154 questions
0
votes
0
answers
21
views
Update AddMicrosoftIdentityWebApp without restarting application
I have used AddMicrosoftIdentityWebApp in my program.cs class for Microsoft Authentication.
builder.Services.AddAuthentication(opts =>
{
opts.DefaultScheme = CookieAuthenticationDefaults....
- 59
0
votes
0
answers
50
views
OpenID (elytron-oidc-client) with .ear or subdeployment in WildFly 26
Because i have no solution for the main-problem (SSO with OpenID), i tried to use the authentication from the main deployment.
But this is an ear-Deployment and the subsystem "elytron-oidc-client&...
0
votes
0
answers
43
views
Openiddict - Client App loosing authorization when opening a second Client App
I've developed an Identity Server using Openiddict & AspNetCore Identity to handle the SSO for some internal Client Applications.
I'm facing a weird situation when running at least 2 Client Apps ...
- 1
0
votes
0
answers
96
views
ORY Kratos integration with UAE Pass as Social Sign In
I my project we are using Ory Kratos and Hydra. Able to successfully register and login user via self service flows.
Now, we want to add social sign flow. I have tested this with Github, and it works ...
- 190
0
votes
0
answers
41
views
When we use open_id for linkedin then what are the other configurations like template tag, authentication backend?
I am trying login with linkedin using Openid connect with django allauth but there is change in linkedin developers of signin using OpenId Connect any one know what are the configurations for this ...
1
vote
1
answer
240
views
How to acheive a user specific password policy in keycloak
In my particular realms i wanted to create a user who's password doesn't expire for a long period of time , but by default in keycloak uses the realm password policy for all user.
Is there a way we ...
0
votes
0
answers
140
views
OpenIddict/OIDC Redirect to Auth Server on Logout
I created an OpenIddict auth server for my existing application which uses AspNetCore Identity. The login process works great, but I have an issue with the logout process. I want it to automatically ...
- 184
1
vote
0
answers
263
views
How to fix RPError: nonce mismatch, expected xxxxx, got: undefined" error using casdoor OIDC
I've integrated Casdoor login with directus using openid connect and there is a problem in login flow. When user is authenticated on casdoor side, it redirects to redirect_url with code and state ...
- 706
0
votes
1
answer
90
views
OAUTH2 token_key endpoint, security of key exchange
As far as I understand the public key to verify e.g. accesstokens is not known to a client, but is taken from the OAUth Endpoint token_key.
Doesn't that mean that the security of my system relies ...
- 1,072
1
vote
2
answers
139
views
How can Firebase Auth users sign in to Budibase?
We are developing an internal app using Budibase, that interacts with a REST API that expects a Firebase Authentication token in the authorization header.
Budibase allows us to set this header for ...
- 1,187
2
votes
2
answers
3k
views
Getting TypeError: client_secret_basic client authentication method requires a client_secret
I am encountering an error message while working with a client authentication method. The error message I am receiving is:
"TypeError: client_secret_basic client authentication method requires a ...
1
vote
0
answers
185
views
Creating anonymmous session using OpenID Connect Auth Server
I'm currently implementing an OpenID Authorization server (using node oidc-provider npm package) in place of a small in-house /login API built with express & passport, and I have some auth-related ...
- 21
0
votes
2
answers
2k
views
Response URI for Azure AD B2C returns 404, custom OpenID identity provider
We're implementing a custom identity provider for Azure AD B2C, using OpenID protocol option, as a generic OpenID Connect.
Everything works as expected until it's time to post the response back to ...
0
votes
0
answers
52
views
Error: "message":"PermissionDenied","type":"DomainError" after user tried to log in
Please, could you give me some clue or indication where to go?
I have checked the settings several times from our side, we are the IDP, and I am not able to detect the reason for this error.
The flow ...
- 2,443
3
votes
1
answer
960
views
nifi 1.17 + oidc UI timing out - Unauthorized error="invalid_token" Expired JWT
Deployed a 3 node dockerized nifi cluster using oidc for authentication.
Everything working as expected however, UI seems to be timing out after few minutes. Even with activity on the page.
Tried to ...
- 248
-1
votes
1
answer
251
views
Questions about OIDC FAPI and mTLS
I am trying to make my OIDC provider FAPI compliant. I have enabled mTLS in which the relying party creates a key and CSR (certificate request) and we provide them with a PEM formatted public ...
- 2,980
0
votes
1
answer
353
views
How to migrate from PrivateKeyByes to PrivateKey on the ASPNET OAuth Provider
Currently I'm running the AspNet.Security.OAuth.Apple package with version 3.1.7. I'm upgrading to .NET 6 and thereby upgrade this AspNet.Security.OAuth.Apple package to 6.0.0 as well.
