Cosmos DB partitioned access to a database

I am implementing a multi-tenant application using cosmosDB. I am using partition keys to separate multiple users data. Following best practices i am trying to allow each tenant to have its own db access token.

I create a user and permission and use the created token to access the partition. But I get the following error:

Partition key provided either doesn't correspond to definition in the collection or doesn't match partition key field values specified in the document. ActivityId: 1659037a-118a-4a2d-8615-bb807b717fa7, Microsoft.Azure.Documents.Common/1.22.0.0, Windows/10.0.17134 documentdb-netcore-sdk/1.9.1

My code goes as follows:

Constructor Initiates the client

public Projects (CosmosDbConfig cosmosConfig)
{
    config = cosmosConfig;
    client = new DocumentClient(new Uri(config.Endpoint), config.AuthKey);
    collectionUri = UriFactory.CreateDocumentCollectionUri(config.Database, config.Collection);
    config.AuthKey = GetUserToken().Result;;
    client = new DocumentClient(new Uri(config.Endpoint), config.AuthKey);
}

The get user function creates the user and retrieves the token. User Ids are partition keys.

private async Task<string> GetUserToken()
{
        User user = null;
        try
        {
            try
            {
                user = await client.ReadUserAsync(UriFactory.CreateUserUri(config.Database, config.PartitionKey));

            var permission = await GetorCreatePermission(user, config.Collection, config.PartitionKey);
            return permission.Token;
        }
        catch (Exception ex) {
            Console.WriteLine(ex.Message);
        }
        if (user == null)
        {
            user = new User
            {
                Id = config.PartitionKey
            };
            user = await client.CreateUserAsync(UriFactory.CreateDatabaseUri(config.Database), user);
            var permission = await GetorCreatePermission(user, config.Collection, config.PartitionKey);
            return permission.Token;
        }
        else
        {
            throw new Exception("");
        }
    }
    catch (Exception ex)
    {
        throw ex;
    }
}

Permission are done per collections and holds the collection name as ID since Ids are unique per user.

    private async Task<Permission> GetorCreatePermission(User user,
         string collection,
         string paritionKey)
    {
        var permDefinition = new Permission
        {
            Id = collection,
            PermissionMode = PermissionMode.All,
            ResourceLink = collectionUri.OriginalString,
            ResourcePartitionKey = new PartitionKey(paritionKey),
        };
        var perms = client.CreatePermissionQuery(user.PermissionsLink).AsEnumerable().ToList();
        var perm = perms.FirstOrDefault(x => x.Id == collection);
        if (perm != null)
        {
            return perm;
        }
        else
        {
            var result = await client.CreatePermissionAsync(user.SelfLink, permDefinition);
            perm = result.Resource;
            return perm;
        }

    }

The create function utilizes the new client and this where the error occurs.

    public async Task<string> Create(Project p)
    {
        var result = await client.CreateDocumentAsync(collectionUri, p, new RequestOptions()
        { PartitionKey = new PartitionKey(config.PartitionKey),
        });
        var document = result.Resource;
        return document.Id;
    }

Since error says that partition key is incorrect i can suggest you try define partition key pathes while creating collection:

var docCollection = new DocumentCollection();
docCollection.Id = config.CollectionName;   
docCollection.PartitionKey.Paths.Add(string.Format("/{0}", config.PartitionKey );
collectionUri = UriFactory.CreateDocumentCollectionUri(config.Database, docCollection);