0
abpdeveloper@dbizsolution.com created
- ABP Framework version: v4.4
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): Application template with separate identity server
- Exception message and stack trace:
- Steps to reproduce the issue:"
No Authorize is set in the swagger, pls refer screenshot
Now try accessing the abp framework api which returns data even though authorise is not set
Example the https://localhost:44343/api/abp/multi-tenancy/tenants/by-name/SG method returns data even without authorise token set.
How to get this restricted
1 Answer(s)
-
0
hi
This is by design, because we may switch tenants on the Login page, we need to get the basic information of tenants anonymously.
https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.AspNetCore.Mvc.Contracts/Volo/Abp/AspNetCore/Mvc/MultiTenancy/IAbpTenantAppService.cs
