I’m implementing a multi-tenancy ADFS application and I have some questions, but first let me explain what I need in other words: I want to enable each customer to configure their own authentication (ADFS) in the same SaaS meteor.
I’m thinking in making a route like
/auth/adfs/:company and automatically redirect the user to configured the ADFS server for the
:company id so the user can authenticate there and the ADFS server will return the oauth2 token and I’ll authenticate the user in my meteor app.
I’m basing my implementation on https://github.com/snowping/meteor.adfs-oauth but making it dynamic to support multiple ADFS services.
My first question is: I see that
meteor_accounts_loginServiceConfiguration is automatically populated in the client with all service configuration in database, but considering I’ll have hundreds I don’t want to publish them all, I just want to publish on demand to the client, when a user hit the
/auth/adfs/:company for example.
My second question is: Will hundreds of service configurations for authentication make the login slow or cause some security issue?
My third question: Is there any other solution different than the one I’m thinking?