Hello, suppose we have 2 tenants in our application consider it as https://t1.net and https://t2.net. I am getting token from https://t1.net and the API which i am calling is of https://t2.net so after sending the request it getting the successful response and the data is inserting in the https://t1.net tenant (from where token was generated). It is ignoring the API URL.
5 Answer(s)
-
0
Hi @SRTMDEV
Do you also send Abp.TenantId request header ?
-
0
Hi @SRTMDEV
Do you also send Abp.TenantId request header ?
No, we are just passing token in header
-
0
Hi @SRTMDEV
I assume this is becasue, during the data insert, we don't set the tenantId automatically. Are you able to query data in the same way ?
-
0
Currently, TenantId is automatically taken from the passed token during inserting data. Due to that there is a possibility it will ignore tenancy URL and insert data with TenantId which is available in token/session. Is there any functionality in ANZ to unauthorize any request if the token TenantId and tenancy URL do not match?
-
0
Hi,
This seems like an odd and problematic behaviour. Could you create an issue here https://github.com/aspnetzero/aspnet-zero-core, so we can work on this ?