We are developing a multi-tenanted application using Angular 6. Each tenant accesses the application using their sub-domains, say, client1.app.com, client2.app.com etc.
For authentication purposes, we are using IdentityServer 4. We have followed steps similar to the ones mentioned at: https://identityserver4.readthedocs.io/en/release/quickstarts/7_javascript_client.html.
All works well - the point we are stuck on is how do we specify the redirect_uri in the Angular client application.
As you are well aware, the redirect-uri is used by the Identity Server to return back the authentication results and info. As per the oidc-client library the redirect_uri is a string and we cannot specify multiple values. However, in our case based on the client's sub-domain the redirect-uri will differ and has to be dynamic.
Has anyone encountered similar situation? Am I overlooking anything? Any pointers to solve the above will greatly help.
Thanks Sushil
You will need to set the
redirect_uriin your client to be resolved from the host (usingwindow.locationor whatever solution you want to use here). Then every tenant will pass this URI when accessing Identity Server.On the Identity Server side, in the Client object, the
RedirectUrisproperty is a collection, so there you should add all your tenants' redirect uri's (don't forget thePostLogoutRedirectUristoo).