recommend that, okay? Because if you get hacked, they can send email to your users or do whatever. But if the user already exists and you put that system in your website, the system recognizes that email in your database. So when the user comes, says, okay, exist that user, that is that user, okay? And seeing that, you know? The idea is you don't have to store the user info data in your database. So if you can, actually you can export that data. This is something that we do when we migrate from Drupal 7 to Drupal 9 or 10. We export the users, okay, from the Drupal database and we import that in our vendor. Then you have already the user there. So the user, the problem is with the passwords, okay? We are dealing with this because Drupal 7 has a very weird way of encrypt the password. Okay, it's super hard to replicate that in another system. So, but if you ask the user to, you know, to reset the password or something like that, this is the only way that we phone. But yeah, you can export and import and have the same user, the same information. Thank you for this presentation. I had question about the external vendor that do the identification. Because I see from what I understood, you have the Drupal module and you just put off the link where the identification happens. Is this external vendor a subscription formula? So do I have to pay something to him? Most of the, for example, we have actually three vendors in Berringer right now, okay? One of them, this is what actually you saw, it has a free part, okay? The free part, it's enough for a small company. Actually, if you come to drupaleros.com, okay? We are using the free part, okay? So it's super easy. Actually, we are using the process profiling. Not all of now, but if you want to test it and you want to log in, you're gonna see how it works. And that is free. Okay, but for example, the IP throw thing that's paid, a password key right now, it's paid. You know, you have some pay, let's say futures, okay? But there are also free ones. Okay, so that is the first question I have or concern. And the second one is, if in the near future or the far future, I don't trust you anymore for whatever reason, a breach or whatever it is. Can I move to somewhere else? Is it some standard? The uses, you mean the database? Yeah. Yeah, or the thing that you store, can I move it to someone else? You can export. Actually, we do a weekly export from marketing, okay? Because they want the user in a specific way, okay? In a CSV file to import in somewhere else in the CRM. And you can export that data. You can export everything. So you have the full control of the user that you have. You can export that database and import whatever you want. Okay, so you can do your CSV and that's all. It's a bit related, but do you know of any good self-hosted providers? I know, I know, but if you want, I can tell you later if you want. I don't want to give some free ads, you know? Anyone? No? Okay, if any more questions pop up or some discussion, where can we find you online or on-site? At the beginning, let me see. At the beginning I put the links. Let me quickly show you, here I see. So I have, this is my LinkedIn, okay? This is the best way to contact me. Drupalogy, I'm not using that too much, okay? If you email me there, I don't know if I can answer. But the LinkedIn, it's rather more, you know, active. I post some things and whatever. So you can easily chat me and I will answer whatever you want, okay? Actually, if you see me around, you can ask me anytime, okay? Thank you very much.