There is a ...
- 963
0
votes
1
answer
360
views
out of band communication without OIDC CIBA
Our app has an OIDC provider and for our users, we use the standard OAuth redirect flow since user authorization and authentication are performed on the same device. However, now we have mobile users ...
- 2,980
1
vote
2
answers
2k
views
Node-oidc-provider How to store clients in database
I have a problem with node-oidc-provider.
I want the client list to be stored in the database, but I haven't found a solution.
Please help me!!!
- 11
0
votes
1
answer
161
views
Custom openid connect provider adb2c
I have created a custom identity provider in adb2c for my openid connect server but getting error while running it through User Flow -
Setps I did :
Created a new openId Connectprovider.
Created a ...
- 61
0
votes
1
answer
340
views
Security of the OIDC login page with authorization_code flow
When we use the authorization code flow in the OIDC, I go to /authorization and then it redirect me to the OIDC provider's login page. On this login page there is something like redirectUrl query ...
- 790
0
votes
0
answers
444
views
"Insufficient privileges to complete the operation" again
I'm tring to get data of signed in user from microsoft azure using GraphServiceClient
My app registration permissions:
Type of registration is:
Accounts in any organizational directory (Any Azure AD ...
- 8,993
3
votes
1
answer
2k
views
Use Microsoft Identity Platform as External Auth provider in AspnetCore Identity
I am successfully using Azure AD and Office365 as a login provider in AspNet-Core Identity by using Microsoft.AspnetCore.Authentication.OpenIdConnect and calling
AddRemoteScheme<...
- 634
0
votes
2
answers
764
views
Asp.net core Microsoft OIDC library OnAuthorizedCode recieved event getting fired twice
I have an OIDC application, which was giving me a correlation error for some time. We have managed to resolve it by passing the correlation cookie properly. Our infrastructure has the following ...
- 11
0
votes
1
answer
2k
views
Spring Boot OAuth2/OpenID Connect Client An error occurred while attempting to decode the Jwt: Malformed Jwk set
I'm implementing single sign on authentication for Spring Boot application using OpenID Connect.I have configured Spring Boot Oauth2 client in my application with third party OpenID Connect ...
- 11
0
votes
1
answer
618
views
OAuth2.0 without OIDC (Plain OAuth2.0)
As far as I understand, applications that we can login with our different accounts use OpenID Connect(A profile of OAuth2.0).
OAuth is for Authorization and OIDC is for authentication(It has ID Token-...
- 1
1
vote
2
answers
825
views
OpenIdConnect verify jwt from OpenId Provider
We have a web application Vuejs(front) and a api Nodejs(back).
We delegate authentication to a third party OpenIdProvider.
Users login in the front and get and access token.
This access token contains:...
- 125
2
votes
2
answers
12k
views
How to integrate OpenID connect to Nest JS application
I used this documentation(https://github.com/panva/node-oidc-provider/blob/main/docs/README.md#accounts)for implementing OpenID to Nest JS. In this documentation he mentioned client_id and client ...
0
votes
1
answer
362
views
How to implement OpenID connect in Node JS using Okta tool
I am not expert in this topic. I referred many documentation, many video for implement OpenID concept in Node JS using Okta. But I couldn't understand. How it's processing and How to use any one ...
2
votes
0
answers
1k
views
Authentication on NodeJS OpenID Identity Provider Server
I'm pretty new with all this so this might be a stupid question, just trying to get a better understanding. I need to make an identity provider server, but I'm not sure how to go about some steps ...
- 91
-1
votes
1
answer
34
views
OpenID client-provder
Does OpenID implementation usually works in a way that it redirects the user to the provider site and then back? The case I'm asking about has sign-up/sign-in embedded into the client site so it doesn'...
- 1
1
vote
3
answers
1k
views
Can I connect my own credentials database with Google Identity Platform to build custom Identity Provider for SSO - OpenID Connect authentication?
I have my own SQL Server database which contains usernames/passwords for authentication. I'd like to build a custom Identity Provider based on this database with an Identity Management provider so the ...
- 1,528
2
votes
0
answers
410
views
OpenID Connect redirects to client but user is not logged in
I am trying to set up OpenID Connect IdP-SP pair on a VPS on 2 different subdomains.
I successfully managed to make different implementations work on local environment but on the server they don't. I ...
- 23
1
vote
0
answers
54
views
How to not get a new authorization code for OpenID
Probably the title is not explaining what I mean so let me try to explain with an example.
