Setting up Single Sign-on Provider (Part I)
Learn to set up a single sign-on provider.
We'll cover the following...
- Overview
- Overview of OpenID Connect and OAuth
- Setting up IdentityServer4
- Step 1: Download IdentityServer4
- Step 2: Instantiate a project
- Step 3: Add project to the solution
- Step 4: Custom code modification
- Step 5: Add the GetProfileDataAsync method
- Step 6: Add the IsActiveAsync method
- Step 7: Register the class
- Step 8: Overwrite the original implementation
- Step 9: Add the HTTPS URL
Overview
SSO is a system where different applications can reuse the same authentication data. Usually, a single application within this system will manage user login information. We will refer to such an application as an SSO provider. This application will generate authentication data that can then be used by other applications and shared between them. So, if we log in to one system application, we automatically log in to them all.
There are many different SSO providers—Keycloak, Okta, Microsoft Azure Active Directory, etc. Major tech companies use their own SSO providers. This allows us to log on to a website we’ve never used before by using our Google or Facebook credentials.
The compatibility of apps with different SSO providers was made possible by the standardization of authentication protocols. More often than not, those systems would be using a combination of OpenID Connect and OAuth. Let’s briefly have a look at what those are.
Overview of OpenID Connect and OAuth
OpenID Connect is a protocol designed explicitly for authentication, while OAuth is an authorization protocol. This is how these two protocols can be used in combination: OpenID Connect defines the login process. OAuth determines the structure of the authentication token that will allow the system to easily tell if the user has all the required permissions to access a particular resource. ...