Multi tenancy OAuth with Spring Security 5. 2

A very typical OAuth deployment includes an Authorization Server and a set of applications and APIs that trust authorities issued by that Authorization Server. But what about APIs and applications that serve more than one tenant Can a single API or application trust multiple Authorization Servers What about making those decisions programmatically at runtime or via a database Multitenant deployments bring their own set of challenges, especially when you have thousands of tenants of varying shapes and sizes. This talk will introduce AuthenticationManagerResolver, a simple interface from Spring Security that packs a lot of punch due to its strategic placement in the filter chain. Well also review Spring Securitys ClientRegistrationRepository and where it comes into play. Well begin with a very typical OAuth application and then explore a few different deployment models, expanding it throughout the talk into a secure, yet dynamic, databasedriven, multitenant deployment.