Is there a good "vetted" way to handle having multiple copies of the same account for different tenants? Are there some recommended design patterns?
In my situation, our application routes tenant based on the URL:
http://ift.tt/1GXibvq --> selects "ten_a" tenant
http://ift.tt/1BUXOQu --> selects "ten_b" tenant
I am running into this problems:
Bob, who has account at ten_a
, tries to login to ten_b.software.com
, or even softare.com
. If Bob is simply typing URLs in his browser, it is not much to let him know to use the correct address, but this gets more complicated when another entity is trying to authenticate Bob through, say, OAuth2 exchange. That third party may not know which tenant to direct its auth request. I only see two solutions here:
- Ask Bob to enter his tenant information alongside his username/password. Big minus is user experience and UI overhead.
- Implement a tenant router based on usernames. Big minus here is this seems like a minefield. It gets further complicated when Bob has an account on two different tenants.
Am I missing anything here?
Aucun commentaire:
Enregistrer un commentaire