Tenant Provider

You can use your own authorization requirements with AuthorizationHub, or add the ones we've created for you. When working in a multi tenant environment, you'll need a way to tell AuthorizationHub how to get the tenant's identifier.

There are many ways to include the tenant identifier in a web request, so we've added a interface called the ITenantProvider for you to implement if you have special needs. We have included several providers that you can use out of the box.

# RouteTenantProvider

https://acme/marketing/{tenantId}

When the tenant's identifier is part of the route, you can use the RouteTenantProvider to tell AuthorizationHub how to get the identifier. The tenantId value that comes from the route will be compared to the Tenant's ExternalId in AuthorizationHub. Multi tenant authorization requirements from AuthorizationHub will include the Tenant's ExternalId as part of the requirement.

builder.Services.AddSingleton<ITenantProvider>(x => 
{
    return new RouteTenantProvider("tenantId");
})

# HeaderTenantProvider

In cases where the tenant's identifier is put in the header of a web request, you can use the HeaderTenantProvider to tell AuthorizationHub how to get the identifier. Simply create an instance of the HeaderTenantProvider with the header key for that header value.

builder.Services.AddSingleton<ITenantProvider>(x => 
{
    return new HeaderTenantProvider("tenantId");
})

# QueryTenantProvider

When the tenant's identifier is included as a query string, you can use the QueryTenantProvider to tell AuthorizationHub how to get the identifier. Create an instance of the QueryTenantProvider, and pass the query string key into the constructor.

builder.Services.AddSingleton<ITenantProvider>(x => 
{
    return new QueryTenantProvider("tenantId");
})