AspNetCore Multi-Tenant Jwt Bearer Token Configuration

[BrianMikinski]

Is there an existing issue for this?

• I have searched the existing issues

Is your feature request related to a problem? Please describe the problem.

@HaoK @Tratcher @blowdart

Hi y'all,

I'm trying to configure multiple jwt bearer tokens for authentication in an AspNetCore project.

Currently, I have a solution working based on utilizing a custom IOptionsMonitor. The basic strategy I followed came from this GitHub issue and the subsequent Stack Overflow post.

While this is working, is there a better or more officially supported strategy for multi-tenant jwt bearer token auth? I've also noticed the following multi-tenant auth posts but have yet to see anything canonical from the AspNet team. Thanks in advance for any help or suggestions!

• Multiple jwt authentication schemes are not working #38498
• Consider resolving IAuthenticationSchemeProvider from DI in Invoke in AuthenticationMiddleware #4649
• Add a multitenant auth options sample #4126
• Add Multi-Tenant support aspnet/Security#1718

Describe the solution you'd like

Suggested best practices for multi-tenant jwt bearer token auth scenarios.

Additional context

None.

[ghost]

Thanks for contacting us.

We're moving this issue to the .NET 8 Planning milestone for future evaluation / consideration. We would like to keep this around to collect more feedback, which can help us with prioritizing this work. We will re-evaluate this issue, during our next planning meeting(s).
If we later determine, that the issue has no community involvement, or it's very rare and low-impact issue, we will close it - so that the team can focus on more important and high impact issues.
To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

[davidfenko]

Hello @BrianMikinski do you perhaps have the option to share your solution for reference?

Also, I realise this is not an architecture-based solution, but a dynamic JWT handler implementation has been done here.

[BrianMikinski]

@davidfenko - Unfortunately I do not have a repo I can share but the solution shown athttps://github.com/PoweredSoft/DynamicJwtBearer/tree/master is quite interesting. This may be another version of what we were able to achieve. Thank you for the response

[mkArtakMSFT]

Thanks for contacting us.
While this may be a great idea, it is not aligned with our long-term vision to make it part of the framework. For many other ideas which don't belong to the framework we encourage the community to build and ship on their own, contributing to the expanding .NET Ecosystem.

You can learn more about our triage process and how we handle issues by reading our Triage Process writeup.