single-sign-on

Custom Identity Provider for OpenAM/OpenSSO

人走茶凉 提交于 2021-02-07 10:27:04
问题 We are looking to use OpenAM/OpenSSO to act as a SSO provider. We need, however, to have OpenAM use our mongo datastore under the hood to manage its authentication needs. With this in mind, I found this: http://www.badgers-in-foil.co.uk/notes/installing_a_custom_opensso_identity_repository/ which looks promising. Apparently, this should allow me to add an "Access Manager Repository plugin", but I have since read this: The Access Manager Repository plugin is also called amSDK or legacy SDK as

Django Microsoft AD Authentication

谁都会走 提交于 2021-02-05 09:24:06
问题 I noticed that this question was repeated few times, but still, from all the resources, I couldn't manage to make it work properly. I'm simply trying to use Azure Active Directory authentication with my Django app. I am using this module, and I configured everything as noted in the docs. The thing is - I can't figure out where should user enter the credentials - since the module has only one url ('auth-callback/'). I can't find out how to jump to Microsoft login html page. Should I use my

invalid_grant: AADSTS50126: Error validating credentials due to invalid username or password

心不动则不痛 提交于 2021-01-29 15:27:25
问题 I am trying to hit a post request to "https://login.microsoftonline.com/<My_Tenat_Id>/oauth2/token" from my Java Code, but I am getting the error "invalid_grant: AADSTS50126: Error validating credentials due to invalid username or password". I have verified the credentials and they are correct(I am able to login to Azure portal and see my AWS APP for SSO). I even tried hitting the same request from postman, but then also same issue. The parameters I have passed are: "grant_type", "password"

Is it possible to send the SecurityTokenResponse from the IOrganizationServiceProxy in a HttpClient PostAsync call to an API defined in a SSO portal?

五迷三道 提交于 2021-01-29 14:14:51
问题 We have a SSO portal that is authenticated via ADFS. If I call an API defined in this portal in the browser it automatically redirects to ADFS to authenticate then redirects to the portal with the Claim to call the API. What I'm trying to do is call the API from within a CRM Workflow. How can I mimic this redirect? I thought if I somehow got the token & put it in the HttpClient request, it would help. But I have no idea how it should be added to the HttpClient request. Is what I am trying to

How can I pre-fill email for SAML Google IDP?

好久不见. 提交于 2021-01-29 13:43:51
问题 We're using SAML 2.0 for SSO, and want to improve the UX by allowing a user to enter their email only once (to identify they need SSO). Is it possible to pre-fill the SAML SSO email field when authenticating with Google's SAML IDP? I know that the AuthnRequest has an optional Subject field that can pass the principal information to the IdP, but so far I haven't managed to have Google's SSO form pre-populate. Either it's not supported from the IdP, or I'm sending the wrong configuration. The

Connect to Local/On-premises Active Directory from PHP web application [closed]

耗尽温柔 提交于 2021-01-29 11:16:20
问题 Closed. This question needs debugging details. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 4 months ago . Improve this question Seeking for guidance on the subject as I'm really stuck on this, I am trying to connect to a microsoft server over a network to login into my system by providing my microsoft credentials. Now, what I want is whenever I try to hit my php application url, it will redirect me to

How to Authenticate the data from Microsoft Azure AD using Laravel and redirect it to Home?

℡╲_俬逩灬. 提交于 2021-01-29 07:52:06
问题 I'm trying to authenticate Microsoft Azure AD with my laravel web app. Currently I'm referring Azure Active Directory SSO with Laravel. I managed to retrieve the data from the microsoft azure ad but the problem is it doesn't redirect to /home view instead it redirect to login view. I have one idea which is to link the email from Microsoft and email from the model so that it can directly go to home page. But i dont know how to pass the Microsoft data (from provider) to controller. The code(in

SAML: is it possible to force user to go through login process even when user has an IDP session

时光怂恿深爱的人放手 提交于 2021-01-28 03:03:39
问题 In SAML, is it possible to force the user to go through idp's login process everytime even when the user has an active idp session? To make a concrete example here: Let's call my application "SP" I use SSOCirecle as idp and I use POST and redirect (SP initiated). To test, I will first login to SSOCircle to get an active idp session. Then when I try going to SP, I should be redirected to idp. Normally, since I already have an active idp session, the idp will see "oh, you already being

Microsoft oidc in AWS Cognito allowing multiple tenants

随声附和 提交于 2020-12-29 07:35:09
问题 I'm trying to implement social login using Microsoft account in AWS Cognito User Pools. I followed documentation and the solution mentioned in this thread: https://forums.aws.amazon.com/thread.jspa?threadID=287376&tstart=0 My problem is with setting the issuer to allow multiple tenants. This issuer works only for private accounts: https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0 This issuer works only for accounts in our directory (tenant): https://login

OpenID Connect, redirect without login form if not already logged in?

给你一囗甜甜゛ 提交于 2020-12-26 06:38:10
问题 In OpenID Connect, I would like my users to be automatically connected to my client if they are connected to the identity provider (given that they already authorized my client app). Here is the workflow I want : USER arrives on CLIENT homepage USER is redirected to IdP (Authorization request) If he's logged in IdP, he's redirected to CLIENT and OIDC workflow begins, then he's logged in CLIENT If he's not logged in IdP or he did not authorize CLIENT to access his identity, the login form of