Owin pipeline per tenant

0
votes

I'm looking at options to implementing different authentication methods in a SAAS application. The saas application is a single instance that services all tenants.

To allow different authentication methods i could create different owin pipelines per tenants to loop through all tenant configurations on startup. See the answer bottom answer here for an explanation: Change OWIN Auth Middleware Per Request (Multi-tenant, oauth API keys per tenant)

I realise any configuration changes to the pipeline would force me to rebuild it but i found a nice repo that seems to be doing the trick. https://github.com/damianh/DynamicKatanaPipeline

Although the solution of creating different pipelines per tenant is possible i worry about this not scaling very well. I was wondering if it is a good solution and whether anybody knows of pitfalls i'm not seeing with this solution or has any experience with setup.

2
owinmulti-tenantowin-middleware

2 Answers

0
votes

Based on my experience in working with SaaS Applications, I foresee no need for having a separate pipeline per tenant. The authentication middleware should be clever enough to get the right tenant identifier based on the supplied authentication information.

Once the Identity is established, the rest of the application will take care of the process of rendering the data to the request based on the identified context.

HTH

0
votes

I have an OWIN.Framework project that among other things allows you to be more flexible about building the OWIN pipeline, including having multiple paths through the pipeline for different types of request.

You could use this to configure different authentication middleware per tenant but other parts of the pipeline will be the same for all tenants.

Let me know if interested and want help getting started.