0

I have identity server and 2 asp mvc applications. I'm using openId Hybrid flow to authenticate. Each application has it's own client id. Both applications are not connected and both are using different user account to log in.

Is it possible to sign in to app A without having access to app B which is the case. Currently SSO kick in when I log in to one of the apps(either A or B).

Is it possible to disable SSO ?

piowtarn
  • 73
  • 1
  • 10

1 Answers1

0

I assume your requirement is to perform some sort of Role check before allowing the user to access MVC APP 2. This is possible in IdentityServer3 using extensibility point called ICustomTokenRequestValidator.

For further details refer to this discussion here. Also a similar SO question here

Community
  • 1
  • 1
Karthik
  • 3,075
  • 3
  • 31
  • 61