Page History
...
- Check if user is logged in using OpenID Connect → JWT Token Claims should contain tenant claim
- If user is not logged in, then tenant header should be present and valid. HTTP header is valid when its value is in a list of allowed tenants
- If user is logged in, then tenant header is not necessary. If it exists, then it needs to match tenant claim
Info |
---|
tenant claim - JWT token claim that can be configured by changing property blueriq.security.jwt-claims.claim-mapping.TenantID=$.TenantID tenant header - HTTP header that is passed in HTTP request, can be configured by changing property blueriq.multi-tenancy.httpHeader=X-TENANT-ID allowed tenants - set of tenants that can be used in system, can be configured using property blueriq.multi-tenancy.allowedTenants=blueriq,everest |
Tenant claim
JWT token claim that can be configured by changing property blueriq.security.jwt-claims.claim-mapping.TenantID
Code Block |
---|
blueriq.security.jwt-claims.claim-mapping.TenantID=$.TenantID |
Tenant header
HTTP header that is passed in HTTP request, can be configured by changing property blueriq.multi-tenancy.httpHeader
Code Block |
---|
blueriq.multi-tenancy.httpHeader=X-TENANT-ID |
Allowed tenants
set of tenants that can be used in system, can be configured using property blueriq.multi-tenancy.allowedTenants
Code Block |
---|
blueriq.multi-tenancy.allowedTenants=blueriq,everest |
Configuration OpenID Connect with Multitenancy
...