Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.
If you're creating a bug/problem report, please include followings:
- ABP Framework version: v5.3.3 / v6.0.0-rc.2
- UI type: Blazor
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace:
- Steps to reproduce the issue:"
Hi
We are currently evaluating ABP Commercial with the intention to purchase the Business license at the end of the trial if all goes well (really positive about it so far - it will save me a lot of time as the only developper in my organisation). We have some questions regarding whether ABP will be able to support requirements we have for the application we are building. Hoping you can provide some guidance on these.
- We are looking at utilising multi-tenant with a single database, as each of our customers data will be separate from other customers. We want to remove the Tenant text box on the login screen, and have the framework determine the tenant from the login. We don't want to use sub-domains. We have looked at creating a custom tenant resolver to check a list of email domains to match a tenant (e.g. https://support.abp.io/QA/Questions/447/LoginAPI-Trying-to-log-in-from-an-app-using-the-API---need-to-know-how-to-identify-the-tenant-that-the-user-belongs-to). However we would much prefer to check the whole database for a login and match the tenant that way. I saw this in the Community posts, which sets up a custom login class which loops through the tenants: https://community.abp.io/posts/hide-the-tenant-switch-of-the-login-page-4foaup7p. Would this second method be a recommended approach? Do you have any other thoughts about the best way to achieve this requirement in ABP?
- We will have some users in Azure B2C. We will implement a separate login for these, assuming OpenIddict has the ability to add an external provider as Identity Server does. Is this sort of setup supported in ABP? Could this setup help with question 1 (we could possibly return a tenant string as a claim from B2C)?
- We need to have a super user(s) in the Host environment who can manage users within tenants, and view data in different tenants. These would be support/administration roles in our company. We don't want them to have to log in to each tenant as that tenant's admin user to support those tenants, which is how it looks like it works out-of-the-box (note the tenants will still, for the most part, be managing their own users). It seems this would be quite a common requirement (it would unfortunately be a dealbreaker for us not to be able to implement it), and I have seen some other multi-tenant systems work this way (e.g. https://github.com/JonPSmith/AuthPermissions.AspNetCore). So I wanted to find out what a recommended approach might be?
- With the move to OpenIddict coming, would it be a good idea for us to start building with the next release candidate so we start off with this?
- Finally, we will have some roles that will be global across tenants (tenants will not be able to create their own roles). Would the best way to implement this be to create a copy of a new role when created in Host for each tenant? And then automatically create roles when a new tenant is created (as Admin is handled)?
Thanks! Matt
1 Answer(s)
-
0
hi matt
The username or email of the different tenant may be duplicate, You have to make sure it unique in all tenant.
Framework support the
Azure B2C
no problem. If you can unique info from this it will be help 1.You can switch to the tenant from host by https://docs.abp.io/en/abp/latest/Multi-Tenancy#change-the-current-tenant
I recommend starting with the official release of 6.0. It plan on September 06, 2022.
I think so, You can give it a try.