Finding the userpool for a user in usermanagement service #55
Comments
|
This solution does not really support that use case. You'd either have to have your tenant's users choose which tenant they'd like their session to act under, or you'd have to have your users use different usernames for the different tenant contexts. Somehow you have to resolve which tenant they are acting as a user of for their requests against your service. Another way to think about this is what other kind of metadata could you use to determine tenant context? For example, if you host a "vanity" subdomain for each of your tenants, then you could use that hostname as a piece of metadata in your auth system to determine what the tenant context is (and therefore which User Pool to look at). When [email protected] wants to use your service as a user of "Company A" then they'd go to company-a.example.com and when they want to use it as a user of "Company B" then they go to company-b.example.com. You can route both of those CNAMEs to the same auth entry point. |
|
Duplicate of #46 |
We intend to have the same user in multiple tenant accounts. This means the same username/email will be mapped to multiple Cognito pool ids in user management service. How can we decide which pool to authenticate the user against when we do not want to have the users select the tenant.
The text was updated successfully, but these errors were encountered: