We are currently using IdentityServer4 for OpenID authentication for our application. we want to extend IdentityServer4 capability to support shibboleth SSO authentication. is it possible to achieve that ?
Related
I am trying to incorporate ITFoxtec SAML with my webforms applications and Azure AD for SAML based SSO authentication. Can anyone please provide me any reference link or guide me regarding this to work?
Target Framework: .NET Framework 4.8(Web forms)
I have gone through the samples given in the github repo but still unable to proceed further.https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2
I'm afraid that there is not a .NET WebForms sample but it is possible to implement ITfoxtec Identity SAML 2.0 in a .NET WebForms application.
Please se the following links:
ITfoxtec SAML 2.0 and .NET ASPX application (not MVC)
itfoxtec-identity-saml2 .net framework 4.6 web forms guidance
ITfoxtec SAML 2.0 and ASP.NET Web Forms (ASPX) HttpRequest
Alternatively, you can connect to Azure AD using OpenID Connect or use FoxIDs as an security broker to concert between the Azure AD SAML 2.0 connection and your application using OpenID Connect.
I wanted to implement ReactJS application authentication with Azure AD with OpenID connect. Microsoft has provided MSAL2.0 library (MSAL React supports the authorization code flow) but is it based on OpenID connect protocol?
Thanks,
Mahesh
MSAL Standards compliant with OAuth v2.0 and OpenID Connect (OIDC).
When it comes to your scenario MSAL React uses the OAuth 2.0 Authorization Code Flow with PKCE (Proof Key for Code Exchange), providing additional security.
You can find more information here MSAL for React
I want to integrate SSO in my client's azure AD with a 3rd party enterprise application.
We dont have access to the backend of the 3rd party appliction which is basically a SAAS. So the 3rd party app team asked us to setup SSO in azure ad portal and share with them the signin url and IDP metadata.
Which option I should choose in azure ad portal to do this:
enterprise application or app registration?
The way you can add your application to azure ad is completely depending on the SSO type you are using for your application.
If the application was registered using App registrations, then the single sign-on capability is configured to use OIDC OAuth by default.
If you register through Enterprise application, you will be having option to setup SAML based, password based authentication types.
Here is the reference doc to setup SAML based SSO SAML based SSO
If you want to setup OIDC based SSO you can use this OIDC SSO
Quickstart
Many apps have already been pre-configured to work with Azure AD. These apps are listed in the gallery of apps that you can browse when you add an app to your Azure AD tenant.
Here is the reference for integrating SAAS application with azure ad SAAS App integration.
We have an application for which we would like to enable users to login into our application with their own Identity Providers like Google, ADFS etc with SAML 2.0 as protocol.
In this context our application will be SP and Identity Providers will be Google, ADFS.
But currently we don't have SAML implementation at our application, so we would like to use some platform like OneLogin/Okta/Auth0 as middle proxy between our application and IdP so that SAML related handling can be done at OneLogin/Okta/Auth0 and we need to get callback to our application with user details after success login.
Is this possible with any SASS based SAML providers? and how to do it.
Thanks in advance
Yes - connect to Auth0 / Okta via OpenID Connect and then connect the IDP to other IDP via SAML.
So in this context, Auth0 / Okta is a SAML SP.
Have a look here.
How to configure SSO using OAuth and OpenID connect for AD2BC for Azure ADB2C?
When you protect multiple apps with AAD B2C, SSO is enabled by default. There is no configuration needed. You can adjust the configuration of the SSO as seen here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/session-behavior