BLACK FRIDAY
From November 21
to December 01
99Days : 99Hrs : 99Min : 99Sec
SAVE UP TO$3K
Also valid for the
existing customers!
Open Closed

How to get token for the tenant users from token endpoint #935


1
raif created

Hi, I have created a separate database for each tenant in order to provide data isolation between host and tenant in my system. Migration operation is performed over different contextes

Host is

    /* Include modules to your migration db context */
    builder.ConfigurePermissionManagement();
    builder.ConfigureSettingManagement();
    builder.ConfigureBackgroundJobs();
    builder.ConfigureAuditLogging();
    builder.ConfigureIdentity();
    builder.ConfigureIdentityServer();
    builder.ConfigureFeatureManagement();
    builder.ConfigureLanguageManagement();
    builder.ConfigureSaas();
    builder.ConfigureTextTemplateManagement();
    builder.ConfigureBlobStoring();
    /* Custom platform modules */         
    builder.ConfigureCredit();
    /* Configure your own tables/entities inside the ConfigureNMM method */
    builder.ConfigureNMM();

Tenat is

    builder.ConfigurePermissionManagement();
    builder.ConfigureSettingManagement();
    builder.ConfigureAuditLogging();
    builder.ConfigureIdentity();
    builder.ConfigureFeatureManagement();
    builder.ConfigureLanguageManagement();
    builder.ConfigureTextTemplateManagement();

As you can see from above we didn't create any identityServer4 related table at tenant side since it is host related task

As far as i can see out of box app client supports password grant flow

   CreateClientAsync(
    name: consoleAndAngularClientId,
    scopes: commonScopes,
    grantTypes: new[] { "password", "client_credentials", "authorization_code" },
    secret: (configurationSection["XYZ_App:ClientSecret"] ?? "1q2w3e*").Sha256(),
    requireClientSecret: ~~false~~ true,
    redirectUri: webClientRootUrl,
    postLogoutRedirectUri: webClientRootUrl,
~~corsOrigins: new[] { webClientRootUrl.RemovePostFix("/") ~~

Ofcourse, there is no problem for the host users

However tenant users are not able get token for the API calls, Any hint ?

  • ABP Framework version: v4.2.1
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:

2 Answer(s)
  • 1
    maliming created
    Support Team

    hi

    Did you pass the tenant id in the request?

    eg

    https://docs.abp.io/en/abp/latest/Multi-Tenancy#default-tenant-resolvers

  • 0
    raif created

    Thx, Missed one of the underscore,

    HeaderTenantResolveContributor: Tries to find current tenant id from HTTP headers. The header name is __tenant by default.