2

Multiple apps, are under the same company, thus share users. Kinda like what Google does.

The apps have different databases, storages and resource schemes, therefore different requirements as for resource authorization.

The user can access apps using single singing, sharing the session.

I'm still at the designing stage. How should I approach it? Could it be that it simply comes down to writing different resource authorization attributes for each app?

what I want to achieve

Shy Agam
  • 1,285
  • 1
  • 13
  • 37
  • 1
    Perhaps you should take a look at PolicyServer: https://leastprivilege.com/2018/01/17/announcing-policyserver/ –  Apr 10 '18 at 12:10
  • Excellent. Thanks. Does this mean I need 1 IdentityServer and n PolicyServers - one for each app? – Shy Agam Apr 11 '18 at 02:24
  • I've been too busy to try it, I've only watched the presentation video. But this is something I would explore in your case. At least the idea behind it. If you are planning to use the free version: "it will be for a single application only and not include the management pieces or the advanced modeling capabilities.". So you'll need multiple servers in that case. Anything extra you want, you'll have to build it yourself. I'm sure everything is possible. But if you have the budget, you may want to use the commercial product. –  Apr 11 '18 at 07:22
  • You are correct. I have contacted them. The idea is to have 1 centralized PolicyServer for all the apps. Just like IdentityServer. – Shy Agam Apr 11 '18 at 12:41

1 Answers1

1

You should use different databases, storages and resource schemes. Each app has its own unique name for connection. For example db connection name userdb, storage connection username struser... not use same password that accounts.

M. Fatih
  • 115
  • 5