cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Http Session based Rights

Hello,

 

we attached two different OIDC providers to our Customer Portal (Power Apps). The customer can chose one of them for login (basically two buttons). Both providers map to the same user (2 external identities). One provider has a higher level of authentication (SwissId in our case).

If the user chooses this provider, he should have more rights during the http session.

It is important, that the additional right only exist in the session. If the user chooses to login with the lower rights provider, he should always have lower rights in his session. That means in particular, that if the user is logged in on two different browsers with different oidc providers on two different computers at the same, each browser session should have different rights.

 

Our current approach overwrites an attribute in the contact table on every login with an oidc provider unique property in the id token. Depending on the state of the property in the contact table, the user has different rights. We implemented frontend logic that stores the attribute immediately after login in the frontend and then perform checks against the contact table. If we detect a change in the attribute, we trigger a logout from frontend. Obviously this approach is not safe.

 

We are looking for solutions like:

  • Is there a session based rights management in Power Apps?
  • If not : Can we invalidate all existing sessions after a user logs in?
  • if not: Any solution that works out of the box?
  • if not: Is there a workaround, that is not nice but at leas safe?

 

Thanks!

 

Best,

Benjamin

 

 

0 REPLIES 0

Helpful resources

Announcements
PA_User Group Leader_768x460.jpg

Manage your user group events

Check out the News & Announcements to learn more.

secondImage

Power Apps Community Call

Please join us on Wednesday, October 20th, at 8a PDT. Come and learn from our amazing speakers!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

Welcome Super Users.jpg

Super User Season 2

Congratulations, the new Super User Season 2 for 2021 has started!

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Top Solution Authors
Users online (1,329)