Hi Nilasini, Thank you for the info I was able to get the user profile details once I pass the scope as openId profile with the generic OIDC Federation connector. So I will check the other multifactor authentication flows and update the threats.
Thanks, On Wed, Jan 16, 2019 at 1:14 AM Nilasini Thirunavukkarasu <[email protected]> wrote: > Hi Nirubikaa, > > Scope *openid* is not hardcoded in [1] hence could pass the scope as > *openid profile* through your identity provider configuration as below. > > [image: scope_configuration.png] > > [1] > https://github.com/wso2-extensions/identity-outbound-auth-oidc/blob/9ede5dd6b616a1d70e0609dfd45263771d750d32/components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java#L280 > > Thanks, > Nila. > > On Tue, Jan 15, 2019 at 1:14 PM Nirubikaa Ravikumar <[email protected]> > wrote: > >> Hi Farasath, >> I tried with our generic OIDC Federation connector. And through that I >> log in with trevelocity.com.It allows to authenticate but after login >> shows "you are logged in as auth0|5c0df06fe978c52e154f1d35", but I could >> not get information which is related to the authenticated user (user >> attributes). Hence I have debugged the code [1] & [2] and found that the >> scope was set to openid as a default one. But for Auth0 we need to >> provide scope as the openid profile to get the user information.Hence do >> we need to improve the generic OIDC federation connector or Do we need to >> have a separate authenticator for that?Highly appreciate your input on >> this. >> [1] >> [image: debug.png] >> >> [2] >> https://github.com/wso2-extensions/identity-outbound-auth-oidc/blob/9ede5dd6b616a1d70e0609dfd45263771d750d32/components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java#L263 >> >> Thanks, >> >> >> On Mon, Jan 7, 2019 at 3:47 PM Farasath Ahamed <[email protected]> >> wrote: >> >>> Hi Nirubikaa, >>> >>> Before we start implementing this connector can we try our generic OIDC >>> Federation connector[1] to talk to Auth0 and see if it works? >>> Ideally, if Auth0 is having a standard OIDC Endpoint then this should >>> work without any issues. >>> >>> [1] >>> https://docs.wso2.com/display/IS570/Configuring+OAuth2-OpenID+Connect >>> >>> On Mon, Jan 7, 2019 at 2:53 PM Nirubikaa Ravikumar <[email protected]> >>> wrote: >>> >>>> please find the image, >>>> >>>> On Mon, Jan 7, 2019 at 1:23 PM Nirubikaa Ravikumar <[email protected]> >>>> wrote: >>>> >>>>> Hi all, >>>>> I am planing to work on "Auth0 OpenID Connector ". Please find the >>>>> flow diagram below: >>>>> >>>>> >>>>> >>>>> >>>>> In the flow of OpenID Connect, >>>>> >>>>> User sends a request to service provider, then the request is >>>>> redirected to the WSO2 IS .Then the WSO2 IS requests to get authorization >>>>> code with client credentials, and Openid scope. Then the Auth0 >>>>> redirects to the request with Authorization code. >>>>> >>>>> Then WSO2 IS requests Access token, to that Auth0 responses with the >>>>> Access token, An ID token is issued from the token endpoint in addition to >>>>> an Access token. >>>>> >>>>> WSO2 IS requests to get user info, And Auth0 can retrieve user >>>>> information from the ID token or Access token. >>>>> >>>>> Thanks. >>>>> -- >>>>> R.Nirubikaa >>>>> Intern | WSO2 >>>>> M: O779108852 >>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> R.Nirubikaa >>>> Intern | WSO2 >>>> M: O779108852 >>>> >>>> >>>> >>> >>> >>> -- >>> Farasath Ahamed >>> Senior Software Engineer, WSO2 Inc.; http://wso2.com >>> Mobile: +94777603866 >>> Blog: blog.farazath.com >>> Twitter: @farazath619 <https://twitter.com/farazath619> >>> <http://wso2.com/signature> >>> >>> >>> >>> >> >> -- >> R.Nirubikaa >> Software Engineering Intern | WSO2 >> M: O779108852 >> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > Nilasini Thirunavukkarasu > Software Engineer - WSO2 > > Email : [email protected] > Mobile : +94775241823 > Web : http://wso2.com/ > > > <http://wso2.com/signature> > -- R.Nirubikaa Software Engineering Intern | WSO2 M: O779108852
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
