Is it possible to disable broker authentication in MSAL iOS app? How?
I could not disable this in my app
You can set MSALGlobalConfig.brokerAvailability = .none.
Related
I have an react Web Application. That application needs to use authorization and authentication with SAML2 based on an ADFS IDP.
I need to use Spring Boot Security for that.
How do I integrate my react app into the Spring Boot Security Part? I need authentication / authorization on the Front-End Part for displaying menu options.
I get some Roles and Claims back from ADFS in my Spring Boot Service.
How to do this?
Is it possible to have my 3rd party iOS app use a shared token from the Intune Company Portal app to bypass authentication? I'm able to do this between two 3rd party apps by logging into one of them, and having the other one fetch token silently from iOS keychain. I'm using the MSAL framework for authenticating with Azure AD.
The apps are living on an MDM managed (Intune) iOS device running iOS 12.
I opened up an issue on the MSAL GitHub asking about this. It turns out it's only possible to have keychain sharing between your own apps. This is a restriction set by Apple:
Xcode automatically prefixes keychain groups with your team ID. This
ensures that your groups are specific to your development team.
Taken from the official docs.
Have you looked into MS Authenticator app to be used as cross-app SSO broker? As of my understanding Company Portal app acts as broker only for Android. Also Authenticator seems to support only ADAL and not MSAL so far.
Howto enable SSO for iOS
I have a RESTful service running on GCP's App Engine which is secured by IAP. I'd like to invoke those methods from a web app but not sure how to set up authentication. The web app is written in TypeScript / Angular.
Any guidance/examples would be greatly appreciated!
You can use a service account or ID token, after configuring your API to support authentication. You can find plenty of details and examples on the "Authentication Between Services" documentation page.
Does Google supports SAML 2.0 Enhanced Client Proxy profile as an Identity Provider?
If so, what is the endpoint to be used to send messages?
No - they don't. For application authentication, Google's path is OAuth and OpenID Connect. See their Identity Developer page.
How do I implement SSO with ADFS?
I try to setup SSO from a Windows Store App that is deployed locally with a Developer license on a Tablet that is domain joined (Win 8.1 Pro) but the login dialog of ADFS is shown. I would like that SSO takes over and that the token is automatically provided by the authenticationContext.AcquireTokenAsync method.
The ADFS is deployed to federate an on-premise Active Directory.
Any help is welcome.
http://www.cloudidentity.com/blog/2014/07/10/adal-v2-and-windows-integrated-authentication/ should do what you are looking for.
HTH!
V.