Strategy for multi tenant w/ potentially varying roles

[GFoley83]

What strategy would you take when taking into consideration that you could also have different roles in each tenant?

My initial thoughts are to implement some custom logic to support this via ApplicationUser & ApplicationRole when registering Identity e.g. services.AddIdentity<ApplicationUser, ApplicationRole>(), which is similar to your approach here: https://www.scottbrady91.com/aspnet-identity/quick-and-easy-aspnet-identity-multitenancy

An alternative may be to use the AddAuthorizeInteractionResponseGenerator :

services.AddIdentityServer()
                .AddAuthorizeInteractionResponseGenerator<AccountChooserResponseGenerator>()

As discussed here: https://blog.bitsrc.io/using-identity-server-for-multi-tenant-web-applications-c511ffa3e428

Thank you!