I know about IdentityServer4 authentication mechanism, but i am not sure suitable for tracking users of multiple resellers. In my case we have multiple reseller domain that use a central API gateway. Each reseller have several users. API gateway provide several APIs for resellers. APIs granted for only resellers. Finally i want tracking which user from which reseller call my api?
Do you know about these authentication/authorization mechanism?
I draw flow in below image.
Asked
Active
Viewed 146 times
2
Arash Karami
- 632
- 1
- 8
- 19
-
Notice in many APIs we dont need user login, Just reseller(client) should be login and get a token. – Arash Karami Mar 06 '18 at 09:22
1 Answers
3
You have to build that yourself. Identity Server works best if you follow the developers' intent that it only manages authentication -- sign-in and sign-out, and nothing beyond that.
Considerations like user authorizations/permissions or, in your case, user associations with a given reseller, are not something that Identity Server itself manages. IS4 gets the person logged in, and from there you customize your user store services to associate that user id (by default, a "subject id") with other application-level data.
McGuireV10
- 9,572
- 5
- 48
- 64