Comments (7)
That's going to be difficult as the current setup isn't designed to support multiple clients. I'll need to have a think about this.
from auth0net.dependencyinjection.
from auth0net.dependencyinjection.
I'm looking into this and have some queries about your architecture. Generally how I see Machine-to-Machine clients being used is in a one-to-many fashion, so you'd have a single MtM client for a single system that's authorized to access x number of APIs (audiences). As far as I can tell your monolith uses multiple MtM clients and each one is permitted access to a single API, is that correct?
I'd understand the use of multiple MtM clients to maintain security isolation in separate systems, but that doesn't seem to be the case here.
from auth0net.dependencyinjection.
from auth0net.dependencyinjection.
Honestly I'm not very well versed in authorization/authentication so I may not be explaining it very well either.
from auth0net.dependencyinjection.
Instead of my main applicationlike "users" which needs to contact
"notifications" and "settings" having its own credentials, it seems like we
have a client Id and secret for both notifications and settings alone.
There is not an app or m2m setup specifically for users.
I'm guessing someone made the assumption that MtM clients are similar to SPA/Native clients and should be unique per service.
I had a quick run-through of the codebase to see if it'd be possible for me to add support for named clients so I could support this scenario, however it'd require a significant refactor. It's also not a scenario I want to promote so the time investment isn't really worth it for myself.
If you don't have the time to refactor your solution, I would just adjust one of the MtM clients to have API access to both services (Auth0 Dashboard -> Applications -> (settings/notifications client) -> APIs) and pass the same credentials down to both sets of extensions. If you get a InvalidOperationException
at startup, let me know and I'll soften some of the internal checks.
from auth0net.dependencyinjection.
from auth0net.dependencyinjection.
Related Issues (7)
- Add support for different dependency lifetime HOT 2
- Question about AudienceDomainOverride HOT 2
- GetTokenAsync(string audience) should support cancellation token
- Add IServiceProvider as an input to AddAuth0AuthenticationClient HOT 1
- .NET 8 HOT 3
- Auth0Net.DependencyInjection.3.2.0 has a dependency to Microsoft.Extensions.Caching.Memory.8.0.0 for all target frameworks HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth0net.dependencyinjection.