- ABP Framework version: v7.2.0
- UI type: Blazor WASM
- DB provider: EF Core
Hi there,
I have an application built in with ABP.IO Blazor WASM framework and another application built with Blazor WASM PWA using native components. This third-party application has to access the method authenticated in the ABP.IO Web API. So far, it is working fine using the token generated by "connect/token", grant type "password" and adding the Tenant ID to the httpclient requests.
But, now the requirements have changed, and our customer wants to use Azure SAML (external login) for logging. In the ABP.IO it seems to be quite straightforward, just adding AddWsFederation method creates a button on the login page and it works ok. However, my other application also has to log in using Azure SAML.
So, how can I request the token if I don't have the username/password anymore? I think the answer is using the "Authentication Code" grant code. But, I'm not sure how it works properly and how can I identify the user and the tenant in this case.
The scenarios are:
- Existing users in ABP.IO main application accessing the third-party application for the first time, using Azure AD. In this case, it should just relate to the existing user.
- New users in ABP.IO main application accessing the third-party application for the first time, using Azure AD. In this case, it should create a new user, and then, relate to this new user.
Is there any example of how to implement that?
Kind regards, Leonardo Willrich
1 Answer(s)
-
0
Hi,
Yes, you need to use the Authentication Code Flow.
Configure the Oidc Authentication in the Blazor application:
It will redirect to the auth server to login.
