Hello, we are planning to use Azure AD as a third-party authentication provider. We have this enabled and working already. I just want to clarify for myself how to prevent users from logging into other tenants' environments. If the user manages to guess another tenant's name on the logging screen, how is it prevented that the user is not able to log in? Where the check should be that this user can only log into a certain tenant environment?
2 Answer(s)
-
0
- ABP Framework version: 5.1.2
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
-
0
hi
You can override the
public virtual async Task<IActionResult> OnGetExternalLoginCallbackAsync(string returnUrl = "", string returnUrlHash = "", string remoteError = null)
method ofaccount\src\Volo.Abp.Account.Pro.Public.Web.IdentityServer\Pages\Account\IdentityServerSupportedLoginModel.cs
.Check the
current tenant
andExternalLoginInfo