Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Flipping from common tenant to a named tenant mid way through #117

Open
DanaEpp opened this issue Feb 11, 2019 · 2 comments
Open

Flipping from common tenant to a named tenant mid way through #117

DanaEpp opened this issue Feb 11, 2019 · 2 comments

Comments

@DanaEpp
Copy link

DanaEpp commented Feb 11, 2019

So I have been refactoring some code in an effort to make the experience when logging in support multi-tenant selection. So when I first start, I set the tenant to 'common' so I can get a general token on behalf of the user and then query to get a list of tenants.

I then change the tenant to the user selected tenant and try to acquire a new token specific to the tenant. How can I do that without calling login() a second time?

ie:

// Psuedo code
this.adalService.login();
this.adalService.handleWindowCallback();

// Call with common endpoint token
this.adalService.acquireToken('https://management.azure.com');

// Get tenant stuff

// Use one of the new tenant guids
this.adalService.config.tenant = someTenantGuid;
this.adalService.acquireToken('https://management.azure.com');

If I call login() it forces back to the default page, which I don't want. Ideas on how to acquire a new token to the specific tenant after the common tenant was used?

@negberts
Copy link

negberts commented Feb 11, 2019

Why not make the call to get the tenants unauthorized? You only have to get the client id, which is of no use to anyone not in the active directory of that tenant.... And when you have retrieved the correct client id you can login to the specific tenant instead of the common tenant

@DanaEpp
Copy link
Author

DanaEpp commented Feb 11, 2019

You can't. The call to https://management.azure.com always requires a bearer token. You can use the common endpoint to get a basic one that lets you query the tenant endpoint, using that to get the tenant guid before updating the management token so you can do real work in the tenant.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants