All operation to IdentityService work has host and not tenant.
I try to crate user, role and data was stored without tenant Id. If I put tenant Id data hide on application
https://uat.api.routilia.com/api/identity/users?skipCount=0&maxResultCount=10
the full log is
2025-07-08 10:05:28.051 +02:00 [INF] Request starting HTTP/1.1 GET http://localhost/api/identity/users?skipCount=0&maxResultCount=10 - null null
2025-07-08 10:05:28.051 +02:00 [INF] CORS policy execution failed.
2025-07-08 10:05:28.051 +02:00 [INF] Request origin https://uat.app.routilia.com does not have permission to access the resource.
2025-07-08 10:05:28.052 +02:00 [ERR] HttpContext.User Claims:
2025-07-08 10:05:28.052 +02:00 [ERR] [{"Type":"iss","Value":"https://uat.auth.routilia.com/"},{"Type":"exp","Value":"1751965086"},{"Type":"iat","Value":"1751961486"},{"Type":"aud","Value":"AuthServer"},{"Type":"aud","Value":"IdentityService"},{"Type":"aud","Value":"AdministrationService"},{"Type":"aud","Value":"SaasService"},{"Type":"aud","Value":"AuditLoggingService"},{"Type":"aud","Value":"GdprService"},{"Type":"aud","Value":"LanguageService"},{"Type":"aud","Value":"OfficeService"},{"Type":"scope","Value":"offline_access address roles openid profile email phone AuthServer IdentityService AdministrationService AuditLoggingService GdprService SaasService LanguageService OfficeService"},{"Type":"jti","Value":"b1ebdbb7-52dc-4329-8331-cdc28f284bd3"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier","Value":"3a1a949e-a476-dba3-2b07-d7c455a854e7"},{"Type":"preferred_username","Value":"admin"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress","Value":"cliente1@rtl.local"},{"Type":"http://schemas.microsoft.com/ws/2008/06/identity/claims/role","Value":"admin"},{"Type":"tenantid","Value":"3a1a949e-a031-030d-c51f-352140da4b89"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname","Value":"admin"},{"Type":"phone_number_verified","Value":"False"},{"Type":"email_verified","Value":"False"},{"Type":"editionid","Value":"3a1a94a1-c765-9dee-a1e2-3fcb20b38d0a"},{"Type":"session_id","Value":"25376a06-1286-4291-9b1f-3b2c956c8739"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","Value":"admin"},{"Type":"oi_prst","Value":"Angular"},{"Type":"oi_au_id","Value":"3a1afb37-9cbb-d457-bea3-0b7f0225e1e7"},{"Type":"client_id","Value":"Angular"},{"Type":"oi_tkn_id","Value":"3a1afb37-9cd8-2550-7447-459af0840dd1"}]
2025-07-08 10:05:28.052 +02:00 [ERR] Current User Claims:
2025-07-08 10:05:28.052 +02:00 [ERR] [{"Type":"iss","Value":"https://uat.auth.routilia.com/"},{"Type":"exp","Value":"1751965086"},{"Type":"iat","Value":"1751961486"},{"Type":"aud","Value":"AuthServer"},{"Type":"aud","Value":"IdentityService"},{"Type":"aud","Value":"AdministrationService"},{"Type":"aud","Value":"SaasService"},{"Type":"aud","Value":"AuditLoggingService"},{"Type":"aud","Value":"GdprService"},{"Type":"aud","Value":"LanguageService"},{"Type":"aud","Value":"OfficeService"},{"Type":"scope","Value":"offline_access address roles openid profile email phone AuthServer IdentityService AdministrationService AuditLoggingService GdprService SaasService LanguageService