Closed Peperud closed 8 years ago
Hi Peperud did you already found a solution? I'm trying to accomplish the same thing. Can you combine the UseWindowsAzureActiveDirectoryBearerAuthentication and the UseIdentityServerBearerTokenAuthentication?
If the token service uses the same URL for all tenants, then there's nothing special that needs to be done in the access token validation.
What is your definition of "multi-tenant"? Is this a logical concept, or is there something about the request (URL, hostname, etc) that makes it multi-tenant?
What I'm trying to do is get is something like the the Azure AD common endpoint arrangement.
Is there anything (similar to the notifications in oidc middleware ?), which can be used to inspect and reject the token?