User callback from ABP.IO Identity will be identify with GUID and not with orginal user (ex email, user) so we need to duplicate user on ANZ db. Is it possibile to merge or reconcile it with existing user?
Sorry, I don't follow. ABP application (IdentityServer) is an OpenId Provider, which contains the User Store that you authenticate your ANZ application users against. To explain it better; put Google (or Microsoft/Facebook/Twitter etc) instead of ABP application. You only use google login for your ANZ users. If the user is signing in the first time and doesn't exist in your ANZ application, the user is created in your ANZ application with Login provider, without any password. That's why it is an external login. You (ANZ application) don't have user's google (ABP application in your case) password. You only care if the user is authenticated against the external provider.
On ANZ login user must do a click on OpenId but the best option could be direct redirection to ABP.IO Identity. Is it possibile?
The easiest way is to customize the login page and instantly trigger OpenId provider click. For more info, you can check this article.
Thanks but it's not the identityserver that's not starting now. It's another service. We will deal with getting identityserver a certificate later
The error you have shared is from AuthServer.
You can also check AuthServer deployment on Kubernetes guide to check if it is working for you.
@ronaksbhavsar,
I am sorry, I have no experience or expertise in the problem you are having in your production environment.
Seems @chris.tune also had the same problem and he resolved it after upgrading to v5.1.3.
I would suggest trying to same by taking migration guides into consideration
AuthServer PreConfiguration for X509 certificate is for signing the tokens, not SSL communication between services.
You can check here for more information.
See [answer #2283](https://support.abp.io/QA/Questions/2283/Logging-out-of-External-Provider-Azure-AD-OpenId-Connect#answer-81067dd9-c1b7-b783-cbc0-3a00da3ddd36).
Yout template version?
Hi,
i know eshopOnAbp.. the question is if there is a reason, why the abp cli doesn't support the - db mongodb parameter with the microservice template ?
Hi @hakan.uskaner,
We thought about that and decided to create a sample (in eShopOnAbp) about how to do it instead of adding it. Mainly because as an initial template, It would be an extra bunch of files confusing developers when they won't be using most likely.
However, generating templates with different db-providers is a bit more complicated process and we have it on backlog however we have not decided scheduled milestone for implementation.
Probably Redis is not running and Redis is a pre-requirement for tiered (separate identity-server) solutions.
You can check Why and when we must use (install) redis ?
We have reproduced this problem. As a workaround, you can set default api URL to productService in environment.ts when generating proxy like:
export const environment = {
...
apis: {
default: {
url: 'https://localhost:44361',
rootNamespace: 'MyMicroApp',
},
AbpAccountPublic: {
url: oAuthConfig.issuer,
rootNamespace: 'AbpAccountPublic',
},
ProductService: {
url: 'https://localhost:44325',
rootNamespace: 'MyMicroApp',
},
},
} as Environment;
Note: Don't forget to revert back to web-gateway.
I have refunded your question.
Thank you for your report.
[00:46:46 ERR] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'System.String'. ---> System.Net.Http.HttpRequestException: Connection refused (auth.fa.cn:80)
You application can not reach IdentityServer at auth.fa.cn:80. If you want to use cluster service names, you can set Public Origin. Please check IdentityServer deployment on Kubernetes guide.