Open Closed

OpenIddict in ABP as a SAML Identity Provider #3547


User avatar
0
jeffbuot created
  • ABP Framework version: v6.0
  • UI type: Blazor
  • DB provider: EF Core / MongoDB
  • Tiered (MVC) or Identity Server Separated (Angular): yes

Since the update 6.0 has the IdS replaced with the OpenIddict, I've been thinking how can I use it as a SAML2 Identity Provider since a client required us to use the DUO Single Sign-On and we were about to use the ABP's identity provider as an identity source for DUO SSO. Found this issue that OpenIddict can't be integrated in a SAML2P env but that was 6 years ago and hoping it won't be a case today since OpenIddict has updates (fingers crossed). We are migrating our existing projects to OpenIddict since IdS will end it's open-source support this year. I'm wondering if there is a way we can get out from this dilemma.


6 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Though ASP.NET Core doesn't support SAML2P nor WS-Fed (yet),

    Is the net core support the SAML2P or WS-Fed now?

  • User Avatar
    0
    jeffbuot created

    Hi,

    It think it's not yet but trying to find way if we can use the SAML2P IdP of DUO SSO as external or other identity source. It's like users have to choose either they want to be authenticated from abp's default auth or authenticate externally to DUO SSO. Set openiddict as the main authentication, so I believe we need the openiddict to communicate with DUO saml assertions and trust the source for the client to access the api resource.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    so I believe we need the openiddict to communicate with DUO saml assertions and trust the source for the client to access the api resource.

    Hi

    This is not the scope of the framework. I refund your questions credits.

  • User Avatar
    0
    jeffbuot created

    Grateful if you can assist as commercial we need to implement support with the identify provider to use SMAL2 functionality for the likes of Cisco Duo & Azure etc if this not in scope for the old framework are we missing something? (Seeking your guidance) or is this something we can purchase as an enhancement with Abp for openiddict?

  • User Avatar
    0
    jeffbuot created

    https://support.abp.io/QA/Questions/3192/Does-ABP-support-multi-factor-authentication-eg-Duo-Google-Authenticator-OTP-etc

  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    You can open issue at OpenIdDict about it or keep using IdentityServer4 if it's working for you. This is not something we can implement.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11