Openid Connect single sign on external web sites
up vote
1
down vote
favorite
I read about saml and openid connect on the web.
I am trying to implement asp.net mvc project with following requirements.
User logins my website.
User clicks external site link(ex
trello.com) and redirected to external site login page.After sign in a consent screen opens with predefined
scopes.Userapproves and return back to my site.Id token and access token are received.
To my knowledge, until now you can proceed with openid connect.
However I can't figure out how I can accomplish following requirement with openid connect.
- After granting access (previous steps via authorization code flow) whenever user logins my site and clicks external site link, user will be automatically signed on external site. (Like Appdirect and Telstra do)
I know I can implement requirement 5 with SAML but I couldn't find a way to do with openid connect.
asp.net-mvc oauth-2.0 openid saml-2.0 openid-connect
edited Nov 22 at 16:38
Milo
1,83551529
asked Nov 22 at 13:56
user10687783
62
add a comment |
up vote
1
down vote
favorite
I read about saml and openid connect on the web.
I am trying to implement asp.net mvc project with following requirements.
User logins my website.
User clicks external site link(ex
trello.com) and redirected to external site login page.After sign in a consent screen opens with predefined
scopes.Userapproves and return back to my site.Id token and access token are received.
To my knowledge, until now you can proceed with openid connect.
However I can't figure out how I can accomplish following requirement with openid connect.
- After granting access (previous steps via authorization code flow) whenever user logins my site and clicks external site link, user will be automatically signed on external site. (Like Appdirect and Telstra do)
I know I can implement requirement 5 with SAML but I couldn't find a way to do with openid connect.
asp.net-mvc oauth-2.0 openid saml-2.0 openid-connect
edited Nov 22 at 16:38
Milo
1,83551529
asked Nov 22 at 13:56
user10687783
62
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I read about saml and openid connect on the web.
I am trying to implement asp.net mvc project with following requirements.
User logins my website.
User clicks external site link(ex
trello.com) and redirected to external site login page.After sign in a consent screen opens with predefined
scopes.Userapproves and return back to my site.Id token and access token are received.
To my knowledge, until now you can proceed with openid connect.
However I can't figure out how I can accomplish following requirement with openid connect.
- After granting access (previous steps via authorization code flow) whenever user logins my site and clicks external site link, user will be automatically signed on external site. (Like Appdirect and Telstra do)
I know I can implement requirement 5 with SAML but I couldn't find a way to do with openid connect.
asp.net-mvc oauth-2.0 openid saml-2.0 openid-connect
edited Nov 22 at 16:38
Milo
1,83551529
asked Nov 22 at 13:56
user10687783
62
I read about saml and openid connect on the web.
I am trying to implement asp.net mvc project with following requirements.
User logins my website.
User clicks external site link(ex
trello.com) and redirected to external site login page.After sign in a consent screen opens with predefined
scopes.Userapproves and return back to my site.Id token and access token are received.
To my knowledge, until now you can proceed with openid connect.
However I can't figure out how I can accomplish following requirement with openid connect.
- After granting access (previous steps via authorization code flow) whenever user logins my site and clicks external site link, user will be automatically signed on external site. (Like Appdirect and Telstra do)
I know I can implement requirement 5 with SAML but I couldn't find a way to do with openid connect.
asp.net-mvc oauth-2.0 openid saml-2.0 openid-connect
asp.net-mvc oauth-2.0 openid saml-2.0 openid-connect
edited Nov 22 at 16:38
Milo
1,83551529
asked Nov 22 at 13:56
user10687783
62
edited Nov 22 at 16:38
Milo
1,83551529
asked Nov 22 at 13:56
user10687783
62
edited Nov 22 at 16:38
Milo
1,83551529
edited Nov 22 at 16:38
Milo
1,83551529
edited Nov 22 at 16:38
Milo
1,83551529
1,83551529
asked Nov 22 at 13:56
user10687783
62
asked Nov 22 at 13:56
user10687783
62
asked Nov 22 at 13:56
user10687783
62
62
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
This is essentially SSO and SSO works like:
- Application A authenticates with IDP X
- Application B authenticates with IDP X
When user goes to B, they are already signed on with the same IDP and so they don't see a login screen.
But if user goes to:
- Application C authenticates with IDP Y
they will not get SSO.
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
Let me clarify. Imagine I made agreements with various web sites and they act like OpenID Provider.(Let's say trello.com,mailchimp.com) I initiated authorization code flow between my app and aforementioned websites.User granted some permissions to my app like reading user contacts and so on. I also should implement the following functionality ; whenever user logins my app and click let's say trello.com icon,user should be automatically logged into trello.com without needing an active session in trello.com(Requirement 5)
– user10687783
Nov 22 at 18:34
I think what I am looking for IdP Initiated SSO which openid connect doesn't support.Is it true ?
– user10687783
Nov 22 at 21:37
Yes - IDP Initiated is only SAML.
– nzpcmad
Nov 22 at 23:34
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
This is essentially SSO and SSO works like:
- Application A authenticates with IDP X
- Application B authenticates with IDP X
When user goes to B, they are already signed on with the same IDP and so they don't see a login screen.
But if user goes to:
- Application C authenticates with IDP Y
they will not get SSO.
