Reputation: 1322
Automatic redirect of unauthenticated users
I have a site which uses OpenID Connect OWIN middleware to authenticate users from an Azure Active Directory tenant. Is it possible to redirect an unauthenticated user to the Azure AD login page automatically, without them having to first hit a protected endpoint or click a sign in button?
Upvotes: 2
Views: 394
Answers (1)
Reputation: 3551
With skipping Home Realm discovery this will work, sending all users to a single AD. If ADFS is configured correctly and the user is signed in onto the domain, true Single Sign On is performed, otherwise the company login page is displayed.
If you have a mixed set of users(different AD domains), all users will be sent to the same AD login page.
From Vittorio's post: http://www.cloudidentity.com/blog/2014/11/17/skipping-the-home-realm-discovery-page-in-azure-ad/
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = postLogoutRedirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
RedirectToIdentityProvider = (context) =>
{
context.ProtocolMessage.DomainHint = "mydomain.com";
return Task.FromResult(0);
},
}
});
Upvotes: 2
Related Questions
- Get the user's email address from Azure AD via OpenID Connect
- Post_Logout_Redirect_Uri does not redirect when authenticating using azure
- Microsoft OpenID Connect: send the sign-in request issue doesn't require users to enter password
- Is Cookie middleware required to glue OAuth2 and OpenIdConnect?
- How to call Azure AD Graph API in case of web application that uses WS-Federation to sign-in users from a single Azure Active Directory tenant
- Web API 401 Redirect Azure Active Directory OpenIdConnect
- OpenIdConnect error - Tenant identifiers may not be an empty GUID
- Single Sign On With Azure AD with two URLs
- CookieAuthenticationOptions.LoginPath value not used when also using app.UseOpenIdConnectAuthentication