OfficeService"},{"Type":"jti","Value":"b1ebdbb7-52dc-4329-8331-cdc28f284bd3"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier","Value":"3a1a949e-a476-dba3-2b07-d7c455a854e7"},{"Type":"preferred_username","Value":"admin"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress","Value":"cliente1@rtl.local"},{"Type":"http://schemas.microsoft.com/ws/2008/06/identity/claims/role","Value":"admin"},{"Type":"tenantid","Value":"3a1a949e-a031-030d-c51f-352140da4b89"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname","Value":"admin"},{"Type":"phone_number_verified","Value":"False"},{"Type":"email_verified","Value":"False"},{"Type":"editionid","Value":"3a1a94a1-c765-9dee-a1e2-3fcb20b38d0a"},{"Type":"session_id","Value":"25376a06-1286-4291-9b1f-3b2c956c8739"},{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","Value":"admin"},{"Type":"oi_prst","Value":"Angular"},{"Type":"oi_au_id","Value":"3a1afb37-9cbb-d457-bea3-0b7f0225e1e7"},{"Type":"client_id","Value":"Angular"},{"Type":"oi_tkn_id","Value":"3a1afb37-9cd8-2550-7447-459af0840dd1"}]
2025-07-08 10:05:28.052 +02:00 [ERR] UserId Claim Type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
2025-07-08 10:05:28.052 +02:00 [ERR] UserName Claim Type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
2025-07-08 10:05:28.052 +02:00 [ERR] Role Claim Type: http://schemas.microsoft.com/ws/2008/06/identity/claims/role
2025-07-08 10:05:28.052 +02:00 [ERR] Authorization Header: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjI5MzBDQUQ1REEyNTQ2N0U2NkZFQTgxOEVBNDU0NzhBNDBEMTM5RTciLCJ4NXQiOiJLVERLMWRvbFJuNW1fcWdZNmtWSGlrRFJPZWMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL3VhdC5hdXRoLnJvdXRpbGlhLmNvbS8iLCJleHAiOjE3NTE5NjUwODYsImlhdCI6MTc1MTk2MTQ4NiwiYXVkIjpbIkF1dGhTZXJ2ZXIiLCJJZGVudGl0eVNlcnZpY2UiLCJBZG1pbmlzdHJhdGlvblNlcnZpY2UiLCJTYWFzU2VydmljZSIsIkF1ZGl0TG9nZ2luZ1NlcnZpY2UiLCJHZHByU2VydmljZSIsIkxhbmd1YWdlU2VydmljZSIsIk9mZmljZVNlcnZpY2UiXSwic2NvcGUiOiJvZmZsaW5lX2FjY2VzcyBhZGRyZXNzIHJvbGVzIG9wZW5pZCBwcm9maWxlIGVtYWlsIHBob25lIEF1dGhTZXJ2ZXIgSWRlbnRpdHlTZXJ2aWNlIEFkbWluaXN0cmF0aW9uU2VydmljZSBBdWRpdExvZ2dpbmdTZXJ2aWNlIEdkcHJTZXJ2aWNlIFNhYXNTZXJ2aWNlIExhbmd1YWdlU2VydmljZSBPZmZpY2VTZXJ2aWNlIiwianRpIjoiYjFlYmRiYjctNTJkYy00MzI5LTgzMzEtY2RjMjhmMjg0YmQzIiwic3ViIjoiM2ExYTk0OWUtYTQ3Ni1kYmEzLTJiMDctZDdjNDU1YTg1NGU3IiwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJlbWFpbCI6ImNsaWVudGUxQHJ0bC5sb2NhbCIsInJvbGUiOiJhZG1pbiIsInRlbmFudGlkIjoiM2ExYTk0OWUtYTAzMS0wMzBkLWM1MWYtMzUyMTQwZGE0Yjg5IiwiZ2l2ZW5fbmFtZSI6ImFkbWluIiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjoiRmFsc2UiLCJlbWFpbF92ZXJpZmllZCI6IkZhbHNlIiwiZWRpdGlvbmlkIjoiM2ExYTk0YTEtYzc2NS05ZGVlLWExZTItM2ZjYjIwYjM4ZDBhIiwic2Vzc2lvbl9pZCI6IjI1Mzc2YTA2LTEyODYtNDI5MS05YjFmLTNiMmM5NTZjODczOSIsInVuaXF1ZV9uYW1lIjoiYWRtaW4iLCJvaV9wcnN0IjoiQW5ndWxhciIsIm9pX2F1X2lkIjoiM2ExYWZiMzctOWNiYi1kNDU3LWJlYTMtMGI3ZjAyMjVlMWU3IiwiY2xpZW50X2lkIjoiQW5ndWxhciIsIm9pX3Rrbl9pZCI6IjNhMWFmYjM3LTljZDgtMjU1MC03NDQ3LTQ1OWFmMDg0MGRkMSJ9.Ranh4KoSTu9YmXTE33LJjkcKU-BU84QIIv7VMZU17DOP_IV8brTWgrXumSKJDyWmPH413JhdNP_K_45rCMlP-DwdejUa_dpRqRrJQfux2_M0FlnCCDehZleor0VYkwpcWHa4uHhsH_L5DiBu57b4dwzByG2Vt_XUzqZrfYW2SDcoHTrBBfI6RTAUv6tWPES-KBntJJLnLRDheFQA04Q_dWE90r0ZMDy9oy3S107_0qKxQ2ZPPgDAzCh18ZxjPXuV0aSTbF4J0lZOHoguu9usuAELWRQlcClxEGFoYJt34EpdPgvMgecTfhBFo6UiODy6nu25Cc2uxbT68ybhvOVrgA
2025-07-08 10:05:28.055 +02:00 [INF] Executing endpoint 'Volo.Abp.Identity.IdentityUserController.GetListAsync (Volo.Abp.Identity.Pro.HttpApi)'
2025-07-08 10:05:28.055 +02:00 [INF] Route matched with {area = "identity", controller = "User", action = "GetList"}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Application.Dtos.PagedResultDto`1[Volo.Abp.Identity.IdentityUserDto]] GetListAsync(Volo.Abp.Identity.GetIdentityUsersInput) on controller Volo.Abp.Identity.IdentityUserController (Volo.Abp.Identity.Pro.HttpApi).