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
Let me clarify. Imagine I made agreements with various web sites and they act like OpenID Provider.(Let's say trello.com,mailchimp.com) I initiated authorization code flow between my app and aforementioned websites.User granted some permissions to my app like reading user contacts and so on. I also should implement the following functionality ; whenever user logins my app and click let's say trello.com icon,user should be automatically logged into trello.com without needing an active session in trello.com(Requirement 5)
– user10687783
Nov 22 at 18:34
I think what I am looking for IdP Initiated SSO which openid connect doesn't support.Is it true ?
– user10687783
Nov 22 at 21:37
Yes - IDP Initiated is only SAML.
– nzpcmad
Nov 22 at 23:34
add a comment |
up vote
1
down vote
This is essentially SSO and SSO works like:
- Application A authenticates with IDP X
- Application B authenticates with IDP X
When user goes to B, they are already signed on with the same IDP and so they don't see a login screen.
But if user goes to:
- Application C authenticates with IDP Y
they will not get SSO.
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
Let me clarify. Imagine I made agreements with various web sites and they act like OpenID Provider.(Let's say trello.com,mailchimp.com) I initiated authorization code flow between my app and aforementioned websites.User granted some permissions to my app like reading user contacts and so on. I also should implement the following functionality ; whenever user logins my app and click let's say trello.com icon,user should be automatically logged into trello.com without needing an active session in trello.com(Requirement 5)
– user10687783
Nov 22 at 18:34
I think what I am looking for IdP Initiated SSO which openid connect doesn't support.Is it true ?
– user10687783
Nov 22 at 21:37
Yes - IDP Initiated is only SAML.
– nzpcmad
Nov 22 at 23:34
add a comment |
up vote
1
down vote
up vote
1
down vote
This is essentially SSO and SSO works like:
- Application A authenticates with IDP X
- Application B authenticates with IDP X
When user goes to B, they are already signed on with the same IDP and so they don't see a login screen.
But if user goes to:
- Application C authenticates with IDP Y
they will not get SSO.
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
This is essentially SSO and SSO works like:
- Application A authenticates with IDP X
- Application B authenticates with IDP X
When user goes to B, they are already signed on with the same IDP and so they don't see a login screen.
But if user goes to:
- Application C authenticates with IDP Y
they will not get SSO.
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
answered Nov 22 at 18:12
nzpcmad
27.8k2892142
27.8k2892142
Let me clarify. Imagine I made agreements with various web sites and they act like OpenID Provider.(Let's say trello.com,mailchimp.com) I initiated authorization code flow between my app and aforementioned websites.User granted some permissions to my app like reading user contacts and so on. I also should implement the following functionality ; whenever user logins my app and click let's say trello.com icon,user should be automatically logged into trello.com without needing an active session in trello.com(Requirement 5)
– user10687783
Nov 22 at 18:34
I think what I am looking for IdP Initiated SSO which openid connect doesn't support.Is it true ?
– user10687783
Nov 22 at 21:37
Yes - IDP Initiated is only SAML.
– nzpcmad
Nov 22 at 23:34
add a comment |
Let me clarify. Imagine I made agreements with various web sites and they act like OpenID Provider.(Let's say trello.com,mailchimp.com) I initiated authorization code flow between my app and aforementioned websites.User granted some permissions to my app like reading user contacts and so on. I also should implement the following functionality ; whenever user logins my app and click let's say trello.com icon,user should be automatically logged into trello.com without needing an active session in trello.com(Requirement 5)
– user10687783
Nov 22 at 18:34
I think what I am looking for IdP Initiated SSO which openid connect doesn't support.Is it true ?
– user10687783
Nov 22 at 21:37
Yes - IDP Initiated is only SAML.
– nzpcmad
Nov 22 at 23:34
Let me clarify. Imagine I made agreements with various web sites and they act like OpenID Provider.(Let's say trello.com,mailchimp.com) I initiated authorization code flow between my app and aforementioned websites.User granted some permissions to my app like reading user contacts and so on. I also should implement the following functionality ; whenever user logins my app and click let's say trello.com icon,user should be automatically logged into trello.com without needing an active session in trello.com(Requirement 5)
– user10687783
Nov 22 at 18:34
Let me clarify. Imagine I made agreements with various web sites and they act like OpenID Provider.(Let's say trello.com,mailchimp.com) I initiated authorization code flow between my app and aforementioned websites.User granted some permissions to my app like reading user contacts and so on. I also should implement the following functionality ; whenever user logins my app and click let's say trello.com icon,user should be automatically logged into trello.com without needing an active session in trello.com(Requirement 5)
– user10687783
Nov 22 at 18:34
I think what I am looking for IdP Initiated SSO which openid connect doesn't support.Is it true ?
– user10687783
Nov 22 at 21:37
I think what I am looking for IdP Initiated SSO which openid connect doesn't support.Is it true ?
– user10687783
Nov 22 at 21:37
Yes - IDP Initiated is only SAML.
– nzpcmad
Nov 22 at 23:34
Yes - IDP Initiated is only SAML.
– nzpcmad
Nov 22 at 23:34
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53432557%2fopenid-connect-single-sign-on-external-web-sites%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
