ComponentSpace

Forums



IdP Initiated SSO to Angular App


IdP Initiated SSO to Angular App

Author
Message
mr.a.gopinath@gmail.com
mr.a.gopinath@gmail.com
New Member
New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)

Group: Forum Members
Posts: 4, Visits: 19
Currently, we are using your .Net 4.5 components to implement IdP initiated SSO to our application roughly as in below architecture.



Now the target environment (Company - 2) is changing to Angular + Web API.
1. What is the equivalent for ComponentSpace SAML in Angular?
2. How to configure an Angular app to receive SSO?
3. How to read SSO attributes from a request in Angular?
4. How to amend multi-tenant SSO support in Angular?




ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)

Group: Administrators
Posts: 2.4K, Visits: 6.6K
We have an example ASP.NET Core application (ExampleWebApi) that acts as the service provider and handles SAML SSO on behalf of an Angular app.

This is documented in our Examples Guide.

https://www.componentspace.com/Forums/8236/Examples-Guide

Once SSO completes, the ASP.NET Core application returns a JWT to the Angular app so it can make authorized web API calls.

The JWT can include claims retrieved from the SAML assertion.



Regards
ComponentSpace Development
mr.a.gopinath@gmail.com
mr.a.gopinath@gmail.com
New Member
New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)

Group: Forum Members
Posts: 4, Visits: 19

I checked it, but the problem is I want my Angular App to act as service provider & receive SSO & parse the request. When an identity user clicks on "Login to Angular App" SSO request send to Angular App URL. How can I redirect this SSO request to Web API without affecting any request parameters?
Moreover, Web API call might need to be Ajax because we don't want to explore our API URL to end-user by browser redirect for security reasons.

Other Criteria:
Let's consider, there is no Web API & Angular connecting directly to any NoSQL Db like Firebase.
Is there any possibility to validate & extract parameters from SSO request received on Angular App by intercepting it?

Thanks.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)

Group: Administrators
Posts: 2.4K, Visits: 6.6K
It sounds like you're after a library to add the SAML support directly into your Angular application. We don't have an Angular library and we don't have any experience with 3rd party libraries so I can't make any recommendations.

Regards
ComponentSpace Development
mr.a.gopinath@gmail.com
mr.a.gopinath@gmail.com
New Member
New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)

Group: Forum Members
Posts: 4, Visits: 19

Thanks for the clarification.
If Component Space SAML is my only strict choice & it supports only .Net platform, how about having a ".Net SSO service provider" as middleware to receive SSO, authenticate user & redirect them to Angular App with a token which it can use to identify user session?
Suggest does the below architecture work?



ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)

Group: Administrators
Posts: 2.4K, Visits: 6.6K
Yes, that type of flow, where the ASP.NET Core application handles SAML SSO and there's redirects etc between the ASP.NET Core application and the Angular application, will work.

The ExampleWebApi and Angular apps that we ship and that are documented in the Examples Guide do something similar. The ExampleWebApi handles the SAML SSO. Once SSO completes, it returns a JWT to the Angular app which is then sent when making web API calls. However, you can use whatever token type you wish to return to the Angular app.




Regards
ComponentSpace Development
mr.a.gopinath@gmail.com
mr.a.gopinath@gmail.com
New Member
New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)New Member (12 reputation)

Group: Forum Members
Posts: 4, Visits: 19

Thanks for the clarifications.

I will try it.

Regards
Gopinath
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)ComponentSpace Development (3.4K reputation)

Group: Administrators
Posts: 2.4K, Visits: 6.6K
You're welcome.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....









Forums, Documentation & Knowledge Base - ComponentSpace


Search