Replies: 3 comments
-
I did some more reading and it appears that additional Tenants are just other orchard instances running under the default Tenant. If that's true... is it impossible to get a JWT by authorizing with an Orchard user and accessing a REST API from a Resource Server that is not Orchard? |
Beta Was this translation helpful? Give feedback.
-
@MichaelPetrinolis do you understand the question? |
Beta Was this translation helpful? Give feedback.
-
@sebastienros I think the question is if Orchard Core validates tokens issued by external Identity Providers and impersonates to an Orchard Core user. @nitewulf multitenancy in Orchard means that multiple sites can be hosted by a single application. The default site can have the role to manage and create new tenants by enabling Tenants feature. Each tenant can be reached by a full domain name, or by the full domain name of the default tenant suffixed by the tenant name. You can add the role of IdP to any instance you wish by enabling OpenID Server feature. Each tenant can accept/validate tokens, by enabling the validation sub feature of OpenID (https://docs.orchardcore.net/en/dev/docs/reference/modules/OpenId/#token-validation). If you don't provide the tenant (Orchard Core IdP) that issues the tokens, you must provide the Authority (non orchard IdP) and audience of the tokens. The Orchard Core OpenID server and validation is an implementation based on the excellent OpenIdDict (https://github.com/openiddict) library. |
Beta Was this translation helpful? Give feedback.
-
I've learned that I need to create a Tenant and tell a newly created Scope that it is associated with that tenant for the generated JWT to include the correct resource server. I'm in the processing of setting up the new Tenant, but it is just running over HTTP
After setting the host name, I see that the Tenant URI is automatically prepended with https://. Is there a config file that can be updated to allow an http tenant?
Beta Was this translation helpful? Give feedback.
All reactions