We currently have an app where when you login, a region is displayed. This is important particularly for sign ups since we want to explicitly show which region the data is being stored.
However, for login, we want to make it explicit that if a user for example logs in with facebook, if they are a user in US region, that they will be validated against US region but if for example they are a user in EU region, they can still login. I basic
I’m not sure if this is even possible so I want to get other people’s thoughts if they had the same problem.
If I understand correctly, you would like to authenticate users from US against a US tenant while allowing your EU users to authenticate as well, presumably against an EU tenant.
Assuming you’re using universal login, you can use the user’s IP address to determine their region and perform the call to /authorize at the relevant tenant. This would be the simplest solution.
If you are using embedded Lock, you can load the configuration for the relevant region based on the IP address of the user.
Thanks for that. The only case I see this not working is if a user is travelling or even just using a VPN. It might lead to users accidentally creating new accounts on another region. In that case, it might be more useful if the user being aware of the region.
Does it make sense to try against different regions in case the current one doesn’t work? Feels like a lot of overhead and not secure though. Ultimately the goal is for the user just to be able to sign-in in the right region and abstract region.
The ideal approach would be to simply allow your users to choose which region they sign into. If you don’t mind prompting your user for a region, I see no reason not to do this.
You could try against multiple regions as you suggested, but there isn’t an elegant way to implement it and there may be security implications (although nothing jumps out to me at this moment). I also can’t advise as to how it would comply with EU data laws or other data residency requirements, so that’s another issue you would need to consider.