We currently use the
JwtAuthProvider as a custom
IAuthProvider in the
AuthFeature, that we of course register once in the AppHost.
JwtAuthProvider is currently fed a
AuthKeyBase64 value from a setting in
IAppSettings on registration.
appHost.Plugins.Add(new AuthFeature(() => new AuthUserSession(), new IAuthProvider
RequireSecureConnection = true,
AuthKeyBase64 = appSettings.GetString("JwtAuthNKeySetting"),
We now want to make this service multi-tenanted, which means we are going to have a different value of
AuthKeyBase64 for each tenant, and therefore different for every request.
Are there any suitable approaches in ServiceStack to re-read the
AuthKeyBase64 value from configuration every request that comes in?
I've modified JWT AuthProvider to allow overriding of Auth Keys per request by overriding
GetRuntimeConfig() in your AppHost in this commit where you can override the AuthKey that's used for the request with something like:
public override T GetRuntimeConfig<T>(IRequest req, string name, T defaultValue)
if (name == nameof(JwtAuthProvider.AuthKey))
byte tenantAuthKey = ...;
This change is available from ServiceStack v5 that's now available on MyGet, please review the v5 changes before upgrading.