We are looking for Authentication methods for a Multi-Tenant SaaS application. We have been exploring Azure B2C but have not been able to provide suitable user to organization (Tenant) management.
We are exploring options like;
- Microsoft's Azure AD B2C or an alternate service
- B2C's Multi Tenant support to provide user/data segregation by Tenant (or Organization)
Environment;
- We are using .Net Core 2 for the application and api's
- We will have native phone applications that use the api's
- Must use a common login service for all applications (Phones and Web)
What we need to do;
Authenticate Users
The first user for an Organization(Tenant) would;
- create the organization
- sent invitations to their organization's users
Subsequent users would take the invitation link
- create an account joined to the organization using
- Email/Username and Password
- or connect a Social account to the invitation
- or other services supplied by Azure AD B2C like another Azure AD
- create an account joined to the organization using
From the login service return a JWT Token
- Needs to include the Organization to secure organization data
- the JWT needs to be passed to child API's
- Child API's will need to validate the token without external calls
Any ideas, sample applications or alternate products ideas are appreciated.