facing issue to enable the two-factor authentication in ABP.io with identity server 4
How to modify the logic of identity server 4 controllers..?
now identity server 4 controllers in metadata, so I cannot edit this controllers
Related
I am trying to redirect the user to where they were in an application where it uses identity server 4 as the auth provider. The issue here is where the request is being made has a guid on the URL.
e.g. https://test.com/todo/bc91d6f5-f71d-401b-899f-f2d921b811d7
I have tried adding a wildcard (https://test.com/todo/*) in the client config of the identity server but it didn't work. Is this possible to do it on identity server 4?
I am working on a web application IUCLID 6 which runs on payara server. Both application have username login. I want to use my azure ad authentication instead of primitives login for these application. So where should I have to apply this authentication in IUCLID 6 or PAYARA Server and how? Please help.
You need to register the application in Azure AD, create a Key Vault and store a Key Vault secret, and then configure the Azure secrets on the Payara server. To configure the config source from the admin console, go to Configs > your-config > MicroProfile > Config > Azure Secrets.
There is a step-by-step guide for this here: https://docs.payara.fish/community/docs/documentation/microprofile/config/cloud/azure.html
IdentityServer newbie here....
I am building a mobile app and would like to provide the end user the ability to sign in using SSO for users that have a corporate identity provider and my company as the identity provider for those that don't have an identity provider.
it's possible that over time we add more external identity providers.
We have an on premise identityServer4 already installed and configured and only using it for client credentials for our API->API communications.
We also have an Azure Active Directory tenant with all of our AD accounts (our internal corporate accounts).
Here is what I would like to do (if possible of course):
Have the mobile app (swift and android, but for now let's just discuss swift) be completely unaware of any external identity providers and have it point to our on-premise identity server for authentication.
Add external identity providers in identity server
Control what external identity providers we "add" all on the backend and not have the UI layer concerned with specific external providers, but have the identity server redirect accordingly.
Not bother the user to have to select which provider to use (if I am a corporate user with an external IDP configured, it should automatically take me to MY e-idp login page, if not then present my own login page)
I am also open to the idea of using Azure identity management as the identity provider and add external identity providers there.
What about Azure B2C?
Can someone please point me in the right direction?
thanks in advance!
You can check this app integrated with AppAuth for iOS. Link in GitHub
We are using IdentityServer4. We have a Windows 2016 server running ADFS (Active Directory Federation Services) version 4.0. This version of ADFS has OpenID Connect endpoints to do active directory authentication. We set this up as an external oidc provider in IdentityServer4. The authentication works fine. What I'm having an issue with is the logout. The current logout correctly disposes of the identity server and client cookies, but doesn't log the user out of the external provider (ADFS). I upgraded the ADFS server so the metadata endpoint exposes end_session_endpoint, frontchannel_logout_supported, and frontchannel_logout_session_supported properties.
What is the proper way to have our identityserver4 implementation also ask the external provider to perform a logout when it does? I'm a little confused by the spec.
http://docs.identityserver.io/en/release/topics/signout_external_providers.html
http://docs.identityserver.io/en/release/topics/signout.html#refsignout
I'm not sure if the front-channel or back-channel is what I should be looking at in this scenario or if this is even related. The spec also mentions a idp value at authentication time that would indicate to the identity server that a external provider needs a logout as well. Is this what I should be looking at? Little lost. Looking for guidance. Thanks!
I am trying to connect the Thinktecture Identity Server to Sales Force, using the Sales Force Identity provider as a provider for the Thinktecture Identity server.
The information I am lacking is the Entity ID and the ACS URL to enter within the Sales Force Service Provider form.
I hope someone can provide some insight on this issue.
IIRC, Salesforce OOTB only supports SAML-P (protocol) federation.
Thinktecture Identity Server only supports WS Federation.
This article may be of use - How to configure SSO from Salesforce to SharePoint as it shows how to add WS-Fed to Salesforce.