• State Verified Answer
  • Replies 3 replies
  • Subscribers 96 subscribers
  • Views 278 views
  • Users 0 members are here
Options
Related

qer-app-portal seamless sign on

Jonas Wiedamann
28 days ago

Hi

I enabled SSO for the new api-server-based web portal (qer-app-portal) using Entra as IDP.

The login using "OAuth 2.0/OpenID Connect (role-based)" works just fine.

Opening host.com/apiserver/html/qer-app-portal/ does not log me in seamlessly but welcomes me with a selection of auth. methods.

I dont want my users to select any method. I just want them to directly be signed on using oauth.

I tried disabling all other auth. methods but it didnt do the trick (Designer -> Base Data -> Security Settings -> Programs -> Application Server).

Any tips?

Thanks

Jonas

OIM 9.2.1

  • 0 26 days ago

    Hi  

    I might be wrong, but oAuth cannot be set as SSO. In your scenario, you already have a session open in Entra and need to use the same credentials to login to the web portal, ok?

    In our v92 install we did try as well to select one auth method (oauth , Google as IDP) to no success. So we ended up with modifications to the qbm/login component and html page. Our users are presented with a single button which starts the oauth dialog with Google. Of course, if they have a session open with their google account, they are logged in without entering their password.

  • +1 23 days ago

    Hello,

    Have you tried going into the Administration portal and excluding the authentication options for the end-user? This result should be that the user will not be able to choose another login option.

    Steps:

    1. Navigate to Administration portal and login via system user,

    2. Navigate to Configuration and click on the Web Portal in the dropdown,

    3. Search for "auth",

    4. Configure ServerConfig/AuthenticationConfig/ExcludedAuthentifiers.

    5. Search for "sso",

    6. Configure ServerConfig/AuthenticationConfig/SsoAuthentifiers

    7. Save and recycle IIS

    Hope this shines some light to the problem,

    Zan

  • 0 22 days ago in reply to zan

    That did the trick!

    Cheers mate