Learn More, Pay Less!
Limited Time Offer!

Activities of "portx-dev"

I have some additional questions about SSO (related ticket: https://abp.io/support/questions/8726/About-Oauth-login-settings ):

  • Does ABP support SSO via SAML on each tenant? If it is not supported, how should we proceed if we want to implement SAML SSO ourselves? Also, are there any plans to support SAML in the future?
  • In ABP's recommended best practices, what are the differences in use cases (best practices) between OAuth login and External logins (social login) on each tenant?


  • ABP Framework version: v 9.0.3
  • UI Type: Angular
  • Database System: EF Core (MySQL)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:

Hi, I have some additional questions. Should I create a new ticket for them, or is it fine to ask in this ticket?

  • Does ABP support SSO via SAML on each tenant? If it is not supported, how should we proceed if we want to implement SAML SSO ourselves? Also, are there any plans to support SAML in the future?
  • In ABP's recommended best practices, what are the differences in use cases (best practices) between OAuth login and External logins (social login) on each tenant?

Thank you for your reply. If each tenant could dynamically add, enable, and disable external providers via the UI without modifying the source code, that would be extremely helpful.

Once a new external login is added, different client id/client secret can be set for the host and tenant.

In our SaaS services built on ABP, each customer (company) uses one tenant. We have the following requirements for external providers:

-Customer A tenant wants to enable only Okta

-Customer B tenant wants to enable Google and Microsoft

-Customer C tenant does not want to enable any external providers

If we set up an external provider in the host tenant, the above requirements cannot be met, so we would like to be able to set it at the tenant level. If there is a way to do this, please let me know.

Hi, I see. When adding a new external login such as Okta, beyond the pre-installed options like Twitter, Google, and Microsoft, it seems necessary to modify the source code as described in this manual. Is my understanding correct? If so, I think this is not a good experience. Since external logins often need to be added based on customer needs, it would be preferable to dynamically add new external logins without modifying the source code.

Additionally, we would like to enable external login settings at the tenant level rather than at the host tenant level. Is there a way to achieve this?

very thx

In what version can it be implemented?

Issue When I look at it in Chrome, rsms.me is infinitely redirecting with 301.

Request 1. rsms.me is cached on disk. I want to attach a query string to rsms.me and delete the cache. Can we, the developers, attach a query string to rsms.me?

2. Instead of reading rsms.me, how about changing the method so that ABP downloads rsms.me?

@sumeyye.kurtulus

First, as a short-term solution, switch to an external CDN or move to self-hosting to prevent the problem from recurring in the production environment. For example, if you temporarily change to loading Inter via Google Fonts, at least the redirect problem via rsms.me will not occur. In parallel, it is a good idea to watch the latest information from the Inter font developer (official website, GitHub repository Issue github.com, etc.) and check what happened to rsms.me's CDN. If the official provider of inter.css has changed, update the reference URL according to the documentation. In the long term, it is preferable to design without excessive reliance on external font CDNs. If you host your fonts in-house, you will not be bothered by external factors such as this one. As described in d.rsms.me, Inter fonts are freely available, so there are no problems with the license. If you host them yourself, enable appropriate cache control and compression (gzip/Brotli) and pay attention to performance.

  • ABP Framework version: v8.3.3
  • UI Type: Angular
  • Database System: EF Core (MySQL)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

After logging in, the screen moves to a blank page with no content. I checked the network and there was an error ERR_TOO_MANY_REDIRECTS when downloading the file https://rsms.me/inter/inter.css This error has been occurring for about a week now I would like to know the cause and how to fix it

We are testing SSO with Okta using OpenID Connect as below:

  • Create an OIDC (OpenID Connect) application that link to the ABP tenant in Okta.
  • Create the necessary users and assign them to the above OIDC application.
  • Enter the client ID and client secret information of the above OIDC application in the OAuth login settings of the ABP tenant and enable OAuth login (pls refer to the attached file).
  • Log out.
  • Access to the ABP tenant login screen, the SSO option does not appear. Even when logging into the ABP tenant using a user assigned to the OIDC application, it logs in to the ABP tenant directly without going through Okta.
  • On the "External logins" screen, the external provider is not displayed, and when pressing the "New external login" button, the message "You have no external login provider to sign in" appears.

When OAuth login is enabled, we would like to achieve the following, but is there any additional configuration required?

  • Display the SSO option on the ABP tenant login screen.
  • If the above is not possible, automatically authenticate with the IdP (e.g., Okta) when OAuth login is enabled (such as displaying the IdP login screen and processing authentication).

-----------------------

  • ABP Framework version: v 9.0.3
  • UI Type: Angular
  • Database System: EF Core (MySQL)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:
Showing 1 to 10 of 154 entries
Made with ❤️ on ABP v9.2.0-preview. Updated on February 12, 2025, 05:21