Reputation: 1137
Identity Server auth without requesting user permission
Is there a way to configure a client so that it is trusted and not require users approval for access to their details?
I am building an Angular client app, and using Identity Server 3 for issuing tokens for access to the backend API, but because it should appear that you are logging into the same environment as the API you are accessing, I dont want the client to be prompted for the request for permission for this client app / resource pair. Currently I have something similar to this example: https://damienbod.com/2015/11/08/oauth2-implicit-flow-with-angular-and-asp-net-5-identity-server/
Is there a setting that bypasses the approval, or am I just using the incorrect flow?
I guess the example that I am looking at replicating is accessing the Auzure portal SPA. There you are redirected to login, then I am not prompted by Microsoft to give access to Microsoft account details.
Upvotes: 4
Views: 560
Answers (1)
Reputation: 5010
You are talking about Consent.
For that specific client's configuration set its RequireConsent property to false.
Upvotes: 8
Related Questions
- Send login details to Identity server via Angular 12
- Cannot get Username / given_name when using angular-oauth2-oidc and Identity Server 4
- Identity Server 4 responds with a 403 (forbidden) to Angular client on account/login
- Silent Authentication using Identity Server
- Authenticate Angular App Without User Credentials With OAuth and IdentityServer4
- IdentityServer role/permissions in AngularJS and WebAPI
- Angular4 OAuth2 IdentityServer4
- Identity server 4 and Angular app authenticate to achieve forever lasting session
- Identity Server 3 AngularJS with .Net Web API
- Identity server claims asp.net API