openid-connect

I am migrating my Azure AD secured application to the v2.0 endpoint. I need to pass a custom parameter to the reply uri. With former Azure AD endpoint I did it by adding a usual query parameter to the reply url. e.g. https://myserver.com/myredirect_uri?mycustomparamerter=myvalue Unfortunately, with endpoint 2.0 I received an error saying that the reply uri does not match the one registered. Of course my custom parameter value is dynamic and I cannot hardcode it. I was looking to exploit the 'state' parameter described in OAUTH flow . However, I am using Microsoft.Owin.Security.OpenIdConnect

For Microsoft OAuth 2.0 auth code grant , we have encountered an issue with scopes. When we requestion only the User.Read scope, our client is asked to grant permission to us for Sign you in and read your profile and Access your data anytime . Where we didn't state we need offline_access scope. This is only happening after Microsoft switched to new permission grant interface. Have someone else encounter the same issue or we did something wrong? The response_type we pass in is code only. I have double checked, the application we registered is under https://apps.dev.microsoft.com . The URL we

I have a multi-tenant application where each tenant can define their own ClientID, Authority, etc for either WsFed or OpenIdConnect. All the tenants are registered in the OwinStartup as below: public void Configuration(IAppBuilder app) { List<WsFederationAuthenticationOptions> WsFedTenantOptions = BuildWsFedTenantOptionsList(); List<OpenIdConnectAuthenticationOptions> OpenIdConnectTenantOptions = BuildOpenIdConnectTenantOptionsList(); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions() {

I have already gone through links here , here and here which are related to issue I am having. I have Silverlight application using IdentiServer3 for authentication and I started having this issue just now when I implemented log out functionality. Note that the issue has nothing to do with Silverlight because login and logout functionality is actually implemented on the server side which is a classic ASP.Net Web form. (.NET 4.5.1) The application never had logout functionality, so user just used to close the browser so we never encountered this issue before. We have now logout.aspx page and

I'm developing an application in ASP.NET Core 2.1, and running it on a Kubernetes cluster. I've implemented authentication using OpenIDConnect, using Auth0 as my provider. This all works fine. Actions or controllers marked with the [Authorize] attribute redirect anonymous user to the identity provider, they log in, redirects back, and Bob's your uncle. The problems start occurring when I scale my deployment to 2 or more containers. When a user visits the application, they log in, and depending on what container they get served during the callback, authentication either succeeds or fails. Even

I followed the Spring Security 5.0 official reference documentation and sample codes oauth2login to setup OAuth2/OIDC authentication in my project, but it failed and I got the following exception when I booted up my application by mvn spring-boot:run . org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientRegistrationRepositoryConfiguration.class]: Bean instantiation via factory method failed; nested exception is org