360 questions
1
vote
1
answer
23
views
Azure AD B2C IdP-initiated SSO : REST TP receives literal {QueryString:...} tokens instead of actual query values
We are building an IdP-initiated SSO flow using Azure AD B2C custom policies, where the journey must:
Read 3 querystring values:
enc_attrs_token, sp, and EntityId
Pass them to a backend REST API via ...
- 13
0
votes
1
answer
60
views
Disable keycloak username/password login option
I have integrated Keycloak v26.4.0 into a legacy .net 4.8 webforms app and enabled Microsoft as a provider.
This is all working fine, but I need to disable the Keycloak username/password option so ...
- 181
0
votes
1
answer
153
views
Obtain Azure AD cookies to auto-authenticate users in browser app
I have a WPF desktop application that lets employees open enterprise ticket-management portal from inside the UI.
The portal is protected by Azure AD single-sign-on (OpenID Connect). Ideally, I want ...
0
votes
0
answers
57
views
Harmonix (OPA) on AWS - backstage application
Working on the Harmonix implementation (Harmonix on AWS)
https://github.com/awslabs/harmonix/blob/main/README.md
From the open source code, abele deploy the required resources on AWS account but ...
1
vote
1
answer
63
views
No qualifying bean of type 'com.mycom.idp.common.servlet.IdpSecurityAdapter' available, after spring boot upgrade from 3.3.10 to 3.4.3
At the time of running JUnits, below error appears
Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'com.mycom.idp.common.servlet....
- 103
0
votes
2
answers
744
views
How to perform SSO implementation in iFrame
I have two different domain applications.
First.Com
Second.com
I want to load SSO url of Second.com in First.Com page using iFrame.
Scenario 1:
If I open First.Com and try to open Second.com in ...
- 859
0
votes
0
answers
56
views
Keycloak linking account flow with different devices
I have a keycloak with an external idp configured. I'm focusing on the first login flow in the case of linking account (an existing account with the same email).
Keycloak generates an email to the ...
- 45
0
votes
0
answers
45
views
Facing this issue when I am trying to login through saml sso:- Invalid assertion [] for SAML response []: Signature of Assertion
In microsoft azure I create one tenant. Created two enterprise applications in that tenant.
In both applications I create saml login information. And downloaded federation metadata xml file. When I ...
0
votes
0
answers
434
views
How to set up Keycloak/IDP's with Synology NAS users?
I want to set up Keycloak SSO (or another open-source IDP, if more suitable) to manage user authentication. However, my users are currently stored as local users on a Synology NAS, and I need a way to ...
- 47
0
votes
0
answers
144
views
RedHat DeveloperHub Error with integration with Microsoft Entra ID
Im configuring RHDH in CRC and in dev in my job
In my local, im facing this issue
Login failed; caused by Error: Sign in failed: User not found in the RHDH software catalog. Verify that users/groups ...
- 15
2
votes
2
answers
5k
views
Why is Keycloak resulting in "Cookie not found" error after IDP initiated login?
I am setting up IDP initiated authentication from ServiceA to my application using Keycloak. So far, I provided all necessary configurations required by ServiceA and I've also configured SAML Identity ...
- 21
0
votes
0
answers
24
views
Unable to access protected or admin pages with Auth0
I managed to run the backend following the steps described in this link: NestJS Code Sample: API Role-Based Access Control
I managed as well to run the frontend following the steps described in this ...
- 307
1
vote
2
answers
313
views
Empty JWK set using Spring Authorization Server as Keycloak IDP
I am building a Spring OAuth2 Authorization Server for users and essentially started by using 1 of the example projects on the official Spring Authorization Server github.
With that, I'm trying to use ...
- 309
0
votes
1
answer
28
views
Do IDP Metadata Elements Follow the Same Naming Conventions Across Different IDPs?
I'm currently working on a project that involves integrating multiple Identity Providers (IDPs) using SAML 2.0. I understand that SAML 2.0 provides a standard for exchanging authentication and ...
- 51
0
votes
1
answer
1k
views
How to get token via Keycloak + external SSO
I'm writing a backend implementation of authentication in an external sso. I use Spring Boot 3 for microservices, Keycloak is responsible for authentication. Keycloak contains multiple realms to ...
- 43
0
votes
0
answers
74
views
FlexiLayout and Project Setup Station doesn't have the same results in ABBYY
I create a fl and is matched correctly, however in Setup station is not matching correctly.For example first image, in flexilayout 3 fields are correct matched. On second image I tested in Project ...
0
votes
1
answer
151
views
Need only sign in of Identity provider in AD B2C
I need only sign in and no signup for local account and federated account (identity provider) in AD B2C.
Also I don't want to create federated accounts in user section of ADB2C. (This is usually ...
1
vote
1
answer
218
views
How to add ForceAuthn flag on AWS cognito
I'm using AWS cognito as SP while using SAML with other Idps. I want for specific customer to use ForceAuthn to enforce login in every authentication. How can I do that with AWS cognito?
And could it ...
- 13
0
votes
1
answer
53
views
Is PKCE flow with facade secure?
Could you please help me to assess whether using facade with Authorization Code Flow with PKCE does not break security concept behind original flow.
We have a requirement to provide a facade for IDP ...
- 127
0
votes
0
answers
27
views
how to renew idp-signing.crt in powershell o365 (federated)?
How to renew signing.crt (idp) file in Federated O365 ?
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\Users\test-win\Documents\idp-signing.crt")
$...
- 5
1
vote
0
answers
181
views
Application Python for OIDC connexion
I meet a problem and I search a solution, can you help me?
I make an Python application for test a OIDC connection with PKCE. I can authenticate myself and have a personnal message like "Hello ...
1
vote
1
answer
362
views
Secure way to share auth tokens between APIs and embedded widget on partner website which calls those APIs
Imagine a widget (let's say it's written in React or some front end framework) that is able to sell your product. It makes API calls to your server to place orders, collect information about the ...
- 91.8k
1
vote
2
answers
651
views
Adding a custom claim in Azure B2C using user flows
Using an external IDP in azure B2C. Is it possible to add a custom claim to the JWT without using custom policies?
In my IDP I have this code in the /connect/token endpoint:
This works as expected and ...
- 531
1
vote
1
answer
2k
views
Configuring Multiple Identity Providers (IDPs) for SAML Authentication in Spring 5
I've successfully implemented SAML-based Single Sign-On (SSO) using Spring 5 with the guidance provided in the tutorial https://isd-soft.com/tech_blog/diving-sso-spring-saml-ssocircle/. The ...
- 625
0
votes
1
answer
148
views
Auth0 SAML IDP-initiated returns the error “Unsupported response mode: auth0_pq_openid” when logging in
We have our our auth0 stack set up from terraform.
It currently consists of a regular web app and a SAML connection pointing to SAMLING ( Samling 1 ).
Our goal is to implement IDP-initiated login (...
- 16.6k