How can I integrate my authentication server with an existing authentication server that does not support OAuth2?
1 Answer(s)
-
0
If you asked me this, honestly, the first thing I would ask is:
"How does the existing authentication server actually work? Is there an API? Does it use session cookies? Maybe something like LDAP?"
Because depending on how it works, the way we integrate with ABP will be very different.
If it has an API, we could simply call it to validate users. If it works with session cookies, maybe we can just verify the session and log the user in. If it’s based on LDAP, then we can use LDAP external login provider. And if it only shares a database, it gets tricky — you would have to manually query and trust the user data, which is not ideal.
Also, keep in mind: OAuth2.0 and OpenID Connect are considered the industry standards for authentication and authorization today. If possible, aligning your authentication server with these standards would make future integrations much easier and more secure. See: https://developers.google.com/identity/openid-connect/openid-connect
In short: Without knowing the details, it’s impossible to pick the right integration path.
Let me know more about how it works, and I can suggest a better approach!
