Open Closed

Multitenant swagger authentication #4383


User avatar
0
Mohammed.sheik created

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

If you're creating a bug/problem report, please include followings:

  • ABP Framework version: v5.2.2
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

Hi There,

Please assist with the below scenario:

We need to authenticate users from different tenants on our Swagger frontend. I have changed the Swagger config to use password flow so I can establish the tenant that the user belongs to however users that belong to tenants cannot be authenticated, please see error screenshot below. I am aware that the __tenant header field needs to be set, please advise how this can be done.

<br> Below is my Swagger config:

    if (apiTitle == "XxxService API")
    {
        context.Services.AddAbpSwaggerGen(
        options =>
        {
            options.SwaggerDoc(apiName, new OpenApiInfo { Title = apiTitle, Version = apiVersion });
            options.DocInclusionPredicate((docName, description) => true);
            options.CustomSchemaIds(type => type.FullName);
            options.DocumentFilter<CustomSwaggerFilter>();

            options.AddSecurityDefinition(
                "oauth2PasswordFlows",
                new OpenApiSecurityScheme
                {
                    Type = SecuritySchemeType.OAuth2,
                    Flows = new OpenApiOAuthFlows
                    {
                        Password = new OpenApiOAuthFlow() 
                        {
                            AuthorizationUrl = new Uri("https://localhost:44322/connect/authorize"),
                            TokenUrl = new Uri("https://localhost:44322/connect/token"),
                            Scopes = scopes
                        }
                    }
                });
            options.AddSecurityRequirement(
                new OpenApiSecurityRequirement
                {
                    {
                        new OpenApiSecurityScheme{
                            Reference = new OpenApiReference{
                                Id = "oauth2PasswordFlows",
                                Type = ReferenceType.SecurityScheme
                            }
                        },
                        new List<string>()
                    }
                });
        });
    }

Your help is greatly appreciated.


3 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    As far as I know, swagger cannot customize request parameters.

  • User Avatar
    0
    Mohammed.sheik created

    hi

    As far as I know, swagger cannot customize request parameters.

    Is there any way to make this work?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    You can try to change the cookies(__tenant).

Made with ❤️ on ABP v9.1.0-preview. Updated on December 05, 2024, 12:19