Activities of "sergei.gorlovetsky@gmail.com"

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

• ABP Framework version: v4.2.0
• UI type: Angular
• DB provider: MongoDB
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace: Failed to validate the token. Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'System.String'. Did not match: validationParameters.ValidIssuer: 'System.String' or validationParameters.ValidIssuers: 'System.String'. at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
• Steps to reproduce the issue: After logging in at the identity server, I'm redirected to the correct 'subdomain.mydomain.com' but I'm not in fact logged at the UI and the exception above is listed on identity server logs.txt. Cheking 'identityserver.subdomain.mydomain.com' it's possible to see 'myuser' logged at the correct tenant/subdomain. I'm using 'Tenant Specific Remote Endpoints' from https://docs.abp.io/en/abp/latest/UI/Angular/Multi-Tenancy at the front-end and 'Subdomain Tenant Resolvers' from 'https://docs.abp.io/en/abp/latest/Multi-Tenancy' for both the HttpApi.Host ({0}.api.domain.com) and IdentityServer ({0}.is.domain.com).

Identity server is logged in.

Ui is not logged in.

Do you think this is something related to the way urls are setup?

Another potential issue and something I'm not able to address right now is how to add RedirectUri objects for the subdomains, right now I'm hardcoding a 'subdomain.domain.com' redirect uri. Is there any way to dynamically redirect according to the current tenant?