I want to allow users of a SaaS based, asp.net MVC, Multi-tenant DB to login using their social media credentials (FB, TW, G+, etc).
In addition to the social media account validation, how can we determine which tenant or users within a tenant in the DB to validate against? I presume some flavor of Asp.Net Identity should be used to bridge the gap??
I have implemented a custom OAuth server that inturn handles the pluggability of the various social media login modes via OWIN middlewares.
However, when you wanted to have a simplified approach, you can choose to go with Windows Azure Access Control service which can enable you to identify the tenant via their URI.
In that case, you can infer the tenant name or tenant unique value from the URI [like a subdomain part] of the URI.Host.
You may refer here / here / here.
In case you wanted to build your own model, you will have to capture the tenant information via either a unique URI from where the tenant comes from or from getting a tenant unique value from the UI or as a query string from a URI [Rare & least secure case].
The points worth pondering upon will be
Please share your thoughts on the points above.