<cite>vnetonline: </cite> Will the Angular2 UI work with the ASP.NET 4.6.x SPA, or only ASP.NET Core?
+1 UP!
Hi all,
I know that Aspnet zero supports SSO as External Login like Facebook Google+ and more.
But it's possibile to use aspnet zero as SSO provider?
We have to provide a mechanism where external portal can be use aspnet zero credentials to identify already logged-in user and call our API to retrieve some information.
Thanks
Thanks aaron. I give it a try and report any issues!
<cite>aaron: </cite> Yes, it's possible.
See:
- ASP.NET Zero development guide for basic configuration.
- IdentityServer4's own documentation to understand and configure IdentityServer4.
I did read docs and took a look on the sample ApiClient that you mentioned. BTW we need a system like FB SSO where external portal can call ANZ login form and obtain authToken!
To accomplish with this is enough if external portal call ANZ loginUrl with returnUrl set to its url and in ANZ side append the authToke to returnUrl and redirect it ?
Thanks aaron, where is mentioned this SingleSignIn in the docs? I didn't know this feature :D I'll take a look and report to you!
Yep! I think this mechanism can be enough!
Talking about JWT tokens ... is ANZ compliant with Sliding Expiration? Can we configure it in some way?
Thanks
Thank you aaron for clarifications!
I think that adapt SingleSignIn mechanism is the best choice for our needs.
If we'll have further doubts I'll write :D
Thx a lot.
As said before, we are using SingleSignIn mechanism for our purpose.
But what about SinglSignInTokenExpireUtc field? Is used or not?
If not, where we have to change the code and implement a check on this field and drive request to a 401 status?
Thank you, Aaron ... but is possible to integrate this check in WebApi layer? Editing some Authorization Filter?
As said at beginning of this thread, we need to allow access to our WebAPI to a third-party service. To do so, we like to use login mechanism offered by SingleSinIn where login form redirects to a specific URL passing through accessToken, memberId and tenantId. Moreover, accessToken has to be valid for 20 minutes and each request made on our webApi have to extend token validity for 20 minutes more, without releasing a new accessToken.
In this scenario, it was helpful to use SignInToken and check its validity!