We are developing a multi-tenanted application using Angular 6. Each tenant accesses the application using their sub-domains, say, client1.app.com
, client2.app.com
etc.
For authentication purposes, we are using IdentityServer 4. We have followed steps similar to the ones mentioned at: https://identityserver4.readthedocs.io/en/release/quickstarts/7_javascript_client.html.
All works well - the point we are stuck on is how do we specify the redirect_uri
in the Angular client application.
As you are well aware, the redirect-uri
is used by the Identity Server to return back the authentication results and info. As per the oidc-client
library the redirect_uri
is a string and we cannot specify multiple values. However, in our case based on the client's sub-domain the redirect-uri
will differ and has to be dynamic.
Has anyone encountered similar situation? Am I overlooking anything? Any pointers to solve the above will greatly help.
Thanks Sushil
You will need to set the
redirect_uri
in your client to be resolved from the host (usingwindow.location
or whatever solution you want to use here). Then every tenant will pass this URI when accessing Identity Server.On the Identity Server side, in the Client object, the
RedirectUris
property is a collection, so there you should add all your tenants' redirect uri's (don't forget thePostLogoutRedirectUris
too).