search

JonPSmith / AuthPermissions.AspNetCore

This library provides extra authorization and multi-tenant features to an ASP.NET Core application.
https://www.thereformedprogrammer.net/finally-a-library-that-improves-role-authorization-in-asp-net-core/
MIT License
770 stars 158 forks source link

Guide request for MultiTenancy and Permissions using IdentityServer4 #33

Closed eslamo closed 2 years ago

eslamo commented 2 years ago

Thank you for your great library.

I hope you can share an example how I can use this library to have multi tenant api integrated with IdentityServer4

JonPSmith commented 2 years ago

Hi @eslamo,

You can use IdentityServer with AuthP as it implements the OpenId connection. But IdentityServer is designed to provides its own authentication data (known as Scopes), but the AuthP library uses its own authentication data known as Roles and Permissions. Therefore you need to think about who is in charge of authentication: IdentityServer or AuthP.

You can use IdentityServer's Scopes, and ignore AuthP Roles/Permissions, but that removes the possibility of versioning your multi-tenant app. Therefore I would recommend using Azure AD B2C as better authorization handler (see example 5).

If you still want to use IdentityServer, then you can use the OpenID event to add the AuthP claims, or if you are using a JWT Bearer Token you can inject AuthP claims there (see example 2)

eslamo commented 2 years ago

Thanks @JonPSmith for your great explination and details and I hope I can find better solution to connect multiple apps using OpenID and keep using AuthP cause I like the versioning feature and Permission based authentication cause it give more felexibility to the app.