Identityserver4: Automatic login if IdP is known?

Created on 7 Nov 2016  路  6Comments  路  Source: IdentityServer/IdentityServer4

Hello, I've been able to get IdentityServer4 to meet all of my needs so far. I've been looking for one specific set of functionality, which it looks like is supported based upon the following code, which is say that I can make logins automatically bounce to the "ExternalLogin" action if the IdP is known:

var context = await _interaction.GetAuthorizationContextAsync(returnUrl);

        `if (context?.IdP != null)
        {
            // if IdP is passed, then bypass showing the login screen
            return ExternalLogin(context.IdP, returnUrl);
        }`

I currently have my external logins working for OpenID Connect over Azure AD, but I'm not quite sure of how to inject the IdP into the request from the client which consumes IdentityServer4 (I assume this is normally automatic). Is there a sample showing how to do this?

question
Source
picture zoeysaurusrex
👍1

Most helpful comment

above solution link does not exists. Pleas help.

picture amit-sonora on 1 Feb 2019
👍2

All 6 comments

you can set the desired idp name on the acr_values parameter.

http://docs.identityserver.io/en/release/endpoints/authorize.html

leastprivilege picture leastprivilege on 7 Nov 2016
👍1

So close! Thanks a ton @leastprivilege

zoeysaurusrex picture zoeysaurusrex on 7 Nov 2016

above solution link does not exists. Pleas help.

amit-sonora picture amit-sonora on 1 Feb 2019
👍2

http://docs.identityserver.io/en/latest/endpoints/authorize.html

florentQ picture florentQ on 6 May 2019

hey @zoeysaurusrex ,
I know it's been years since you worked on this ;)
But did you solve it by putting your code in CustomAuthorizeInteractionResponseGenerator and checking IDP in:

public async override Task<InteractionResponse> ProcessInteractionAsync(ValidatedAuthorizeRequest request, ConsentResponse consent = null)

?

I've been trying to figure out how to skip login page and take users directly to IDP.
sample scenario is:

  1. client app knows the user wants google
  2. send authorize request with acr_values=idp:Google
  3. create AuthorizationContext in custom AuthorizeInteractionResponseGenerator
  4. check for idp == Google
  5. return a redirect to the external login
karpikpl picture karpikpl on 25 Jul 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

lock[bot] picture lock[bot] on 11 Jan 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

user1336 picture user1336  路  3Comments
wangkanai picture wangkanai  路  3Comments
krgm03 picture krgm03  路  3Comments
Aravind1729 picture Aravind1729  路  3Comments
nukec picture nukec  路  3Comments