We currently use the same OAuth credentials for all tenants on our IDAs. This works because the auth service (LMS) is not truly multi-tenant. Just because LMS is not truly multi-tenant doesn't mean our IDAs cannot be.
Most of the IDAs use the Django sites framework coupled with a custom model (e.g. SiteConfiguration). We should properly codify this implementation in https://github.com/edx/edx-django-extensions. Once that is done, we can create a new strategy that is multi-tenant-aware.
If we ever get to the point of separating users, we should explore a new storage backend as well as discussed in omab/python-social-auth#552.
We currently use the same OAuth credentials for all tenants on our IDAs. This works because the auth service (LMS) is not truly multi-tenant. Just because LMS is not truly multi-tenant doesn't mean our IDAs cannot be.
Most of the IDAs use the Django sites framework coupled with a custom model (e.g.
SiteConfiguration). We should properly codify this implementation in https://github.com/edx/edx-django-extensions. Once that is done, we can create a new strategy that is multi-tenant-aware.If we ever get to the point of separating users, we should explore a new storage backend as well as discussed in omab/python-social-auth#552.