Thx, Missed one of the underscore,
HeaderTenantResolveContributor: Tries to find current tenant id from HTTP headers. The header name is __tenant by default.
Hi, I have created a separate database for each tenant in order to provide data isolation between host and tenant in my system. Migration operation is performed over different contextes
Host is
/* Include modules to your migration db context */
builder.ConfigurePermissionManagement();
builder.ConfigureSettingManagement();
builder.ConfigureBackgroundJobs();
builder.ConfigureAuditLogging();
builder.ConfigureIdentity();
builder.ConfigureIdentityServer();
builder.ConfigureFeatureManagement();
builder.ConfigureLanguageManagement();
builder.ConfigureSaas();
builder.ConfigureTextTemplateManagement();
builder.ConfigureBlobStoring();
/* Custom platform modules */
builder.ConfigureCredit();
/* Configure your own tables/entities inside the ConfigureNMM method */
builder.ConfigureNMM();
Tenat is
builder.ConfigurePermissionManagement();
builder.ConfigureSettingManagement();
builder.ConfigureAuditLogging();
builder.ConfigureIdentity();
builder.ConfigureFeatureManagement();
builder.ConfigureLanguageManagement();
builder.ConfigureTextTemplateManagement();
As you can see from above we didn't create any identityServer4 related table at tenant side since it is host related task
As far as i can see out of box app client supports password grant flow
CreateClientAsync(
name: consoleAndAngularClientId,
scopes: commonScopes,
grantTypes: new[] { "password", "client_credentials", "authorization_code" },
secret: (configurationSection["XYZ_App:ClientSecret"] ?? "1q2w3e*").Sha256(),
requireClientSecret: ~~false~~ true,
redirectUri: webClientRootUrl,
postLogoutRedirectUri: webClientRootUrl,
~~corsOrigins: new[] { webClientRootUrl.RemovePostFix("/") ~~
Ofcourse, there is no problem for the host users
However tenant users are not able get token for the API calls, Any hint ?