Using this guide as a reference, I've created a Remote Access application entry in my developer account.
I tried to play around with the Authorization screen that the user should see after navigating to this URL:
https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=[your_client_id]&redirect_uri=[your_redirect_uri]
When I fill in the right values and navigate to the URL, I am not taken to the screen that I expect to see, but rather the regular Salesforce login screen. If I enter credentials & log in, I get redirected to the 'redirect uri' that I set on the Remote Access screen. (i'm using google.com for now). What am I getting wrong?
The approval screen should appear once the user has logged in, is that not what you see ?
Related
I have an MVC asp.net web application using bootstrap and angularjs that requires the user to log in. On occasion, we will send the user an email with links to detail info on the site. When we click the link in the email, it sends the user to login, but then does not go to the detail.
Link in email http://mywebapp.com/filedetail#!/filedetail/1234
I was going to use the Request.RawUrl, but for some reason, it only contains: http://mywebapp.com/filedetail
If I use http://mywebapp.com/filedetail/filedetail/1234, rawurl has the data, but then trying to use the link if the user is already logged in, the web page contains no formatting. It appears the the "#!" is not compatible with the request data.
Not sure how to solve this.
Any help would be appreciated...
I am using MS Graph in a desktop application so I am hosting a web browser in a form for the user to do their initial login. This all works fine and I can fully use MS Graph.
The problem I have is if we need to use an account of a different user there does not seem to be a way to reset the login. If you try to login again with the hosted web browser it will go right through and allow the same user.
The only way to reset it for another user seems to be to go into IE and delete the history/cache. Then the login screen will ask a user to login again. It seems a bit extreme to reset the cache.
So is this the only way to do this or is there something I can change in the MS Graph API call to tell it to reset?
You can force re-authentication by added prompt=login to the sign-in request:
Prompt (optional)
Indicates the type of user interaction that is required. The only valid values at this time are login, none, select_account, and consent.
prompt=login will force the user to enter their credentials on that request, negating single-sign on.
prompt=none is the opposite - it will ensure that the user isn't presented with any interactive prompt whatsoever. If the request can't be completed silently via single-sign on, the Microsoft identity platform endpoint will return an error.
prompt=select_account sends the user to an account picker where all of the accounts remembered in the session will appear.
prompt=consent will trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app.
I've been learning Auth0 for a React / React Native project. With two different apps now, including one from their site, I see the following behavior:
clear browser cache
login
enter password, now logged in
select logout
--> now logged out
select login
am NOT prompted for password again, just logged in without interaction.
It seems the session has been kept alive even though I logged out. I would expect that if I manually log out of an application, I must re-authorize with my password on the next login attempt.
As I said I've seen this twice now, once with my own project and once with the tutorial they provide at https://auth0.com/blog/react-tutorial-building-and-securing-your-first-app/ . Doesn't make any sense to me. Am I missing something?
Thanks ~~
This is the Seamless SSO behaviour explained here. This is now enabled by default on all tenants and it "seamlessly" logs the user in without showing any prompts if a session exists for the user in the Authorization server (Auth0 in this case). Previously you would get a prompt that said "Last time you logged in with ..." Clicking it would login you in without requiring a password.
If you are "Logging out" and yet you can log back in again without needing to enter credentials, the most likely explanation is that you are actually not calling the https://YOUR_AUTH0_DOMAIN/v2/logout endpoint which logs out the user by clearing their SSO cookie in Auth0. You can confirm this endpoint is called from Network tab in your browser when you click to logout.
The Auth0 React quickstart by default does not call the logout endpoint, it only removes the tokens from browser storage. To clear the SSO cookie and logout from IdP using Auth0.js you need to call the logout function as well. Refer to the Auth0.js logout function here.
Hope that helps.
i have an angularjs app, i am using cookie based authentication in this app. when i login with two different users in same browser window in different tabs my cookie gets override. For example i am logged in with a user 'A' in first tab of browser and i am logged in with a user 'B' in second tab of the same browser window. when i check the cookie in browser, i only see the information about last logged in user. and when i try to navigate through application with user 'A' i get wrong data.
my question is is there any way i can skip login screen if a user is already logged in my application? so that no other user can login within same browser?
i tried to use resolve:in AngularApp.config and tried to redirect already logged in user to /home but still i am unable to achieve it. any thoughts?
Once the login is completed you can save the status of the application in session storage. Then when you are initialising the application you can check the value exits in session storage or not and redirect user to different page depend on the value. Make sure you are removing the stored value in session storage when user logout from the application
I'm wondering what the best course of action would be for the following problem.
I have an app and users can enter some information in an html form. I want to set something up where users can enter information in the form even before they have created an account. If they enter information they will be redirected to a login page and then redirected back to the app at the appropriate place (i.e. a page that sends an HTTP POST request, thus saving their info).
OK, I'm doing all of this on Google App Engine and using Google Accounts login. I need a way to pass the parameters from the HTML form to the Google login page and then on to the page that it gets redirected to. I also need to call POST as opposed to GET on the page that users are redirected to. It seems like the default is to make a GET request.
Does anyone have any ideas on this?
You can't have a redirect do a POST; web browsers don't work that way.
The solution would be to have the form POST initially, store the posted data as session data before redirecting to the login page, and fetch the session data after they log in.