You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2.5 KiB
2.5 KiB
LINGYUN.Abp.OpenIddict.LinkUser
Introduction
LINGYUN.Abp.OpenIddict.LinkUser is a user linking extension module for OpenIddict, providing authentication functionality between linked users.
Features
-
User Link Authentication
- Support for user-to-user linking authentication
- Support for cross-tenant user linking
- Support for access token exchange
-
Extension Grant Type
- Add link_user grant type
- Support for custom authorization flow
- Security log recording
-
Localization Support
- Integrated with ABP localization framework
- Support for custom error messages
Installation
dotnet add package LINGYUN.Abp.OpenIddict.LinkUser
Usage
-
Add
[DependsOn(typeof(AbpOpenIddictLinkUserModule))]to your module class. -
Configure OpenIddict server:
public override void PreConfigureServices(ServiceConfigurationContext context)
{
PreConfigure<OpenIddictServerBuilder>(builder =>
{
// Allow link_user grant type
builder.AllowLinkUserFlow();
});
}
- Usage example:
POST /connect/token
Content-Type: application/x-www-form-urlencoded
grant_type=link_user&
access_token=current-user-access-token&
LinkUserId=target-user-id&
LinkTenantId=target-tenant-id&
scope=openid profile
Parameters
-
access_token (required)
- Current user's access token
- Used to verify current user's identity
-
LinkUserId (required)
- Target linked user's ID
- Must be a valid GUID format
-
LinkTenantId (optional)
- Tenant ID of the target linked user
- If specified, must be a valid GUID format
-
scope (optional)
- Requested permission scopes
- Defaults include openid profile
Notes
- A valid access token must be provided
- The target user must have a linking relationship with the current user
- Correct tenant ID must be specified for cross-tenant linking
- All operations are recorded in security logs
- HTTPS is recommended in production environments