2025-07-08 10:05:28.067 +02:00 [INF] Executing ObjectResult, writing value of type 'Volo.Abp.Application.Dtos.PagedResultDto`1[[Volo.Abp.Identity.IdentityUserDto, Volo.Abp.Identity.Pro.Application.Contracts, Version=9.1.1.0, Culture=neutral, PublicKeyToken=null]]'.
2025-07-08 10:05:28.067 +02:00 [INF] Executed action Volo.Abp.Identity.IdentityUserController.GetListAsync (Volo.Abp.Identity.Pro.HttpApi) in 11.9418ms
2025-07-08 10:05:28.067 +02:00 [INF] Executed endpoint 'Volo.Abp.Identity.IdentityUserController.GetListAsync (Volo.Abp.Identity.Pro.HttpApi)'
2025-07-08 10:05:28.068 +02:00 [INF] Request finished HTTP/1.1 GET http://localhost/api/identity/users?skipCount=0&maxResultCount=10 - 200 null application/json; charset=utf-8 16.5087ms
The empty claims happen only with health checks
2025-07-08 09:56:30.135 +02:00 [ERR] HttpContext.User Claims: 2025-07-08 09:56:30.135 +02:00 [ERR] [] 2025-07-08 09:56:30.135 +02:00 [ERR] Current User Claims: 2025-07-08 09:56:30.135 +02:00 [ERR] [] 2025-07-08 09:56:30.135 +02:00 [ERR] UserId Claim Type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier 2025-07-08 09:56:30.135 +02:00 [ERR] UserName Claim Type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name 2025-07-08 09:56:30.135 +02:00 [ERR] Role Claim Type: http://schemas.microsoft.com/ws/2008/06/identity/claims/role 2025-07-08 09:56:30.135 +02:00 [ERR] Authorization Header is missing or empty.
I tyr this fix.
In the main time I check the ClaimTable and it'empty
No is not this problem related
I’m working with ABP 9.1.1 in a microservices-based application.
I deployed it on Linux machines using NGINX: one machine exposes the Angular app, API Gateway, and Auth Server. The Angular app is directly exposed on the first machine, while the Gateway and Auth Servers have NGINX forwarding traffic to the second machine.
The strange thing is this: when I enter a tenant and request data from a new microservice, I only see data for my tenant, as expected. However, when I request user data, I see Host-level data.
https://github.com/abpframework/abp/issues/21188
I had already faced similar issues, like in this GitHub issue, but it was never fully investigated or resolved.
I need to separate "AbpAuditLogging" from "AdministrationService" in a separete DB.
How can I do it? I need to create a new aggregation on Shared "LoggingService", put "AbpAuditLogging" and remove from "AdmistrationService". About other services I need to add the new connection string for all?
I'm using ABP 7.4.5
ABP: 7.4.5
I've a module with text template.
When I test my module solution the email create with text template works fine but when I add my module to my microservice I get this error:
Could not find a file/folder at the location: /Emailing/Templates/NewTicket.tpl
I look in a registration process when add item to virtual file system and I see my resources.
I need to add somnthing else to work with microservice?
We have same issue in old version and we fix the tinycolor
I found the problem is related that module use local bus but TenatCreateEto is not rigestered in Host.
I thnink colud be create a host with saas configuration enable could be a good option for developer
