cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Http Session based Rights

Hello,

 

we attached two different OIDC providers to our Customer Portal (Power Apps). The customer can chose one of them for login (basically two buttons). Both providers map to the same user (2 external identities). One provider has a higher level of authentication (SwissId in our case).

If the user chooses this provider, he should have more rights during the http session.

It is important, that the additional right only exist in the session. If the user chooses to login with the lower rights provider, he should always have lower rights in his session. That means in particular, that if the user is logged in on two different browsers with different oidc providers on two different computers at the same, each browser session should have different rights.

 

Our current approach overwrites an attribute in the contact table on every login with an oidc provider unique property in the id token. Depending on the state of the property in the contact table, the user has different rights. We implemented frontend logic that stores the attribute immediately after login in the frontend and then perform checks against the contact table. If we detect a change in the attribute, we trigger a logout from frontend. Obviously this approach is not safe.

 

We are looking for solutions like:

  • Is there a session based rights management in Power Apps?
  • If not : Can we invalidate all existing sessions after a user logs in?
  • if not: Any solution that works out of the box?
  • if not: Is there a workaround, that is not nice but at leas safe?

 

Thanks!

 

Best,

Benjamin

 

 

0 REPLIES 0

Helpful resources

Announcements
PA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

secondImage

Demo Extravaganza is Back!

We are excited to announce that Demo Extravaganza for 2021 has started!

MBAS on Demand

Microsoft Business Applications Summit sessions

On-demand access to all the great content presented by the product teams and community members! #MSBizAppsSummit #CommunityRocks

Power Apps June 2021

June Power Apps Community Call

Did you miss the call? Check out the recording here!

Top Solution Authors
Top Kudoed Authors
Users online (27,115)