0

This code is working for a single tenant application. How does it need to be changed to work with multi-tenant application (Web API)? Is setting ValidateIssuer = false the right way?

sample

services.AddAuthentication(options =>
         {
             options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
         })
        .AddJwtBearer(options =>
            {
                var azureAdOptions = new AzureADOptions();
                Configuration.Bind("AzureAd", azureAdOptions);
                options.Authority = $"{azureAdOptions.Instance}{azureAdOptions.TenantId}/v2.0";
                options.TokenValidationParameters = new TokenValidationParameters
                    {
                        ValidAudiences = SSOAuthHelper.GetValidAudiences(Configuration),
                        ValidIssuers = SSOAuthHelper.GetValidIssuers(Configuration),
                        AudienceValidator = SSOAuthHelper.AudienceValidator
                    };
                });
marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
DevÁsith
  • 1,072
  • 12
  • 38

0 Answers0