How can I verify a Google authentication API access token?

How can I verify a Google authentication access token? I need to somehow query Google and ask: Is [given access token] valid for the [[email protected]] Google account? Short version: It's clear...

how to integrate fFacebook login with your website?

I made some research and i can't seem to completely understand how to integrate Facebook login with your website. I'm trying to do this for an old fashioned PHP shop that, up till now, doesn't use...

How to set Claims from ASP.Net OpenID Connect OWIN components?

I have questions upon using the new ASP.Net OpenID Connect framework while adding new Claims during the authentication pipeline as shown in the code below. I'm not sure just how much 'magic' is...

Does Azure Active Directory have an OAuth/OpenID Connect token introspection endpoint?

Does Azure Active Directory have an introspection endpoint (as defined in RFC7662) for verifying OpenID Connect (or OAuth) access tokens?

keycloak - CODE_TO_TOKEN_ERROR after user is authenticated

I am working with the nodeJS keycloak adapter and so far have my client application redirecting to the keycloak login. When attempting to login, I get an error in the keycloak logs as...

Redirect URI sent as HTTP and not HTTPS in app running HTTPS

I have an Asp .net core MVC app. Which connects to an Identity Server 4 for authentication. Hosted in a docker swarm MVC app is hosted on...

How to use Keycloak with Flask REST API Service

I am trying to implement the Keycloak to my Flask Rest Service but it always gives below error. {"error": "invalid_token", "error_description": "Token required but invalid"} client_secrets.json ...

Keycloak CORS issue associated with login redirect

Similar questions here and here have not helped me resolve the problem. I am using Keycloak 4.4.0 to secure my REST service, which is implemented using Spring Boot and I am using React for the...

How to check the claim name amr with Google openid?

I want to check the claim name amr when a user use google openid. I can't see it in the JWT token. Does this claim is available?

MS Identity Azure app registered but sends unauthorized_client in implicit flow

I have registered an app in Azure for Microsoft Identity platform. I configured it to allow MS Accounts (e.g. outlook.com) and have basically done everything in a few of the quickstarts online...

KeyCloak User Credentials Encryption

I am using KeyCloak to automatically import the users included to an existing LDAP. Right now, I need to know how do the KeyCloak communicate to the LDAP. Specifically how do the KeyCloak pass the...

Issuer in access token from azure active directory is https://sts.windows.net when I'm expecting https://login.microsoftonline.com

I'm trying to validate an access token obtained from azure active directory. I obtained the token from https://login.microsoftonline.com/%7B%7Bmy tennant guid}}/v2.0 The issuer in the token that...

Token not authenticating with OpenIdDict/Connect

I am currently working on converting an existing application consisting of an Angular 9 frontend talking to Asp.Net MVC/Web API/Identity backend. I am converting the .Net to .Net Core 2.2. The...

How to access custom claim in aspnet core application authorized using Identity Server

I'm following Identity Server quickstart template, and trying to setup the following Identity server aspnet core app Mvc client, that authenticates to is4 and also calls webapi client which is a...

Microsoft Graph 502 Bad Gateway - Failed to execute backend request when creating a private channel (beta API)

I'm trying to create a private channel in a Team using the Microsoft Graph API. I'm using the beta API because the membershipType (to make the channel private) is not available in the 1.0 API. My...

ASP.NET Core Identity SPA with React

I am confused and a bit lost about using ASP.NET Core Identity with a React SPA. I have read Microsoft documentation about ASP.NET Core Identity several times, mostly focusing on the Identity with...

Google Cloud Container Registry/Artifact Registry Permissions

I'm trying to push containers to the Google Cloud Container Registry or the Google Cloud Artifact Registry on Windows 10 using the Google Cloud SDK. I'm getting a similar permissions error from...

What's the difference between User.Read vs OpenID/Profile/Email Permissions in AzureAD App Registration for an app that will sign in users?

When creating multi-tenant apps that will use Azure AD Authentication to sign users in, various samples on GitHub seem to suggest that the App Registration should include the following permissions...

Using apache-airflow-providers-snowflake on airflow (no module named Snowflake)

I have installed package apache-airflow-providers-snowflake on airflow on docker and i am getting error No module named Snowflake Please refer attachment (check the error mentioned for the...

Django-OIDC with keycloak - OIDC callback state not found in session oidc_states

I am trying to implement Keycloak SSO with Django API using OIDC. Getting below error message after requesting the call to Keyclock as a response SuspiciousOperation at /^oidc/callback/ OIDC...

Can I use Authorization Code with PKCE Flow for mobile app?

I know that OAuth 2.0 Authorization Code with PKCE Flow is the best practice of OAuth. We plan to use it for our WEB application. But I don't understand how can I use this flow for native UX my...

TypeError: "issuerBaseURL" must be a valid uri

vue app will not load it keeps complaining about issuerBaseURL" must be a valid uri no matter what changes I am following this tutorial...

Getting error using Google cloud client libraries for Go: unknown credential type: "impersonated_service_account"?

I am working with Google Cloud in Go and following this article by John Hanley: https://www.jhanley.com/google-cloud-improving-security-with-impersonation/ and mashed it with this SO...

Auth0 with Electron working in development but not when packaged

Im using Auth0 in an electron app to manage a log-in system. I referenced this tutorial here: https://auth0.com/blog/securing-electron-applications-with-openid-connect-and-oauth-2/ to get started...

How can I calculate the thumbprint of an OpenID Connect server?

When creating an OpenID Connect Provider (for e.g. AWS), I need to specify a thumbprint for the connector. What is it, and how do I get it? E.g. from...

NIFI CLUSTER AND ZOOKEEPER CLUSTER

I want to configure a NIFI Cluster with external TLS zookeeper cluster (deployed in a kubernetes cluster). All is ok (quorum, zookeeper tls...) but when I set the zookeeper connection string to...

Self signed certificate in certificate chain issue using Azure CLI on Windows

I have some trouble configuring my Windows to work with az command line tools. I have tested multiple configuration. One on locally installed system and one with windows based docker container. I...

React msal-browser not working after deploy on App Service

I created react app integrated with Azure AD B2C using "msal-browser" and "msal-react". If user is not logged in, app redirect to AD authorization, if user logged in, app let user to use entire...

npm ERESOLVE unable to resolve dependency tree NestJs Passport

I have following package.json { "dependencies": { "@elastic/elasticsearch": "^7.16.0", "@nestjs/common": "^8.2.4", "@nestjs/config": "^1.1.5", "@nestjs/core": "^8.2.4", ...

OpenIDConnect provider's HTTPS certificate doesn't match configured thumbprint

- name: Configure AWS credentials uses: aws-actions/[email protected] with: role-to-assume: ${{secrets.ARN_GITHUB_ACTIONS_ROLE_UAT}} aws-region:...