qer-app-portal seamless sign on

Hi

I enabled SSO for the new api-server-based web portal (qer-app-portal) using Entra as IDP.

The login using "OAuth 2.0/OpenID Connect (role-based)" works just fine.

Opening host.com/apiserver/html/qer-app-portal/ does not log me in seamlessly but welcomes me with a selection of auth. methods.

I dont want my users to select any method. I just want them to directly be signed on using oauth.

I tried disabling all other auth. methods but it didnt do the trick (Designer -> Base Data -> Security Settings -> Programs -> Application Server).

Any tips?

Thanks

Jonas

OIM 9.2.1

  • Hi  

    I might be wrong, but oAuth cannot be set as SSO. In your scenario, you already have a session open in Entra and need to use the same credentials to login to the web portal, ok?

    In our v92 install we did try as well to select one auth method (oauth , Google as IDP) to no success. So we ended up with modifications to the qbm/login component and html page. Our users are presented with a single button which starts the oauth dialog with Google. Of course, if they have a session open with their google account, they are logged in without entering their password.

  • Hello,

    Have you tried going into the Administration portal and excluding the authentication options for the end-user? This result should be that the user will not be able to choose another login option.

    Steps:

    1. Navigate to Administration portal and login via system user,

    2. Navigate to Configuration and click on the Web Portal in the dropdown,

    3. Search for "auth",

    4. Configure ServerConfig/AuthenticationConfig/ExcludedAuthentifiers.

    5. Search for "sso",

    6. Configure ServerConfig/AuthenticationConfig/SsoAuthentifiers

    7. Save and recycle IIS

    Hope this shines some light to the problem,

    Zan

  • That did the trick!

    Cheers mate