openiddict

I have a multi-tenant (single database) application which allows for same username/email across different tenants. At the time of login (Implicit flow) how can I identify the tenant? I thought of following possibilities: At the time of registration ask the user for account slug (company/tenant slug) and during login user should provide the slug along with username and password . But there is no parameter in open id request to send the slug. Create an OAuth application at the time of registration and use slug as client_id . At the time of login pass slug in client_id , which I will use to fetch

I'm trying to create an Angular2 SPA consuming a .NET Core Web API protected using OpenIdDict, with credentials flow. In creating a repro solution for this issue, I have also detailed all my steps in a readme, so hope this post can be useful to newbies like me. Please find the full repro solutions in these repositories: server-side (.NET Core + OpenIdDict), with detailed instructions to build your own: https://github.com/Myrmex/repro-oidang client-side (Angular2): https://github.com/Myrmex/repro-angoid As for the server side, I followed the sample provided by OpenIdDict about this flow ( https

I have a .NET Core application with Angular2 UI running in a Service Fabric Cluster that I secured using OpenIddict. I followed this example: https://github.com/openiddict/openiddict-samples/tree/master/samples/RefreshFlow It works great when I only have one instance of the stateless .NET Core application. When I increase the instance count to two, the authentication fails and I get a bunch of 401 errors. It seems that the token I receive is only good for that particular instance and is rejected on the other instance. I think I understand why this is happening, but I’m not sure how to address

I am using JWT authentication in my ASP.NET Core 2.0 application with OpenIddict. I am following idea in this thread and calling AuthorizeWithJWT method after SignalR handshake. But now, I do not know what should I set in AuthorizeWithJWT method so I can use [Authorize(Roles="Admin")] for example. I tried with setting context user, but it is readonly: public class BaseHub : Hub { public async Task AuthorizeWithJWT(string AccessToken) { //get user claims from AccesToken this.Context.User = user; //error User is read only } } And using authorize attribute: public class VarDesignImportHub :

I am using this github project https://github.com/openiddict/openiddict-core which is great. But I am stuck as to what the procedures should be, or how to implement them, when the user uses an external identity provider, for this example, I will use google. I have an angular2 app running, with an aspnet core webAPI. All my local logins work perfectly, I call connect/token with a username and password, and an accessToken is returned. Now I need to implement google as an external identity provider. I have followed all the steps here to implement a google login button. This opens a popup when the

Our app requires sign-in by either mobile number or Google. We are planning to Twitter Digits for mobile number authentication. The flow of registration and authentication as I understand is as below: Mobile app does rich authentication with Twitter Digits or Google Sign In (it’s better user experience for the user to do rich auth instead of opening a web browser tab). Twitter Digits / Google Sign In returns Identity Token. Mobile app calls AuthServer to SignIn and presents Identity Token. Identity server validates the presented Identity Token with Digits service or Google Auth Service. Once