I have an duende identityserver that has multiple BFFs as a client. One of these BFFs is for my admins.
My identityserver has multiple sign in schemes (Think facebook, google etc) however i want to force my Administrator bff to use the (Azure AD (for my organization only) login.
I was thinking maybe setting clientproperties in the database and having the identityserver respond to that. But i was wondering if there is a more standard way of doing it that I haven't thought about.
Fun fact:
Duende identityserver has Client.IdentityProviderRestrictions
this is excactly what i needed for my goal