okta

问题 We are developing an application in which we plan to use Okta as the ID provider. However, this application will be hosted in Azure and we would like to use the Azure ACS for Federation. However, off late we came to know that ACS is going be integrated with Azure AD (http://blogs.technet.com/b/ad/archive/2015/02/12/the-future-of-azure-acs-is-azure-active-directory.aspx). I am bit confused here. I understand AD provides the directory services and will be used for authentication. In our case,

问题 I have an MVC application (.Net Framework 4.5) which is been there for the last three years and using Forms Authentication mechanism. Now we want to integrate SSO feature with the help of Okta. Using KentorIT Authentication services I was able to integrate Okta with my mvc application. In that, all the configurations are being set in the web.config file (eg: entityId, signOnUrl etc.). Is there a way to programmatically configure these sso settings? I found that KentorAuthServicesSection is

问题 As per SP initiated SSO flow, User tries to access SP. Since the user is unauthenticated, he is redirected to IDP where he enters his credentials, post successful login, IDP sets cookies in user's browser(under IDP's domain) and redirects the user back to SP with SAML response. Once SP verifies SAML response it creates it's own cookie/token and sets in user's browser under sp's domain. What should ideally happen in subsequent requests : Should SP rely only on it's own cookie to fetch user

问题 I am new to Apache and SAML. I have below configuration in my my_app_httpd.conf file which redirects un-authenticated request to OKTA which is working fine. <Location /> ErrorDocument 401 "/simplesaml/module.php/core/authenticate.php?as=default-sp" </Location> But after authentication when SAML response is received, apache doesn't understand and it redirects again for authentication on same url. This causes indefinite loop. Can anyone please tell me how can I setup apache configuration so

问题 I know the concept of OAuth2 and OpenID. in our application authentication is happening through OKTA and we receive access-token in a response. Our architecture is a microservice-architecture and we are using EmberJS at frontend. we have to implement remember-me functionality it will keep the user logged in for the next 30 days. I did some study on it and came to points that will satisfy my requirements. keep user session active for 30 days in OKTA. refresh access token periodically based on

问题 We have hybrid mobile app built by Kendo UI and backend .NET web service. All the calls from UI is through ajax. Now we need to integrate app to OKTA for user authentication, but not sure how to get SAML token from OKTA directly from web service call. We implemented call to ADFS (active endpoint) from web service to get SAML token by using windows identity framework already and it works. If anybody can share experience or point out the solution, it will be much appreciated! 回答1: You can use

问题 I have an MVC application (.Net Framework 4.5) which is been there for the last three years and using Forms Authentication mechanism. This application provides different accounts like Personal, freebie, Enterprise etc. For an enterprise account, we are handling everything in the same application. I.e. Suppose an enterprise called “xyz” created an enterprise account with the application, then we are providing a custom url like “https://application/xyz/login” and from the url we are identifying

问题 I am spinning a big wheel now. please shed some light. Reverse proxy is working with Apache. So, when I access https://hostname/app/default.html, it opens Tomcat app url. No issue. The tomcat app currently redirects to https://hostname/app/login.html which has a login box. 1) Do I need to disable UserDatabase on Tomcat server.xml ? <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org

问题 I have gone thru the steps listed in the document - https://developer.okta.com/blog/2017/03/16/spring-boot-saml#run-the-app-and-login-with-okta Everything works fine and I see SAML response getting generated and reditection happening to Application from OKTA but when the request reaches the application, I get this error- type=Forbidden, status=403). Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'. I have tried disabling csrf but then it goes in

问题 Following these abbreviated steps to generate an Okta token: Log in to your Developer Console Navigate to API > Tokens and click Create Token Give your token a name works wonderfully, however I'd like to limit the authority of such a token to only affect certain applications or perform only certain operations - is this possible? 回答1: API Tokens share the same rights as the admin that created them. If you wanted to create an API Token that had read-only access, for instance, you could follow