I have downloaded that example:
https://github.com/mraible/okta-spring-boot-angular-example
it works fine but I have no clue how to to authenticate with facebook or microsoft account? Is there any working example with that identity providers or can someone tell me what to do?
I have found example at okta website how to configure that in dashboard and at microsoft developer account but I don't know how to redirect from my webpage to site where I can sign in using microsoft account not okta account.
Thanks in advance
Once you configure IDP using this. At the end, they give you options for integration. For example, if you are looking to integrate Facebook, at the end of the guide they give you an html button you integrate with your apps or if you are using Okta's sign-in widget. It shows how to do so.
Related
I have setup Single Sign-On with SAML in Azure portal but now I don't know how to do in VB codes. I need guidance on how to do in visual studio so that once I publish the web to cloud it can call SAML/Azure AD and redirect to login Microsoft and if login success will redirect to webapp.
Thank you so much for the help
Registering your app is just a way for Azure AD to know that your app wants to authenticate its users with AAD.
In your application, you will use one of the many SAML SDKs to integrate AAD authentication.
I have a bot running on a hosting page where users are logged in using SSO.
I want to authenticate the user in the bot automatically when the bot starts and I do not want to use anAuthCard to do it. Just want to automatically authenticate the user without prompting anything to him, just using SSO.
I found an article that refers three ways to authenticate an user in the bot:
Sharing the client's user token directly with the bot via ChannelData
Using an OAuthCard to drive a sign-in experience to any OAuth provider
A third option, called Single Sign-On (SSO), that is in development.
And, according to the article my situation is:
WebChat in an authenticated website where the user is already signed in and the website has a token to the same identity provider but to a different app that the bot needs -> in the future, this is single sign-on, but for now you 'll need to use an OAuthCard.
Is there any update about this functionality? How can I authenticate the user into the bot without using an OAuthCard or a SigninCard?
Thanks in advance
Not sure if you have tried the option of using WebChat with Azure Bot Service’s Authentication which provides built-in authentication capability to authenticate chat users with various identity providers such AAD, GitHub, Facebook, etc.
If you are looking for this built-in feature, then probably you need to build your own custom built solution using Google sign-in by passing the token ID of the authenticated users. Or for an Account linking OAuth2 solution as explained in this link: How to implement Login in Dialogflow chatbot.
Microsoft guys Are looking at the issue now. you can track the progress here.
I implemented a solution that worked for me. I have the bot running in a .net core web app
Here's what I did:
Generate an userId before initializing the BotApp
When the user clicks on the button to open the webchat, I'm opening an authenticated controller in a popup that receives the generated userId. The page is authenticated, so you will need to authenticate. I store the userId in my DB, along with access_token and some user information. The controller should be created in the same webapp where the bot is running.
After storing all the information I close the tab and start the BotApp with the generated userId
In bot code you will be able to query your DB (using userId).
To wait until the popup close, you can have a look into this here.
I hope that this helps someone.
Best regards
I am trying to login website with yammer credentials using REST api. I have registered in yammer API. Now i have got developer token and Client ID from Yammer website.
Could you guys please let me know what is next step to login with yammer credentials from our application using c# in visual studio. Because i am beginner in using API.
Thanks!
You have a couple of options:
The JS SDK approach -
https://blogs.technet.microsoft.com/israelo/2014/10/21/yammer-rest-api-for-dummies/
The ADAL approach -
https://blogs.technet.microsoft.com/israelo/2016/07/05/yammer-apis-and-adal-tokens/
The first open will request users to login via a browser pop up, and the second option can utilise IWA, but there are some pre-conditions and limitations as it is still in preview. Details are in the blog.
We publish an app that use OAuth 2.0 API access on Google Apps Marketplace. It got reviewed by Google and they said our app is invalid because it shows permission screen when a user first runs the app. (The app will be removed from the Google Apps Marketplace if our app is not fixed within 30 days) To solve this issue, we have some problems.
Our app uses OpenID Connect to make users login.
Our app also uses Spreadsheet API and Calendar Resource API (OAuth 2.0 Web Application Flow)
So our questions related above is the followings:
1.
Although our app uses OpenID Connect for login, using OpenID Connect forces our app to show the permission screen. Doesn't it meet the best practice below of Google Apps Marketplace?
https://developers.google.com/apps-marketplace/practices#5_use_one-click_single_sign-on
We followed the OpenID Connect document provided by Google:
https://developers.google.com/accounts/docs/OAuth2Login
2.
Since Spreadsheet API and Calendar Resource API don't currently support the authentication method using Service Account with OAuth 2.0, we chose to use the method of Web Application Flow. Our app get the token when users login, but Google said to us that it fails to meet their SSO requirements. To solve the issue, we are thinking to change our app to authorize AFTER login within the app instead (use Web Application Flow method as it is). Does the way meet the SSO requirements? In other words, is it OK to show permission screen if after login?
We will applicate if anyone can tell us good solution to solve these problems.
Thanks,
If you register your scopes in the Google Apps Marketplace configuration screen, and then only request those scopes in the OpenID Connect flow, then the permissions screen should be automatically skipped. Please ensure the scopes match between these two locations.
We have a gmail gadget in apps marketplace that use SSO authorization described on this link: https://developers.google.com/google-apps/marketplace/best_practices?csw=1#gadget_sso. With recent update of marketplace is gadget flow will be updated to OAuth2 or it will stay the same?
If yes, then what is the deadline for the migration? I wasn't able to find this on the documentation about release.
Thank you!
In the new marketplace setup, you still have to use a popup to setup the correlation between the opensocial Id and the google user. But the popup will no longer use OpenId/SSO to identify the user to the application. Instead these two OAUTH2 scopes are pre-authorized :
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
and that's enough to get the identity of the user.