Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using OpenID Connect with WSO2 API Manager and ADFS

I am testing WSO2 API Manager v1.9.0 for its possible use in my company, we are building some new apps using Rest API's for the backend and SPA's for our frontends. We conclude that it would require the use of OpenID Connect and WSO2 supports it.

We use ADFS 3.0 as our Identity Provider and I already managed to federate ADFS with WSO2 API Manager and I am able to authenticate the company users to obtain an access token. The process passes through the following steps:

  1. The user clicks on the login link and it is redirect to the ADFS login page;
  2. The user authenticates itself and it is redirected to a consent page;
  3. The user approves the access and he is redirected to a link that contains the access token.

Considering that my company already owns the user data, is there a way to disable the consent page and requires only the user to login?

The OpenID Connect specification is new for me so if you need more information please let me know.

Best regards

like image 293
Michael Avatar asked Jul 02 '15 09:07

Michael


1 Answers

I find out how to disable the consent page. Edit the [WSO_API_MANAGER]/repository/conf/identity.xml and change the parameter SkipUserConsent to true.

<OpenIDConnect>
    ...
    <SkipUserConsent>true</SkipUserConsent>
    ...
</OpenIDConnect>
like image 93
Michael Avatar answered Oct 15 '22 19:10

Michael