3,700 questions
Advice
0
votes
2
replies
21
views
Login User not bound to the initially resolved user in CIBA
We are reviewing CIBA UX and subject binding behavior. Currently, a backchannel authentication request is initiated with login_hint, the OP resolves the intended user and creates an auth_req_id.
...
0
votes
0
answers
58
views
Keycloak: Set value of well known claims during Keycloak token-exchange V1
We are currently working on a token-exchange scenario using Keycloak token exchange support. We plan to exchange a token issued by a realm named realm_A against a token issued for another realm called ...
1
vote
0
answers
96
views
Error in Google Authentication with OpenID in ITop
I'm trying to implement Login With Google in a hosted ITop instance using the "Authentication with OpenID extension"
I've managed to show the "Login with Google" button by ...
- 11
0
votes
0
answers
70
views
.NET 4.6 Owin application gets authenticated, but User.Identity.IsAuthenticated stays false
Last weekend, I deployed an old .NET 4.6 application with OpenId authentication to an IIS server without any problem. Two days later, the problem started that the authentication falls in a loop ...
- 687
0
votes
0
answers
39
views
How to be sure to get user's email in userDetails of client principal data?
(This question is related to How can I safely obtain user claims from an Azure Function after authentication?)
I aim to set up Authentication for an Azure Static Web App resource using Okta as an ...
- 6,656
1
vote
1
answer
168
views
How can I safely obtain user claims from an Azure Function after authentication?
In an Azure Static Web App resource, the .auth/me route return a response with clientPrincipal and custom claims as shown in the example below:
{
"clientPrincipal": {
"...
- 6,656
0
votes
1
answer
182
views
wso2 APIM introspect key validation with Keycloak always returns error 900901 invalid credentials
Introspect always returns "900901 invalid credential", please check below error trace and configuration screenshot
APIM admin key manager Configuration
Also please note that it is working ...
0
votes
1
answer
340
views
keycloak jwks_uri inconsistent response
all, thanks in advance for any help. This is a copy of a question I asked at the Keycloak community forum that, unfortunately, got no responses.
Hi, all. Thanks in advance for any help.
I’m setting ...
- 334
0
votes
0
answers
50
views
How to securely identify the user linking their account via OAuth state parameter?
I'm implementing account linking with OAuth providers (e.g., Google).
Use case:
User is already logged into my system (e.g., with email/password).
They want to link their account to an OAuth provider....
- 102
0
votes
1
answer
195
views
Propagating OIDC third-party authentication failure to client application, in OpenIddict
We’re developing an authentication/identity server, based on .NET/C# & OpenIddict Server. We delegate authentication to a third-party server (using OpenIddict Client), currently just one provider, ...
- 1,411
0
votes
1
answer
67
views
ASP.NET authentication not expiring
I'm having an issue that no amount of googling or AI input is helping me identify where I'm going wrong. I have a sample ASP.NET MVC application that sets up authentication using the following code. ...
- 97
0
votes
1
answer
287
views
openiddict - "The signing key associated to the specified token was not found"
I'm using openiddict version 6 (latest version) in dotnet 9. I have a login server that is successfully handling username/password authentication as well as Google and Facebook auth correctly. I'm ...
- 8,263
0
votes
0
answers
24
views
OpenIdConnectAuthentication error - SecurityTokenException: Unable to validate the 'id_token', no suitable ISecurityTokenValidator was found for: ''."
I am using OpenId Auth and I am getting the following error.
Unable to validate the 'id_token', no suitable ISecurityTokenValidator was found for: "."
app.UseOpenIdConnectAuthentication(
new ...
- 13
0
votes
1
answer
87
views
Why can't I access to facebook.com/.well-known/oauth/openid/jwks/ from NodeJS server?
In order to validate some JWT from Facebook, I need to access to their public keys.
I'm running this code on my backend, and it returns an HTML with something like a "404 page", but, if I ...
- 2,123
0
votes
1
answer
40
views
Blazor Website (.NET 8, ServerPrerendered) OpenId For Web Pages And JwtBearer For API Endpoints - Doable?
Hoping someone can help me out.
We have a .net 8 blazor web site (ServerPrerendered) with web pages that have to use OpenIdConnectDefaults.AuthenticationScheme so users logged into the company's SSO ...
- 133