Using SSO login from Microsoft in web panels
Hello!
When I use a SSO login.microsoft.com I get an error saying "....
All Replies (5)
I have seen other software using a pop-out strategy for this, so show a page with a 'click here to authenticate' button, which opens a new pop-up window outside the iframe, does the authentication (and sets the auth/session cookie). After that closes the pop-up window again and reloads the orginating page with in the iframe. (where you are authenticated now)
Hi Martin,
are you talking about a webpanel inside SuperOffice which gives this error? So the user is basically allready authenticated, but want to authenticate your own webpanel against SuperOffice as well, and SuperOffice decides to redirect you to Microsoft? If so then you should look into third-party cookies and SameSite setting.
Your webpanel should be able to redirect to SuperOffice login, and the SuperOffice login site should understand that you are allready authenticated and not redirect you to Microsoft.
Is that your scenario?
@Frode, but do we in any way have control over what SuperOffice does when redirecting to the SSO login page or not, or has SuperOffice only one strategic and just calls the whole list, and ends by redirecting to your web-app?
Neither Microsoft/Google allow SSO auth inside an iframe. Using a javascript library that opens a popup, as David stated, is the most common solution. I hoped we could provide such a library/solution, but haven't the resources. A potential community project would be nice?
An alternative is to open the authentication process in a new browser tab and perform the authentication there, then somehow (websockets?) refresh the web panel.
Best regards.