IdentityServer

Implementing silent renewal of authentication token with Identity Server 4 and oidc-client.js is almost trivially easy, provided you set all the appropriate configuration settings on server (RedirectUris) and client (automaticSilentRenew, silent_redirect_uri). And it works a treat…until it doesn’t. Handling the silent renew callback in our Aurelia app through an Aurelia component worked - provided you are on the browser tab where the app is running when the silent renew request is made. [Read More]

At my employer we are currently implementing SSO with the following requirements. Users can be authenticated against a number of identity providers, including: Our SQL database, which may move to Azure Active Directory in future A 3rd party ADFS end point Custom authentication end points hosted by our customers (think asmx services) No social providers for the moment Users should be routed to the appropriate Idp based on some knowledge we have about the user (user enters email/username, we make decision on the Idp(s) to use and forward user to appropriate Idp) We considered the following products based on the these considerations (note, there are a number of other products available, but they either didn’t meet our requirements, were prohibitively expensive, or had so much marketing fluff to wade through that it was difficult to find pricing and feature set): [Read More]