Closed eslamo closed 2 years ago
Hi @eslamo,
You can use IdentityServer with AuthP as it implements the OpenId connection. But IdentityServer is designed to provides its own authentication data (known as Scopes), but the AuthP library uses its own authentication data known as Roles and Permissions. Therefore you need to think about who is in charge of authentication: IdentityServer or AuthP.
You can use IdentityServer's Scopes, and ignore AuthP Roles/Permissions, but that removes the possibility of versioning your multi-tenant app. Therefore I would recommend using Azure AD B2C as better authorization handler (see example 5).
If you still want to use IdentityServer, then you can use the OpenID event to add the AuthP claims, or if you are using a JWT Bearer Token you can inject AuthP claims there (see example 2)
Thanks @JonPSmith for your great explination and details and I hope I can find better solution to connect multiple apps using OpenID and keep using AuthP cause I like the versioning feature and Permission based authentication cause it give more felexibility to the app.
Thank you for your great library.
I hope you can share an example how I can use this library to have multi tenant api integrated with IdentityServer4