Is it possible to achieve Azure Active Directory authentication without going to browser window? I will have username and password via the mobile app login interface.
I need to achieve below scenario:
Use open mobile application (ios/android)
Enter Azure AD username and password to app login screen - e.g. user#tenant.onmicrosoft.com & password
I pass those information to .net web service - which need to call some Azure AD api to validate user credential before proceed to perform other business logic/make database calls
Any recommendation? I DON'T want user to redirect to any login window/page as this will not be good user experience.
I have already checked few different articles but not satisfactory response yet.
Thank you for your time.
I believe below link is helpful.
http://www.cloudidentity.com/blog/2014/07/08/using-adal-net-to-authenticate-users-via-usernamepassword/
Related
I have a simple question that I can't solve with the resources about moodle and LTI.
I want my users to login into their App with moodle credentials (as often done with e.g. "login via facebook") - is my app the consumer or the provider?
I first thought the app is the provider but some points make me question that:
No, I do not want to start the app from within moodle.
No, I also do not want to embedd my app content in moodle.
I just want the users registered in moodle login to an app with their moodle username and password
All content I found on LTI provider assumed the opposite of point 1 and 2.
However, I also found that moodle can be a provider itself. It has been shown to be embedded in an external application. But in my understanding, the consumer is responsible for authenticating the login (which is opposite to point 3).
Am I missing something, that makes it so hard to see the soution here?
I found Atomic Jolt's try_oauth repo will do exact what you want. It also has an excellent code along video which explains the workflow really well.
You navigate to the app and it opens up a Canvas authentication page and grabs the users credentials.
https://github.com/atomicjolt/try_oauth
Hope that help.s
There is a plugin for moodle which makes it a oauth2 provider. You could use that to allow authentication in your app with moodle credentials.
https://github.com/projectestac/moodle-local_oauth
Couple of questions:
I implemented the authentication process with OneDrive. My desktop application is designed for end-users. Every time the application is launched the little browser window pops up asking the user to confirm access...and if more than 1 hour passed user needs to provide username and password. Is there any way that end-user with SOME SORT of saved credentials (or user Code +user Secret, or API code + API secret) will be able to invoke the application and not be prompted by browser form (that currently requires login - if access token expired - or confirmation)?
The goal of my application is file sharing - that is, one end user may send URL (to the file that he uploaded to OneDrive) to another user and the latter should be able to download the file by clicking on the link (without any prompts, exactly like in manual process of sharing link to the file in OneDrive). Is it possible? If yes, how to achieve that? That is, how do I get that URL? Redandent to say that I am looking for a programmatic way to obtain a URL that will achieve the above described)
The OneDrive authentication process uses Microsoft account, which supports OAuth 2.0. You should be able to point the user to:
https://login.live.com/oauth20_authorize.srf?client_id=CLIENT_ID&scope=SCOPE&response_type=code&redirect_uri=REDIRECT_URI
Once the user authenticated and authorizes your app, the user will be taken to REDIRECT_URI/?code=CODE, where your app can exchange that code for an access token at:
https://login.live.com/oauth20_token.srf?client_id=CLIENT_ID&client_secret=CLIENT_SECRET&code=CODE&grant_type=authorization_code&redirect_uri=REDIRECT_URI.
There are more details at http://onedrive.github.io/auth/msa_oauth.htm.
I want to read/write some content to Google Drive Programmatically from a ASP.NET MVC Application. Here i want to use Email ID and Password as hot coded instead of navigating user to authentication page.
I looked at some examples, all are redirecting user to Google authentication page. But My requirement is to use a fixed Google user account.
You can no longer use username/password for authentication. Just let go of it.
You can use the steps in the answer here How do I authorise an app (web or installed) without user intervention? (canonical ?) to achieve what you are looking for
I have searched a lot for integrating AD for authenticating a user while login, I've read these pages :
http://www.macworld.com/article/1056791/activedirectory, which gives me the basic info but not the exact solution.
Later on while R and D i come to the post on Stack Overflow How to authenticate to Active Directory using iOS app, which showed me the solution based on PHP server page, but I want to authenticate that user from my app itself.
How can I do this correctly ?
// Hi everyone i solved this problem with the .NET SOAP service, my colleague has written that web service which needs the two parameters USERNAME and PASSWORD which we want to authenticate from Active Directory, Once we call that web service along with the parameters USERNAME and PASSWORD it returns us TRUE if the user is registered with the active directory or returns the FALSE. The authentication of the Active Directory user is very easy from .NET than that of from Objective-C.
I'm using the Google Apps Provisioning API to synchronize user data with our internal database (MySQL). For every new user created through our site's backend, a corresponding user in created in the GoogApp system. Change is passwords are also synchronized accordingly.
I'm about to implement SSO, so that logins performed on our website automatically makes the user login into the google apps too.
My question is what happens IF the user happens to change his/her password using the Account > Settings in the googapps interface, instead of our own backend? Our system has no way of knowing about the change! Is there a way in Prov API or SSO with which I can turn off the password changing mechanism in googapp engine and let the user do it ONLY through our backend?
Anyone who's used / setup a similar system, please shed some light on it.
Thanks,
m^e
When you have SSO enabled in your Google Apps domain you have to provide a "change password" URL, that way when the users tries to go "Setting"->"Change Password" they will be redirected to your custom URL and make the password change in your backend.