Open Closed

Multitenancy with third party authentication #3025


User avatar
0
LW created

Hello, we are planning to use Azure AD as a third-party authentication provider. We have this enabled and working already. I just want to clarify for myself how to prevent users from logging into other tenants' environments. If the user manages to guess another tenant's name on the logging screen, how is it prevented that the user is not able to log in? Where the check should be that this user can only log into a certain tenant environment?


2 Answer(s)
  • User Avatar
    0
    LW created
    • ABP Framework version: 5.1.2
    • UI type: Angular
    • DB provider: EF Core
    • Tiered (MVC) or Identity Server Separated (Angular): yes
  • User Avatar
    0
    maliming created
    Support Team

    hi

    You can override the public virtual async Task<IActionResult> OnGetExternalLoginCallbackAsync(string returnUrl = "", string returnUrlHash = "", string remoteError = null) method of account\src\Volo.Abp.Account.Pro.Public.Web.IdentityServer\Pages\Account\IdentityServerSupportedLoginModel.cs.

    Check the current tenant and ExternalLoginInfo

Made with ❤️ on ABP v9.2.0-preview. Updated on January 14, 2025, 14:54