I was looking for a way to use keyclock for sharepoint authentication using OIDC ?
Is there any documentation or implementation available ?
Related
So I recently started exploring Azure Identity Platform for this user authorization use case I'm trying to implement. After a bit of research I came across using Graph API and creating ROPC flows to handle SingUp and Login via REST API from my application. My requirement is also to allow users to use login credentials from another app (I'm not sure yet if it implements a SAML based Identity Provider method) to use services in my application. This is a typical SSO requirement, but I'm not sure if it is possible to implement alongside username-password based authentication using Azure AD B2C.
I would appreciate any leads. Thank you.
Edit: To be more precise, I am working with Java-Spring. The demo application mentioned in Azure AD documentation (Woodgrove groceries) is exactly what I'm trying to achieve. A quick google search for the same provides me with github repos with sample code that uses .Net I believe. Are there any Java sample codes that demonstrate the same?
ROPC does not support SSO if that's what you want to achieve.
We have a vendor membership management solution to manage our members, Netforum Pro. They provide a Web API via Rest or Soap for external applications to authenticate.
We would like to use Moodle as Learning Management System for our members. However, Moodle has an authentication plugin for SAML.
Can we use OneLogin as a middle agent in this situation?
Thanks
Linh N.
OneLogin acts as Identity Provider and has toolkits that will help you authenticate requests when used by application providers. In your case it looks like Moodle has already the functionality that you would implement with the OL toolkit and that NetForum is the Identity Provider. So using OneLogin won't help much.
You should look into http://documentation.abila.com/netforum-enterprise/2017.1/Content/Admin/Security/SAML.htm
Canb anyone provide documentation or a high level approach for using identity server 3 with on-premise SharePoint 2013.
Currently windows active directory is integrated with SharePoint and basic FBA (form based authentication) is being used.
SharePoint 2013 natively supports claims based authentication via WS-Federation but not via OpenID Connect. This is typically used within the enterprise for federated authentication from ADFS into SharePoint.
IdentityServer 2 does support WS-Fed, whereas IdentityServer 3 does not straight out of the box. There is a WS-Fed plugin however - this should be considered option #1.
https://github.com/IdentityServer/IdentityServer3.WsFederation
Another option might be to wire up ADFS v3 between IdentityServer3 and SharePoint.
As a third alternative, I've set up our IdentityServer v2 instance as an IDP for SharePoint for a few customers - it's a pretty easy process following the Microsoft recipe, replacing the word "ADFS" for "IdSvr2" :)
https://technet.microsoft.com/en-us/library/hh305235.aspx?f=255&MSPPError=-2147217396
I'm trying to intergrate Microsoft Azure with WSO2 Identity Server 5.1.0. I have installed the identity server in azure and configured LDAP User Store in wso2 Identity server.
My requirement is to use that inhouse usertore using ADFS.
I have found the way of doing this using SSO but is there a way of doing this using oAuth2 service?
if your users are in LDAP, you can use ADFS in WS 2016 to directly connect them. After that, they can be used via any federation protocol that ADFS 2016 supports which is WS-*, SAML, OAuth, OpenID Connect. You can see how to configure LDAP at https://technet.microsoft.com/windows-server-docs/identity/ad-fs/operations/configure-ad-fs-to-authenticate-users-stored-in-ldap-directories.
Thanks
//Sam (Twitter: #MrADFS)
how can I let non-domain users username/password login my sharepoint site (is on internet)? I am using Sharepoint 2010 foundation. can I authentic them via Active Directory?
If you want to continue to use Active Directory, you will need to give an AD account to these users. Otherwise, SharePoint also supports Forms Based Authentication and SAML token-based authentication.
Note that these authentication methods are not mutually exclusive. You can use any combination of authentication methods supported by the authentication mode of the Web Application (SAML token-based authentication is only supported when your Web Application is in Claims Based mode).
For more information, see Plan authentication methods.
You can use Form Base Authentication.
Reference: http://blog.morg.nl/2011/08/step-by-step-forms-based-authentication-fba-on-sharepoint-2010/