Menu
I have an already built Asp.Net application which is using Asp.Net membership provider.
There is a client web application which has its own login. Once logged in, the user gets some links. These links are directed to the application I have developed. Currently since these are two different applications hosted in two domains, there are two time login required.
What I am trying to achieve is have SSO and not have to login when the user is already logged in the client application. I have read through and seems its possible to have this done via a STS provider like ThinkTecture IdentityServer and utlising ADFS at our end.
Is this the best approach and if yes, I couldn't find much of documentation with respect to what are the updates I need to ask from the main application team to have it SSO enabled.
748
In the management dashboard, click Apps / APIs. Click the application that you want to enable Single Sign On. In the Settings tab, scroll down until you see the Use Auth0 instead of the IdP to do Single Sign On switch. Flip the switch! and save the changes.
Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.
That might be possible with STS Provider or ADFS. What I would suggest is to have a web application only for authentication where in when user clicks on login on main website, you can redirect to authentication application, authenticates and create a token and then redirect back to main application along with token. Later, you can call any applications along with this token and check if user has permission to access this application or not. Token contains information such as authenticated user, permission, etc. I suppose you need to create custom http module to implement this.
If all applications are under one domain, it can be achieved by cookies.
68
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
