The LoginPassword action is a System Action that logs a specified end-user in the system. The last login information is updated. All persistent roles are loaded with the respective grant or revoke. See Persistency in Roles.
The Login action clears all Session Variables to their default values when a different end-user logs in.
An invalid login exception might be raised when, for example, the user does not exist or is not active, the password does not match the value stored in the database, etc.
When developing multi-tenant applications you need to ensure that the session is bound to the correct tenant. Since the LoginPassword action runs in the scope of the current tenant, if the user does not exist in that tenant, the LoginPassword action fails.
To ensure the correct login process is performed, you need to:
Design the business logic to obtain the tenant for the end-user;
Use the TenantSwitch System action to bind the session to the obtained tenant;
Use the LoginPassword action.
As an alternative you can use the User_Login action from the Users module. This action automatically binds the session to the correct tenant. To use this action, you just need to ensure that end-users have unique usernames across all tenants.
Login Action |Logout Action | Authenticating Users | Overview of System Actions and Functions