I want to implement a custom authentication for Umbraco backoffice. I have installed UmbracoCms.IdentityExtensions and Microsoft.Owin.Security.OpenIdConnect packages. I was following the below thread:
However, I have an Identity Provider other than any social media or IdentityServer4. I need to follow "Authorization Code flow" or authentication. In which, I will redirect my users to Identity Provider, where they will enter their credentials. The Identity provider callback with a short lived authorization code. Once that is received, I need to make an HTTP request to Identity Provider again to get the claims.
I am not sure how this last part can be implemented, where I can extract the code and make another request to get the claims. Has anyone ever did such authentication flow? If Yes, can you guide me how you did that?
The redirecturi of your app, where authentication responses can be sent and received by your app. It must exactly match one of the redirecturis you registered in the portal, except it must be url encoded. For native & mobile apps, you should use the default value of https://login.microsoftonline.com/common/oauth2/nativeclient. https://yapp.kim/upsers/
Custom authentication flow for backoffice
I want to implement a custom authentication for Umbraco backoffice. I have installed UmbracoCms.IdentityExtensions and Microsoft.Owin.Security.OpenIdConnect packages. I was following the below thread:
https://yuriburger.net/2017/04/26/login-to-umbraco-backoffice-using-identityserver4/
However, I have an Identity Provider other than any social media or IdentityServer4. I need to follow "Authorization Code flow" or authentication. In which, I will redirect my users to Identity Provider, where they will enter their credentials. The Identity provider callback with a short lived authorization code. Once that is received, I need to make an HTTP request to Identity Provider again to get the claims.
I am not sure how this last part can be implemented, where I can extract the code and make another request to get the claims. Has anyone ever did such authentication flow? If Yes, can you guide me how you did that?
is working on a reply...