Open Closed

ABP Multi-Tenant (Database-per-Tenant) Azure SQL Connections Using Microsoft Entra ID Service Principal (No SQL Passwords) #10509

User avatar
0
mariovh created

We have an ABP.IO multi-tenant application configured as database-per-tenant (each tenant has an isolated Azure SQL database).

We want to avoid SQL username/password in tenant connection strings and instead connect to Azure SQL using Microsoft Entra ID authentication with a Service Principal (Client ID + Client Secret or Certificate).

What we need from ABP support

  1. Recommended ABP approach to implement tenant-specific database connections using Entra ID Service Principal authentication.
  2. Where to integrate this in ABP:
    • Should we override/implement IConnectionStringResolver (or another ABP extension point) to resolve per-tenant connection settings?
    • What is the recommended place to inject an access token / configure the underlying SQL connection for Entra ID (e.g., during DbContext configuration / connection creation)?
  3. If ABP has an official or preferred pattern for this scenario, please share:
    • Docs / sample project
    • or a minimal code snippet showing the correct integration point for Azure SQL + Entra ID Service Principal in a multi-tenant, database-per-tenant setup.
Go to accepted answer
3 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    ABP will use MultiTenantConnectionStringResolver to get the connection string for the current tenant when a new EF Core DbContext is created.

    https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.MultiTenancy/Volo/Abp/MultiTenancy/MultiTenantConnectionStringResolver.cs#L12 https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Data/Volo/Abp/Data/DefaultConnectionStringResolver.cs

    So overriding the IConnectionStringResolver is the correct way.

    connect to Azure SQL using Microsoft Entra ID authentication with a Service Principal (Client ID + Client Secret or Certificate).

    Can you share some demo code for using it with DbContext? I will share the solution.

    Thanks

  • User Avatar
    0
    mariovh created

    Hello,

    I don't have a demo solution because we're in the analysis phase and haven't implemented anything yet. I've created a ticket to ask if it's feasible to connect to the database this way, and if there are any design limitations in the framework.

    Thank you very much.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    If EF Core DbContext supports Microsoft Entra ID authentication with a Service Principal , then abp will support it.

    Thanks.

Assignee
User avatar maliming
Question details
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.3.0-preview. Updated on March 11, 2026, 11:45
1
ABP Assistant
🔐 You need to be logged in to use the chatbot. Please log in first.