Has anyone logged in with react native using SSO (SAML2)?
I have some customers who log in via the web on a system, but on mobile I can also do it, does anyone have any idea how to do it?
Thanks
Related
I'm pretty new to mobile app development, with some experience regarding ASP.NET Core. In the past, I've used Firebase's Authentication module for its simplicity, but until now there hasn't been a case where I had to design and develop the authentication completely from scratch, especially not in mobile apps. Yesterday I've been googling and reading documentation all day long, just to find myself with even more questions than I had before...
The main idea is to create a cross-platform mobile app with:
React Native (Expo managed workflow)
ASP.NET Core 3.1 Web API with protected endpoints through validation of a JWT token in the request header
Identity Server: Azure AD B2C
Authorization Code flow with PKCE, as recommended by various docs
Yesterday I started looking at the AuthSession API of Expo (https://docs.expo.dev/versions/latest/sdk/auth-session), with which I managed to get an access token from the Azure AD B2C server after logging in with an existing user through the mobile app. This is all done through a webbrowser popping up when a user clicks 'Sign In' in the mobile app.
This made me think however: how do I implement the validation of this JWT token which comes from the Azure AD B2C server in the Web API? Many guides & tutorials regarding this topic simply configure a JWT key in the appsettings and use this key to both generate the JWT token and validate it afterwards. Is this where claims might come in handy?
I honestly feel a bit lost as the possibilities seem endless on one hand (hence the 50+ tabs currently open in my browser), but on the other I find it a bit suspicious to not find any decent example of my use case which makes me think I'm doing something completely wrong or overly complex. All I'm basically looking for is a clean and secure solution to authenticate users with my current app setup, without having to reinvent the wheel all over again. So far I've probably looked at every single library/nuget package/stackoverflow post out there...
Any guidance towards the usage of 1 or more specific libraries/guides/packages would therefore be greatly appreciated!
Have you looked at the B2C MSAL samples?
In terms of validating the JWT, there are many samples here. Also B2C.
I have been using Universal Login with Auth0. I would like to personalise the login experience for my users, so I'm considering switching to an embedded login form and using the SDK to authenticate with my auth0 server.
I only have one application, and potentially a native mobile app in future.
Reading the docs on Cross-Origin authentication it seems to suggest that the main issues here are:
Security risks with sending credentials cross-origin and open up the risk of a phising attack
Some browsers disable 3rd party cookies by default
And it would seem that both of these issues are solved by simply hosting my Auth0 server on the same domain as my embedded login form:
e.g auth.mydomain.com and mydomain.com/login
But still the Auth0 docs strongly advise using their Universal Login, almost every piece of documentation urges it.
My question
Are there any further issues with an embedded login form that sends credentials to an auth0 server on the same domain? When im only developing one application, I have no need for a shared login form.
Are auth0 just encouraging the use of Universal Login for business reasons?
I am currently working on a React Native app and have problems with OAuth2. I don't want to forward to a third-party website, but for the user to enter his username and password. Are there any documentations? I only find resources to third-party forwarding..
I dont have a client-id nor a client-secret.. its just username/password like a normal login flow
I know there's password-grant, but I didn't get it any further or I didn't know how to use it.
Thank you in advance
You can either use services like auth0 or AWS Cognito to build your own branded identity provider.
Or if you are feeling curious and ready for some heavy lifting, you can for example use C# .NET with a Identity Server 4, use Go with go-oauth2, and customize.
I have a task on my hands, but not absolutely sure how to start on this.
Hopefully community can provide some guidance.
I need to integrate react-native mobile app with SAML thus enabling app to leverage SSO.
At the moment business have a desktop implementation which goes like this:
user goes to http://subdomain.example.com/
gets redirected to identity provider (IdP)
signs in at identity provider
gets redirected back to http://example.com
uses example.com SaaS as signed user.
I imagine a similar approach could be done for react-native app?
Or when it comes to SAML integration with react-native different pattern must be used?
Are there potentially 3rd party libraries?
I have to integrate Websphere Application Server with OKTA. After googling I have configured snoop application as now I access OKTA(https://myorg.okta.com) and see the application there click there and I am logged in to the application successfully.
But my question is this at most of the tutorial after OKTA integration the url(https://washost/snoop) is mentioned for testing.
Can you please guide me which approach is right and why?
Many Thanks
Rama Sohaib and Xsurgent,
I have googled it more and understood my issue.Actually there are two types of Web SSO.
IDP(OKTA) Initiated where the URL becomes like this https://okta.com and SP(Websphere) Initiated where URL is like this https://washost/snoop. Websphere do not support SP Initiated SSO. It only supports IDP initiated SSO.
Thanks alot guys for helping me.Since I have successfully verified OKTA Integration with snoop I can easily integrate with any custom application.
Many Thanks,
Umar