I am trying to make a login on a web app that authenticates those credentials against a user's SAP login credentials. How can I do that? What is this called? Is this an HTTP request or something else?
Related
TLDR: Is there a way to dynamically set the login URL during app
runtime for either Auth0, Okta, or some other authentication service?
I am developing a capacitor application that uses Salesforce data. My app users will need to authenticate to Salesforce to retrieve permission (access token, refresh token, etc) for the app to grab their Salesforce data. The catch is the user can customize their login url based on the Salesforce sandbox they wish to hook my app up too during app run time. For instance they can use the choose to access a
prod sandbox via https://login.salesforce.com/.well-known/openid-configuration
development sandbox via https://test.salesforce.com/.well-known/openid-configuration
specific sandbox via https://${customSandboxDomain}.my.salesforce.com/.well-known/openid-configuration
Due to the user being able to determine which sandbox/domain they would like to authenticate to the app needs to be able to dynamically declare the authentication login url. Is there a way to dynamically set the login URL during app runtime for either Auth0, Okta, or some other authentication service?
Im very new to Nextcloud. I have a webapp has a login page. It has own authentication system. But I want to use Nextcloud’s authentication to login my webapp. So I want to take the username and password from my webapp then send it to Nextcloud via http request to get a token or something useful result about successful login.
I checked out documentation but couldnt find any info about getting token with rest api.
Take a look at the Login Flow of the Nextcloud documentation. It details the old way of using usernames and passwords in the API or update to app passwords (apps can be registered and obtain a token)
https://docs.nextcloud.com/server/latest/developer_manual/client_apis/LoginFlow/index.html#converting-to-app-passwords
I am currently working on a project that requires a user to Login to the app using Google credentials but without redirection to the google authentication website. The user needs to enter his Gmail id and password in the app window and somehow I need to verify these credentials with Google (without redirecting). Is there a way to do this?
EDIT:
One approach I got is to send these credentials to google which would authenticate the credentials and return an authentication token. But the feasibility of this approach is questionable.
I have a web app front end and web api back end both written in ASP .Net Core 1.1 MVC. I am using Auth0 as the authentication server, using the "authorization code grant flow".
So the user logs in - i.e. the user gets directed to Auth0's login screen, which, if the username and password were correct, sends the web app back an authorization code, which the web app then exchanges for an access token, which is then used for all web api calls.
Then, the user clicks on a link which makes the web app call upon a web api action. My question is, how can the web api know which user is making the request? Or maybe at the point the user successfully logs in, the web app should call upon a controller in the web api and tell it which user just logged in? Not sure what the best practice is...
Thank you
I will answer in terms of OAuth 2.0 specification.
Specification determines 4 roles:
Resource owner
Resource server
Client
Authorization Server
In your context:
Resource owner is end-user.
Resource server is your Web API.
Client is your web application.
Authorization Server is Auth0.
Follow steps:
Your Web API should be registered on Authorization Server
(https://auth0.com/docs/apis).
Your Web API should be responsible to validate access tokens that
are used for requesting API. This access tokens contains info about
end-user/client (https://auth0.com/docs/api-auth/tutorials/verify-access-token).
You should include Web API scope in authorization request.
You should get access token in your web application and include it in HTTP request to Web API.
I'm developing an Enterprise/Internet Application with WebAPI 2 RESTful server and SPA web client (Angular2) —So I have two separated projects created using ASP.NET 4.6 Empty template and both use OWIN and are IIS hosted.
The requirement for Authentication is:
Active Directory user which is logged in to the workstation will authenticated automatically once she opens any page from app in the browser if user id/name found in the database, with no need to enter her user/pass. Let name this as auto-login. Else if it's not found in the DB it will redirected to the login page.
Also there should be a logout option which redirects user to the login page after logging she out.
In the login page any AD user can enter her/his AD user&pass and after successful check against database (existed) and AD (valid credential) she/he will logged in to the system (Obviously it may be different than user currently is logged in to the workstation)
In addition to the web client it will have other clients such mobile apps which will connect and be served by the WebAPI back-end. Users will login there using their AD user & pass too. Let name it manual-login.
According to the REST architecture and having both AD enterprise and internet/mobile users together, the authentication should be token based —this is what I found till now but I'm not sure.
I read about OWIN Authentication architecture and Windows Authentication and I checked MixedAuth, Now I think it is the nearest solution for this requirement as it lets app-defined users to authenticate side by side of windows/AD users. But even after dig into it and its SPA sample I didn't found my way yet and confused.
Anyone can help?
What should I actually do on the WebApi server and SPA Client to accomplish those authentication requirements?
Which middlewares should I add and how should config/manipulate them?
UseCookieAuthentication ?
UseExternalSignInCookie ?
UseOAuthBearerTokens ?
Can I rely just on Bearer tokens (using OAuthBearerTokens MW) and get same token for authenticated windows users to unify authentication model based on bearer tokens? If so, how?
How and where should I put my code for checking that AD user exists in the DB and if not so reject the authentication?
Thanks a lot.