User logs in to OpenId provider (example.com) with X oauth application (x.example.com). Inside of x.example....
- 103
1
vote
2
answers
2k
views
OIDC for browser-less clients
I'm working on designing an OIDC Relying Party (SP), which should work with most of the popular OIDC Providers (IDPs). I requested to allow authentication and authorization also for clients that are ...
- 11
2
votes
1
answer
393
views
How does an OpenID Provider authenticates an end-user?
OpenID Connect 1.0 enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server and provides claims in exchange for an access token. The ...
- 3,099
1
vote
1
answer
473
views
ServiceStack Trying to create my own OpenIdOAuthProvider but VS 2017 says assembly 5.0.0.0 missing
Trying to create my own custom OpenId Auth provider, which will point to an IdentityServer service, but can't seem to find OpenIdOAuthProvider in the ServiceStack assembly.
VS 2017 says
Error ...
- 973
0
votes
0
answers
82
views
Update OpenId/SAML2 (WsFederation) after startup
We have an asp.net core website that configures a bunch of database setups for SSO that are OpenId and Saml2 endpoints. These change or are added in a UI for Administrators as necessary.
Right now ...
- 3,507
0
votes
1
answer
626
views
Azure B2C openid connecting to AAD
Using the MS documents listed below I have tried repeatedly to authenticate against AAD as an idp and I cannot get it to work. Every time I get the following error:
AADSTS50011: The reply url ...
- 67
1
vote
2
answers
259
views
Oauth2 : a Data Provider whith multiple OpenId Provider
Imagine a DataProvider secured by OAuth2. This DataProvider accepts OAuth2 tokens from multiples OpenId Provider.
When a RP (Client) calls this DataProvider with an Access Token, how the DataProvider ...
- 1,016
2
votes
3
answers
241
views
Can an OpenID Connect Provider be certified if it does not support unencrypted ID Tokens and Userinfo?
I'm working on a provider where it is required by external factors that the id token and the userinfo always be encrypted. The server itself is and must be zero-knowledge (as weird as it sounds).
In ...
- 123
1
vote
1
answer
3k
views
Creating an openid connect identity provider to secure rest APIs
I am having trouble finding an effective solution for the following requirements.
a. For an ios/android user to be able to register to our app. With a custom signup process because photo ID will be ...
- 1,549
8
votes
2
answers
6k
views
Creating Custom OpenId Provider for Oauth2 Spring Boot
I have used Oauth2 framework for authorization and access control for protecting my spring boot microservice api's. Oauth2 framework is working fine but now my Client wants a dedicated OpenId Provider ...
- 4,856
1
vote
0
answers
1k
views
Keycloak "there was no code" after authentication with a custom OpenID Provider
I followed a quickstart called "app-profile-jee-vanilla" to add an application to a Keycloak server. After that, I enabled log in with Google. So far, so good.
Now, I wanted to add a custom OpenID ...
- 61
4
votes
0
answers
1k
views
Authenticate an user with Keycloak calling a Webservice
I'm trying to secure a connection to a Java EE webapp using Keycloak.
Beeing completly new to Keycloak, and how to configure it, I would like to do this :
When trying to reach my webapp without ...
- 219
0
votes
1
answer
957
views
mitreId openid connect server using in an angular and .net webapi application
I'm working on a project which has angular as Frontend and backend API in asp.net WebAPI. There is an OpenId connect server(mitreid) which is hosted and I have to use that server for authentication ...
- 574
2
votes
1
answer
260
views
I can't get OpenID to work (openid.consumer.consumer.ProtocolError: Parameter next not in return_to URL)
I'm using Django-Allauth in my Django project. I added some Social Providers (Facebook, Google) and it works perfectly!
But I'm facing a problem when trying to use OpenID providers.
I've been testing ...
- 99
1
vote
1
answer
31
views
Are URLs (not domains) suitable for OpenID 2.0 identities?
I have previously used OpenID 2.0 identities and delegation [1] in the context of indieweb use-cases, where there is an assumption that each user controls a domain. So an identity would look like ...
- 16.8k
0
votes
1
answer
83
views
OpenId Connect Relying party implementation in Liferay
I am using Liferay CE 6.2 for my application. My application is a relying party and we want to do openId connect relying party implementation in Liferay. Can someone please guide me on this?
- 21
2
votes
1
answer
689
views
Can a client update details returned in a userinfo response?
When a client retrieves details about a user via the userinfo endpoint, is the data returned meant to be view only? Does the openid protocol permit the client to update the details for the user or ...
- 7,185