single-sign-on

问题 We are looking to use OpenAM/OpenSSO to act as a SSO provider. We need, however, to have OpenAM use our mongo datastore under the hood to manage its authentication needs. With this in mind, I found this: http://www.badgers-in-foil.co.uk/notes/installing_a_custom_opensso_identity_repository/ which looks promising. Apparently, this should allow me to add an "Access Manager Repository plugin", but I have since read this: The Access Manager Repository plugin is also called amSDK or legacy SDK as

问题 I noticed that this question was repeated few times, but still, from all the resources, I couldn't manage to make it work properly. I'm simply trying to use Azure Active Directory authentication with my Django app. I am using this module, and I configured everything as noted in the docs. The thing is - I can't figure out where should user enter the credentials - since the module has only one url ('auth-callback/'). I can't find out how to jump to Microsoft login html page. Should I use my

问题 I am trying to hit a post request to "https://login.microsoftonline.com/<My_Tenat_Id>/oauth2/token" from my Java Code, but I am getting the error "invalid_grant: AADSTS50126: Error validating credentials due to invalid username or password". I have verified the credentials and they are correct(I am able to login to Azure portal and see my AWS APP for SSO). I even tried hitting the same request from postman, but then also same issue. The parameters I have passed are: "grant_type", "password"

问题 We have a SSO portal that is authenticated via ADFS. If I call an API defined in this portal in the browser it automatically redirects to ADFS to authenticate then redirects to the portal with the Claim to call the API. What I'm trying to do is call the API from within a CRM Workflow. How can I mimic this redirect? I thought if I somehow got the token & put it in the HttpClient request, it would help. But I have no idea how it should be added to the HttpClient request. Is what I am trying to

问题 We're using SAML 2.0 for SSO, and want to improve the UX by allowing a user to enter their email only once (to identify they need SSO). Is it possible to pre-fill the SAML SSO email field when authenticating with Google's SAML IDP? I know that the AuthnRequest has an optional Subject field that can pass the principal information to the IdP, but so far I haven't managed to have Google's SSO form pre-populate. Either it's not supported from the IdP, or I'm sending the wrong configuration. The

问题 Closed. This question needs debugging details. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 4 months ago . Improve this question Seeking for guidance on the subject as I'm really stuck on this, I am trying to connect to a microsoft server over a network to login into my system by providing my microsoft credentials. Now, what I want is whenever I try to hit my php application url, it will redirect me to

问题 I'm trying to authenticate Microsoft Azure AD with my laravel web app. Currently I'm referring Azure Active Directory SSO with Laravel. I managed to retrieve the data from the microsoft azure ad but the problem is it doesn't redirect to /home view instead it redirect to login view. I have one idea which is to link the email from Microsoft and email from the model so that it can directly go to home page. But i dont know how to pass the Microsoft data (from provider) to controller. The code(in

问题 In SAML, is it possible to force the user to go through idp's login process everytime even when the user has an active idp session? To make a concrete example here: Let's call my application "SP" I use SSOCirecle as idp and I use POST and redirect (SP initiated). To test, I will first login to SSOCircle to get an active idp session. Then when I try going to SP, I should be redirected to idp. Normally, since I already have an active idp session, the idp will see "oh, you already being

问题 I'm trying to implement social login using Microsoft account in AWS Cognito User Pools. I followed documentation and the solution mentioned in this thread: https://forums.aws.amazon.com/thread.jspa?threadID=287376&tstart=0 My problem is with setting the issuer to allow multiple tenants. This issuer works only for private accounts: https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0 This issuer works only for accounts in our directory (tenant): https://login

问题 In OpenID Connect, I would like my users to be automatically connected to my client if they are connected to the identity provider (given that they already authorized my client app). Here is the workflow I want : USER arrives on CLIENT homepage USER is redirected to IdP (Authorization request) If he's logged in IdP, he's redirected to CLIENT and OIDC workflow begins, then he's logged in CLIENT If he's not logged in IdP or he did not authorize CLIENT to access his identity, the login form of