Hi -
I use Okta as my SSO provider and I am able to successfully implement that in my project succesfully. Now other applications wants to call my API and we share the same okta users across.
My question is when the other application is going to call ExternalAuthenticate API of my application how it's going to pass the Tenant ID ? Currently the TenantID is being retrieved from AbpSession.
Do I need to write a separete External Authenticate API and have Tenant ID included as a parameter.
Am I missing something ?
3 Answer(s)
-
0
Hi, if you application allow Okta user to be authencated as external source, external application will be able to login into your application as Okta user
After they are logged in, they should use the authentication token provided by the login method and call your API
-
0
The problem is I set the TenantID in the browser before redirecting the user to Okta. So when Okta authenticates I just use the TenantID and token and log that user
But when you are using the API , I am not sure how to pass the TenantID
-
0
Hi @maharatha
I couldn't fully understand the API use case but have you tried to send TenantId via request headers ? see https://aspnetboilerplate.com/Pages/Documents/Multi-Tenancy#determining-current-tenant
