All Questions
33
questions
1
vote
0
answers
32
views
How to add ForceAuthn flag on AWS cognito
I'm using AWS cognito as SP while using SAML with other Idps. I want for specific customer to use ForceAuthn to enforce login in every authentication. How can I do that with AWS cognito?
And could it ...
0
votes
0
answers
29
views
SSO: SP-initiated login to another Service Provider
I have a scenario where the client has an SP that authenticates against an IdP. This is working today. They want to add a button that, when clicked, will open a new tab and send the user to a 3rd ...
1
vote
1
answer
263
views
AWS Cognito SSO multiple iDPs
Here's the scenario (using AWS Cognito via AWS Amplify):
Our company (ExampleCorp) is building a web application where its users will authenticate via it's own internal Active Directory (SSO).
There ...
1
vote
1
answer
514
views
Is SAML authenticated without redirect
We have an application where most users will be logged into SSO and the few that aren't should be presented with a custom login screen to choose a method. The flow we would like:
If logged into SSO ...
0
votes
2
answers
434
views
Cognito + IDP SAML refreshing token by idp
I have configured my AWS Cognito with IDP (Office 365) via SAML.
In my application I'm using aws-amplify library in order to sign in user using SSO:
Auth.federatedSignIn({customProvider :'providerName'...
2
votes
0
answers
1k
views
Keycloak IDP forwarded auth does not redirect to front-channel logout URL
Situation
For my web application, I have set up a keycloak (v18.0.0) realm with an external SAML IDP.
After successfully logging in, the application is using its own cookies (I can't change this since ...
0
votes
1
answer
129
views
SSO - Multple SP with only one IdP (ADFS)
I have two service providers set up with one IdP and users are required to be authenticated twice to access both services at the same time. From my point of view, this is not "SSO" and I am ...
1
vote
2
answers
2k
views
Correct interpretation of SAML ForceAuthn parameter
The SAML standard defines the ForceAuthn attribute of <AuthnRequest> as follows:
A Boolean value. If "true", the identity provider MUST authenticate
the presenter directly rather than ...
0
votes
1
answer
465
views
SAML SSO Unsure how a user gets to the protected SP page for IDP initiated SAML
I currently maintain an in-house SAML IDP written utilising LightSaml. This has served the company well for the last 2 years working with SP initiated SSO. I have recently been tasked with ...
-1
votes
1
answer
353
views
SAML SSO integration for third party app inside asp.net mvc web application
We have an existing SAAS asp.net MVC web application hosted in-premise
and using custom forms authentication for user credentials, means users credentials are stored in our sql database. Now we
plan ...
2
votes
2
answers
5k
views
AADSTS75011 Authentication method by which the user authenticated with the service doesn't match requested authentication method AuthnContextClassRef
https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/error-code-aadsts75011-auth-method-mismatch#cause
The SSO works from Chrome and doesn't work from Edge.
Can someone dumb down the ...
0
votes
1
answer
565
views
When to re-authenticate with the IdP?
I'm in a situation where my application (SP) need to authenticate a user through SAML using an IdP (SP-Initiated SSO).
Once my user is authenticated the first time he access the application, when ...
1
vote
2
answers
766
views
How to integrate SSO with a university? [closed]
I have a django website and I'd like to allow students from a few universities to login to it using their university credentials.
I understand that I need to register with each of these universities ...
0
votes
1
answer
253
views
TAI for MS Azure with Websphere Application Server setup for Idp initiated flow not working
I am trying to setup saml sso configuration for my application which is deployed in websphere.
Idp- Azure AD
SP - Websphere application server when my target application deployed
Done TAI ...
1
vote
1
answer
346
views
Setting up SAML for Rocker.Chat (SP) with GSuite (IDP)
I have an instance of Rocket.chat running on an Ubuntu server, and I am trying to configure SAML on Rocket.chat (SP) and GSuite (IDP) so that I can enable login to Rocket.chat with GSuite identities.
...