I've been searching this for a while now. Does anybody here know how to handle the below case.
I have a SaaS app which requires SSO using Azure directory. I'm able to do it with django-allauth
. Now, I need to restrict this to tenants(customers) who have a subscription with us.
To do this, I'm thinking, if I can get the tenantId from Azure directory then I can do a database lookup to see if the customer has a subscription with us. So, does anybody here know how can I accomplish that?
Here is a reference from MS which is not that clear on the how to get tenantId part
.
The code from MS for .net
for doing what I want to do with django-allauth
: MS .NET sample app
I was able to find a solution to the above problem. Whenever the authentication is successful, we get an access token
which is a Json Web Token
.
Now, if you decode that JWT
, you'll get certain claims
that come with it. One of the claims
by the key tid
is the tenantId
.
So, in terms of a solution, what I did was this:
DefaultSocialAccountAdapter
pre_social_login
and decoded the access token
to get the tenantId
.tenantId
's to verify against. I'm taking that from the user who has admin access for that company.Hope this helps someone. I'll be happy to add or clarify the approach more, if needed.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.