I would like to use Azure AD B2C as the only Sign-in mechanism for the APIM Dev Portal. Currently that works by showing a "Login with AAD B2C" button, and the user has to click that button to sign in.
This is fine but not ideal, I would like the login page to automatically redirect to B2C for login without showing the "Login with AAD B2C" button at all. This way, users who have already signed-in in B2C will also be automatically logged in to APIM Dev Portal.
Another way to achieve this could be to "trigger/simulate the Button click" automatically once the user goes to the login page. Essentially, we don't want our users to see that button, or have to click it.
Is this possible at all?
Related
I have this website where Bank users register using API and then Bank can use our SSO login API to log their users directly from Bank's mobile App or website. Now the Bank wants to log into our website via Banno's OAuth. Such that users log into Banno via Bank and then login directly into our website.
How can this be achieved? How will banno know which user to login? How to make it without having users to come into our website and fill user's login details? Can anyone help?
It sounds like your scenario is looking for Banno to be the 'Identity Provider' which is supported by our OAuth + OpenID Connection implementation in our Authentication Framework.
It'll be a good idea to take a look at the Consumer API OpenID Connect Example for inspiration.
When you run that example project, you can navigate in your web browser to https://localhost:8080/login.html. That'll show a page with a "Sign in with Banno" button. The page is meant to be a generic representation of what a non-Jack Henry web page would be.
Imagine that the button was formatted to say "Sign in with [Financial-Institution-name-goes-here]", it would be the same concept.
When you click the "Sign in with Banno" button, you'll be redirected to the Garden demo institution. This happens because the example project is configured to begin the authorization flow and use Garden.
If you're not signed in as your user in Garden, you'll be prompted to sign in.
It's worth noting that the username + password are never shared back to the example project...the user is logging into their (Banno-powered) financial institution.
After signing in (and accepting the permissions which have been requested), your web browser will be redirected to https://localhost:8080/me which finishes the authentication flow.
That page then displays the Identity Token for your convenience as a developer.
The content of the Identity Token is usable to cross-reference the user to your existing system and/or to prefill out registration forms.
Hope this helps!
I have deleted the username and password default identity provider from my APIM instance and also disabled the signup. Instead I have configured Azure AD as identity provider. Despite this the developer portal makes it possible to sign in both with username/password and azure ad, and it's possible to sign up.
Overview page:
Identities page:
Setting:
Signup settings:
According to some test in my side, it seems the username/password sign in will not be removed even if delete "Username and password" in "Identities" tab. But you can delete the widget directly, do it like below screenshot show:
You can also delete the widget "For your password".
Then click "Save changes" and click "Publish website".
After that, close the developer portal window and re-open it again, and copy the url to another inprivate window. Click "sign in", the page will not show username/password sign in box.
I'm having some issues authenticating my Instagram account and "approving" the right so that the application can use the images from my corporate Instagram account.
Using this documentation to follow our guide: https://developers.facebook.com/docs/instagram-api/getting-started
Here is what I have completed:
An Instagram Business Account or Instagram Creator Account
This has been completed and the Instagram account is a business account
A Facebook Page connected to that account
This has been completed and linked to the Instagram account (Both the Instagram account and the Facebook page are in our Business Manager panel)
A Facebook Developer account that can perform Tasks on that Page
Using my account with all the permissions granted such as (Owner, developer, etc..)
A registered Facebook App with Basic settings configured:
All the details have been completed and signed
Business Verification/Supplemental Terms
My Approved Permissions and Features:
Approvals
The Facebook Login button is displayed inside our WordPress settings panel:
Login Button
Problem:
When I click on the Facebook login button, I only get authenticated to provide my "email address", but instead I need the permissions for Instagram_basic, manage_pages that we're approved.
Only email is being asked
Code: In the code, I have the instagram_basic and manage_pages scopes defined.
<fb:login-button scope="public_profile,email,instagram_basic,manage_pages" onlogin="checkLoginState();"></fb:login-button>
Does anyone know what I might be doing wrong?
Had the same, just click continue and there will be another windows which asks you to confirm the access to instagram and the pages you want the app to have access to.
I integrated my application with the chatbase, but I would like my clients to have direct access to their email directly, as if it were a single step.
When I click a button in my application, it is directed to the logged-in chatbase screen.
Today I can only get it to the login screen, where it is still necessary to put the password to go to the dashboard, not logging directly into the application.
Is this possible? if yes, is there any kind of quickstart?
I followed the tutorial below to get to the login area, remembering that I use node.js
https://scotch.io/tutorials/easy-node-authentication-google
Thank you for your interest in Chatbase. There is currently no support for OAuth logins. Please see our recommended steps for third party integrations below:
Have the user open a Chatbase account with a Google linked email address
Have the user create a Bot in order to obtain the API key
Have the user integrate their analytics on your platform by providing the API key
Send the messages from their bot to their Chatbase API
Provide the user deeplinks to the Chatbase reports from within your UI
I have create script backed by a Google Spreadsheet in Google Drive and published it as a web app, setting "Execute the app as: me" and "Who has access to the app: Anyone, even anonymous". The main page serves html content from the spreadsheet.
The basic functionalities are: a "random internet user" is able to see some informations, while an user logged with his Google Account is able to submit information as well.
The issues is - if I set the permission to "anyone" people are first redirected to the standard google login page, and once logged in have to accept the script permissions. Once that's done, navigating to the web app will give the "logged in user" version as long as you are logged in with your google account.
However - if the web app is set to allow "anonymous users" there doesn't seem to be any (at least obvious way) to allow anonymous users to login and accept the app permissions.
What I have tried until now:
a link to the url google redirects me to if I am not logged on if the web app require the user to be logged in. That works, but I feel it is not the right way and also, once logged in, there is no way to logout or to switch account; it seems that once you are logged in, you are logged in forever
to use https://developers.google.com/apps-script/reference/script/authorization-info#getAuthorizationUrl() to get the auth url - but I don't know how to use the url it returns (navigating the user to that page in the web app frame on the top frame both result in a blank page)
How can I get a login (and possibly a switch login) url to allow anonymous users to login in my web app?
Created sample code for 2 .gs web app projects:
one - no auth, runs as owner, anonymous can access
two - needs auth, runs as user, anyone can access
...as I have no idea what your "I got it to work redirecting the user to the URL" statement looks like in code.
The 1st file has a button with a click listener to act as the login button, but it's just calling for a window.top.location.href change.
The 2nd app is using ScriptApp.invalidateAuth(); to log users out after being called from a client-side button click.
Demo - 1st web app url
I'd still vote to just offer a 2nd web app as a link that pops open in a new window though and as I note in the comment, the setup above forces users to re-authorize each time and after the signout.