Does Loadrunner (VUGen) support Okta Authentication? - okta-api

Our application uses OKTA. We have to login to the OKTA portal,
I am used Web(HTTP/HTML).
Does LoadRunner support the scripting and handling of applications that use Okta authentication as part of their login protocol? If so, can anyone point me to a guide/documentation that explains how this is handled?

There is a similar question asked on Micro Focus LoadRunner Professional community forum.
You can check for update there.

Related

Implement SSO in windows application/vsto plugins

I have a requirement to implement SSO for desktop applications created using WPF and office plugins developed using VSTO. I have some basic knowledge about SSO that how it works for websites (based on redirection).
I did some research and found that there is no way we can access the WebBrowser control in WPF to get the access token. I need to use the access token to call the rest services created in java and hosted on some URL.
Is there any way to get access token using windows applications.
Also, as per my understanding only Web-Addins support SSO with Azure AD v2.0. Can you guide me to some good links to achieve it? Please let me know if my question makes sense or some additional information is required.
*All clients do not use Azure AD solution.

API authentication with ADFS and Angular.js

I'm tried to build a new rich application and i'm having some problems designing the authentication process.
I've only two requirements :
An API needs to be available
An ADFS needs to be used to authentication
My first thoughts was to build the API and to use Angular.js for the frontend. However, I can't see how the authentication should work.
My API needs to be available though scripts. As far as I saw, the ADFS authentication always display t the webpage for the authentication process.
API are usually secured with OAuth2. We used an client id and a client secret to generate a token. But I can't have this behavior with an ADFS.
The only solution I see is to provide two authentications behavior with my application. One with the ADFS for the web access and in the web interface, add a possibility to generate a client id and a client secret associated with an user account that could be used for the API to the headless authentication.
Someone has already faced this kind of scenario?
Thanks a lot!
I assume the 'ADFS needs to be used for authentication' really means 'users should be able to use their Active Directory domain credentials to authenticate'.
If that is the case, you should take a look at Thinktecture IdentityServer. It's an OAuth2 authorization server that you can use with a Active Directory identity provider.
P.S. ADFS 3.0 that comes with Windows 2012R2 only supports the authorization code grant, which is not suitable for JavaScript apps.

Best way to use OAuth for application

I am building an AngularJS application with a Laravel API. I am looking for authentication for a couple of days, but I am stuck.
I found OAuth 2.0 as a kind of default authentication, also used by Facebook and Twitter and so more. A lot of tutorials I found are about using OAuth 2.0 with Facebook and Twitter or Google. But, I do not want to authenticatie a user with Facebook, but I want to build my own authentication, using the user credentials in my own database. So I guess, I need my own OAuth provider.
The authentication has to be very secure and easy to connect for other companies, who want to use our data (it is a web application for primary schools).
I believe there are a lot of answers possible on this question. But, I also believe a lot of people have the same question ;)
Who can explain me how to use OAuth 2.0 or a similar authentication method?
You are right - if you want to implement OAuth 2.0 you need to be your own provider (or authorization server). Being your own provider also means you can actually skip some parts of the process (e.g. the screen with a confirmation if the user really wants to grant this application the right to that etc...)
If you decide to go with OAuth 2.0, there's a widely used package called oauth2-server-laravel that helps with the whole process.
However you could also develop you're own token-based authentication system. Actually the basics are pretty simple:
Login
Verify credentials
Generate token
Store token in database
And then on request you check if the token is in the database (and hasn't expired yet)
Dead simple right? Well.. as you may already know, that's too easy to be true.
Especially where security is of high importance, You have to consider every case and you should really know what you're doing. That's why I recommend you use the OAuth standard. Yes, it may be a bit of an overkill but I believe it's worth it.
Hope I could help :)

Where Can I Find Current Documentation About .NET RIA Services Authentication

I am creating a Silverlight application for our company intranet that uses Windows authentication. I would like to use a authentication domain service class. Where can I find current documentation explaining how to get the authenticated user name etc.?
A good start is the msdn library. Take a look at this where authentication, roles and profiles are explained and tutorials are provided.

Access Control Service and Multi-tenant application

I m building a multi-tenant mvc application hosted in windows azure.
I would like to leverage access control service to allow user to get authenticated thanks to google, facebook, live id etc...
I managed to get a simple authentication working with a postback url that is configured in the Relying Party Application Settings.
but in my scenario it is more like that:
client1.mydomain.com/login or client1.com/login will go to the the providers pages select let's say google then he will sign in and then he will be redirected to client1.mydomain.com/Admin or client1.com/Admin
how can I achive that for any clients? should I add a relying party application for each client? can it be done by code? Is it ok with facebook?
I would like also the admin panel to be in silverlight, once the client is authenticated will he remain authenticated in the silverlight app?
Thank you by advance for any help or links that can help.
Fred
To answer your questions I would say yes to all. Each application would have to be set up as a relying party. So you would need to configure your app to use WIF and point to your Azure ACS.
All of these scenarios are covered in the Microsoft identity developer training kit.
Hopes this helps.

Resources