3
votes

We are looking for Authentication methods for a Multi-Tenant SaaS application. We have been exploring Azure B2C but have not been able to provide suitable user to organization (Tenant) management.

We are exploring options like;

  • Microsoft's Azure AD B2C or an alternate service
  • B2C's Multi Tenant support to provide user/data segregation by Tenant (or Organization)

Environment;

  • We are using .Net Core 2 for the application and api's
  • We will have native phone applications that use the api's
  • Must use a common login service for all applications (Phones and Web)

What we need to do;

  • Authenticate Users

  • The first user for an Organization(Tenant) would;

    • create the organization
    • sent invitations to their organization's users
  • Subsequent users would take the invitation link

    • create an account joined to the organization using
      • Email/Username and Password
      • or connect a Social account to the invitation
      • or other services supplied by Azure AD B2C like another Azure AD
  • From the login service return a JWT Token

    • Needs to include the Organization to secure organization data
    • the JWT needs to be passed to child API's
    • Child API's will need to validate the token without external calls

Any ideas, sample applications or alternate products ideas are appreciated.

1
We would also be open to any open source LDAP type of solutions.Weblord
What approach did you find to work best? I'm looking towards doing something very similar.Martín La Rosa

1 Answers

-1
votes

We did find http://identityserver.io/

A quick summary from their website;

The Open Source OpenID Connect and OAuth 2.0 framework for .NET.

IdentityServer is OpenID Certified and part of the .NET Foundation.

We are currently exploring this, and wanted to add this as a possible solution to the question.