1

I have a scenario and trying to implement SSO here but not sure if it's possible.

  1. Users enter username/password still in my native app inboxes.
  2. My Authentication proxy receives the username and password, and then forward to the 3rd party IdP(ADFS, AAD, etc), and get back profiles via SAML tokens.
  3. My server creates profiles in my databases and logs the user in.

Not sure if any middleware is able to do that? like IdentifyServer4, simpleSAMLphp, etc. Any comments would be highly appreciated! Thanks in advance!

Zhigong Liu
  • 11
  • 2

1 Answers1

1

The problem that you have is that IDP generally provide the login screens.

You mention SAML tokens.

Are you planning to use SAML? In that case, your proxy needs to handle browser redirects.

Native clients normally use OpenID Connect. This provides a JWT token.

rbrayb
  • 46,440
  • 34
  • 114
  • 174
  • Thank you very much for your reply! Yes, I am going to use SAML 2.0. do you know any open source middleware could do that or any recommendations on the native client development since I have to face various kinds of IdP. Thanks again! – Zhigong Liu Aug 14 '18 at 03:53