Hi Ushani, As I understand you want to invoke services in the Identity server after SSO login. Please explain if not. If yes you can use same what we do in the identity server dashboard. We take the cookie from the header and use that cookie to invoke backend services.
Thanks Godwin On Tue, Nov 7, 2017 at 11:20 AM, Ushani Balasooriya <[email protected]> wrote: > Hi Malithi, > > Thanks for the response. But my concern is IDP can be any one like Wso2IS, > Salesforce, facebook etc. So for me to invoke I assume I should know the > client ID and secret of the relevant IDP right? Please correct me if I am > wrong. I just need to invoke the admin services using Basic Auth. > > Appreciate your response. > > Thanks, > > On Tue, Nov 7, 2017 at 11:12 AM, Malithi Edirisinghe <[email protected]> > wrote: > >> I think you can use SAML bearer grant here and use the access token to >> access APIs >> >> Thanks, >> Malithi >> >> On Tue, Nov 7, 2017 at 10:11 AM, Ushani Balasooriya <[email protected]> >> wrote: >> >>> Hi, >>> >>> Appreciate your response. >>> >>> Thanks, >>> >>> On Mon, Nov 6, 2017 at 2:04 PM, Ushani Balasooriya <[email protected]> >>> wrote: >>> >>>> Hi IAM team, >>>> >>>> As a part of my third party web application implementation to add users >>>> and roles I would like to try if the logged in admin user can perform the >>>> relevant activity within the app. >>>> >>>> In order to test Login in to the web app I will be using SAML Post >>>> binding and as well as the Redirect binding. >>>> >>>> When I use the Post binding, I can capture the user name and password >>>> and generate Basic authentication token retrieving it from the servlet >>>> request. >>>> >>>> My question is, >>>> >>>> 1. If I use redirect binding, since the IDP can be any application like >>>> wso2 IS or Facebook or salesforce etc *(a)* is it a valid use case to >>>> use the logged in user admin's credentials to generate auth token? >>>> >>>> *(b)* Or should I hard code one particular admin user's credentials or >>>> auth token which is configured as admin for the thirdparty web app to >>>> perform the relevant activities? >>>> >>>> 2. If *(a) *is valid, how can I retrieve it from the session. I can >>>> retrieve the username from the SAML2SSO session, but my question is how to >>>> retrieve the password to generate auth token? >>>> >>>> Appreciate your response. >>>> >>>> Thanks, >>>> -- >>>> *Ushani Balasooriya* >>>> Associate Technical Lead - EE; >>>> WSO2 Inc; http://www.wso2.com/. >>>> Mobile; +94772636796 >>>> >>>> >>> >>> >>> -- >>> *Ushani Balasooriya* >>> Associate Technical Lead - EE; >>> WSO2 Inc; http://www.wso2.com/. >>> Mobile; +94772636796 >>> >>> >> >> >> -- >> >> *Malithi Edirisinghe* >> Associate Technical Lead >> WSO2 Inc. >> >> Mobile : +94 (0) 718176807 >> [email protected] >> > > > > -- > *Ushani Balasooriya* > Associate Technical Lead - EE; > WSO2 Inc; http://www.wso2.com/. > Mobile; +94772636796 > > -- *Godwin Amila Shrimal* Associate Technical Lead WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: *+94772264165* linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ <https://www.linkedin.com/in/godwin-amila-2ba26844/>* twitter: https://twitter.com/godwinamila <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
