英文:
switch signInAudience from AzureADMyOrg to AzureADMultipleOrgs azure
问题
我想在清单中将signInAudience从"AzureADMyOrg"切换到"AzureADMultipleOrgs",并且我在文档中找到identifierURIs必须是全局唯一的,有人可以解释一下这一点吗?
附注:我正在使用 AWS Cognito 作为 identifierURIs(urn:amazon:cognito:sp:<ID>)。
英文:
i want to switch signInAudience in the manifest from "AzureADMyOrg" to "AzureADMultipleOrgs" in the manifest and i find in the documentation that identifierURIs MUST to be globally unique, can some one explaine this point please.
ps: I'm using the aws cognito urn as identifierURIs ( urn:amazon:cognito:sp:< ID > )
答案1
得分: 1
"MUST be globally unique" 意味着它必须与其他租户中的任何其他标识符URI不同。
因为 "AzureADMultipleOrgs" 表示您的应用程序是多租户的,如果您的标识符URI与其他应用程序相同,您的客户将无法通过此标识符URI访问您的应用程序,因为它指向多个应用程序。这会引起混淆。
您不能将 "urn:amazon:cognito:sp:< ID >" 设置为标识符URI,因为当前不再支持 "urn" 作为标识符URI,这与 "MUST be globally unique" 无关。
英文:
"MUST be globally unique" means that it must be different from any other identifierURIs in any other tenants.
Because "AzureADMultipleOrgs" means your app is for multi-tenant, if your identifierURI is the same as others', your customers will not be able to access your app through this identifierURI because it points to multiple apps. This will cause confusion.
You can't set urn:amazon:cognito:sp:< ID > as identifierURIs because urn is no longer supported for identifierURIs currently. It has nothing to do with "MUST be globally unique".
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论