Activities of "MarekH"

Hi @maliming,

splitting the IS is not the problem with the tiered solution. The challenge that we face is that we would like to have a shared identity accrosss all products.

That means that, we would like to create a user e.g. "user1@customer1" in Application1 and give that user permisssions and roles to Application 1, Application 2...

If we split beside the Identity Server also the Identity Module, how would e.g. tenant creation work? How would the central Identity Service know about the tenants and roles defined in the applications? Is this scenario possible?

Thanks

ABP Framework version: v4.2.0 UI type: Angular DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): yes Exception message and stack trace: Steps to reproduce the issue:

Hello, we are trying to resolve issue related to switching between host and customer DBs..

Our solution is deployed with host DB and separated Identity Server (IS) (running as separate microservice and using host DB). We would like to use Multi-tenant solution with separate DB for each tenant. We are trying to use centralized IS to handle all requests. We already created our custom override of CreateAsync method in TenantAppService to create some custom actions during tenant creation (tenant DB creation, running some seed methods, etc.). UpdateDefaultConnectionStringAsync is called too in our method to update SaasTenantConnectionStrings table in host DB.

So when we create new tenant from host app, there is a new tenant DB, SaasTenantConnectionStrings table in host DB contains correct connection string too. We have also a wildcard rule in IdentityServerClientRedirectUris table in IS.

When we access https://tenant1.ourappurl/ and click Login, we are redirected to the correct IS page with login. My question is: Can we identify the tenant using the domain resolver to direct to the tenant db once the authorization is completed on the centralised IS server?

Thanks a lot!

We have tried to login as tenant, login is successfully done however we got an error of Invalid_scope.

We have tried login as a tenant using below steps :

• Download demo code from abp io site.
• Create new tanant which is successfully created with database table
• Create new tenant and try to login ,its working fine.

We are unable to login tenant with tenant database in commercial version. However we followed the same steps which we are doing in the Non-Commercial Version.

Our purpose is login as tenant with separate Database with Central Identity Server.

Can you please provide a sample code for the same

We are removed the switch tenant from UI ,we are use subdomains in comaracial code

Actually we are trying to switch tenant on the basis of change in the URL , Instead of switching it from the popup modal which we have in the login. We have tried below things :-

1. Created Custom tenant Resolver class also added {0}.maindomain.com specified this URL. As we found this solution to switch tenant autometically on the basis of URL.

In current scenario we are getting that URL after login for example if we use

tenant1.mydomain.com then after login we are redirecting to same tenant1.mydomain.com But tenant is not getting changed , We are still logged in as admin.

Can you please help us.

We have tried to login as tenant, login is successfully done however we got an error of Invalid_scope.

This shows login happened for tenant6 admin user. Do you mean this doesn't work anymore either?

We have resolved this error but we are not able to login as tenant using url

Actually we are trying to switch tenant on the basis of change in the URL , Instead of switching it from the popup modal which we have in the login. We have tried below things :-

1. Created Custom tenant Resolver class also added {0}.maindomain.com specified this URL. As we found this solution to switch tenant autometically on the basis of URL.

In current scenario we are getting that URL after login for example if we use

tenant1.mydomain.com then after login we are redirecting to same tenant1.mydomain.com But tenant is not getting changed , We are still logged in as admin.

Can you please help us.

We are facing this issue while we are trying to login using url.

To clarify:

1. In tenant1.mydomain.com hit login
2. Redirected to authserver.mydomain.com (identityserver), enter credentials for admin user and hit login
3. Successfuly signed in and I am now redirected back to tenant1.mydomain.com.
4. But logged in user is not tenant admin but the host admin?

But tenant is not getting changed , We are still logged in as admin.

I assume Host admin, not tenant admin.

It might be related with cookies and application cache. Does it the same behaviour when you cleared the cookies and browser cache or in incognito mode?

Yes , It is same behaviour when we clear cookie.

We are getting logged in as HostAdmin instead of tenant Admin

We have used below method to enable tenant switching on the basis of URL:-

Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver("{0}.mydomain.com"); });

Do we need anything else for switching tenant on the basis of URL?

hi @MarekH

Deos tenant1.mydomain.com and authserver.mydomain.com both use mydomain.com as domain?

Yes both are in same domain

Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver("{0}.mydomain.com"); });

We have added above method , to switch tenant autometically on the basis of URL change