openid-connect

问题 I'm trying to implement social login using Microsoft account in AWS Cognito User Pools. I followed documentation and the solution mentioned in this thread: https://forums.aws.amazon.com/thread.jspa?threadID=287376&tstart=0 My problem is with setting the issuer to allow multiple tenants. This issuer works only for private accounts: https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0 This issuer works only for accounts in our directory (tenant): https://login

问题 In OpenID Connect, I would like my users to be automatically connected to my client if they are connected to the identity provider (given that they already authorized my client app). Here is the workflow I want : USER arrives on CLIENT homepage USER is redirected to IdP (Authorization request) If he's logged in IdP, he's redirected to CLIENT and OIDC workflow begins, then he's logged in CLIENT If he's not logged in IdP or he did not authorize CLIENT to access his identity, the login form of

问题 We are using Azure b2c to handle our logins on our .net core MVC site. We would like to use the optional state parameter to hold onto some data/a value between the initial request to the site (this value would likely be in a querystring param) which is then sent off to b2c to login, and the successfully logged in return back to the site. OpenIDConnect allow the setting of this state value in the request, and will pass it back with the token response. It appears that setting the value is

问题 For my application, I want users to be able to sign in with their Azure Account (Single Sign On). I also need an access token to access the secured backend. So I can get both, the id_token and the access_token , with a request to this url: https://login.microsoftonline.com/MY_TENANT_ID/oauth2/authorize?response_type=id_token+token&client_id=MY_CLIENT_ID&state=SOME_STATE&redirect_uri=MY_REDIRECT_URI&scope=openid profile&resource=MY_CLIENT_ID&nonce=SOME_NONCE This basically works, but I also

问题 Keycloak refresh token lifetime is 1800 seconds: "refresh_expires_in": 1800 How to specify different default expiry time? In Keycloak admin ui, only access token lifespan can be specified: 回答1: The refresh token lifetime is controlled by the SSO Session Idle Setting. 30 minutes = 30 * 60 = 1800 seconds (the refresh_expires_in value) 来源： https://stackoverflow.com/questions/52040265/how-to-specify-refresh-tokens-lifespan-in-keycloak

来源： https://stackoverflow.com/questions/60005317/silent-renew-access-token-via-refresh-token-in-asp-net-core-mvc

来源： https://stackoverflow.com/questions/60005317/silent-renew-access-token-via-refresh-token-in-asp-net-core-mvc

来源： https://stackoverflow.com/questions/60005317/silent-renew-access-token-via-refresh-token-in-asp-net-core-mvc

来源： https://stackoverflow.com/questions/60005317/silent-renew-access-token-via-refresh-token-in-asp-net-core-mvc

来源： https://stackoverflow.com/questions/62773229/vault-ssh-pki-with-oidc-user-as-ssh-principal