ABP Framework version: v4.0.2 UI type: MVC DB provider: EF Core Tiered (MVC) or Identity Server Seperated (Angular): yes
I have a multi tenanted tiered solution (MVC) with a requirement to customise the workflow for both my Web Solution and the react mobile application. My solution has multiple roles per tenant and I need to disable logon for certain roles from both web and mobile.
e.g:
Doctor Role: Only Web Access Patient Role: Only Mobile Access
I also have a requirement to completely restyle the Identoty Server logon. My question is, would i prevent the different role logon inside the identity server or allow the logon and redirect and display an unauthorised page inside the web portal? Would it be better to prevent the logon inside the identity server?
Is there a simple config setting in identoty server to say prevent logon for certain roles?
1 Answer(s)
-
0
Hello @ihugo,
This is completely related with IdentityServer4., you can get better answers from stackoverflow or identityserver4 repo.
Although, identityserver configuration is not related with user roles but clients themselves. Preventing logon for certain roles doesn't seem feasible solution since you decide authentication flows independent of your user roles.
However, you can check which application is user logging from when authenticating then running extra layer of authorization should work.
