I have read IdentityServer documents and see that aims to manage resporce authorizaiton. And I want to learn that can I use this for my enterprise Api? For example I have Finance and IT department controllers in my API. Should I create 2 scopes for them? If I do, after the login screen will show permissions screen. Check or Uncheck Finanace and IT checkboxes. Can I hide these scopes from user?
IdentityServer usage with enterprise applications
153 Views Asked by barteloma At
1
There are 1 best solutions below
Related Questions in IDENTITYSERVER3
- Can we use/upgrade Duende Identity server for the .NET Framework applications (4.8/4.7 or below)?
- how to check Is2faEnabled in identity server while using connect/token for mobile login?
- Adding user to administrators group does not get read access to certificate
- Cookies are removed on page refresh (AngularJS)
- identity server auto-logout when user idle - not working
- Im getting an error on Google Login on Identity server
- PostAuthenticateAsync in Duende IdentityServer6
- Can Duende IdentityServer v6 be used in a .Net Framework Application?
- Identity Server - Multiple users with different access levels on different accounts
- Connecting .net 6 application with Identity Server 3
- How to migrate from IdentityServer3 to Duende IdentityServer6?
- Identity server 3 Windows authentication not working with current user
- iframe session issue in OIDC client
- IdentityServer 3 returns invalid_client when trying to authenticate with Blazor
- Use both Windows Authentication and Login forms in Same Identity as a service(IDaaS)
Related Questions in IDENTITYSERVER4
- Minimizing IdentityServer4 Round Trips in Microservice Architecture with Ocelot
- Problem with SSL Certificate when the .Net App calls itself in the docker container
- Login with twitter using identity server is not working when using openidconnect
- Call Databricks Api from IdentityServer4 client
- IdentityServer4 "Unknown location" when redirecting to client
- IdentityServer 4 - idsrv and idsrv.session cookies blocked on signin-oidc call
- Getting "A fatal error occurred while creating a TLS client credential. The internal error state is 10011" running IdentityServer4 in Production mode
- How to override application scopes with rolebased scopes from access token in identity server 4?
- NullInjectorError: No provider for PublicClientApplication! MSAL
- How can I get the access token from IdentityServer4 for an external login user which does not even have a password?
- Identity server redirection not working after token expired and getting 302 found
- Identity Server: Refresh Token for the currently Authenticated User
- Angular and ASP.NET OWIN with Azure AD
- How to generate Access Token or Authorization Code without user password in ABP Framework?
- How to NodeApi Authenticate and authorization using identity server 4
Related Questions in IDENTITYSERVER2
- Migrating from IdentityServer 2.4.0 -> IdentityServer4 4.1.2
- IdentityServer4 SSL problem, I can't make HTTPS request
- travelocity example wso2
- .net Core Authenticate with only WS-Fed
- Issues with x509 certificate and identityserver v2
- Getting a Token from Identity Server 3
- How to add custom OAuth approval page to 'Spring Boot OAuth2 Identity Server'
- DotNetOpenAuth VS IdentityServer3
- PhantomJSDriver is not auto-redirecting to a URL
- IdentityServer usage with enterprise applications
- IdentityServer3 ResourceOwner Angular request returns 400 Bad request
- AD FS 3.0 with Thinktecture Identityserver 2 as claims provider: Event 197 and 364
- WS-Trust MEX endpoint in IdentityServer 2 returns HTTP 400 for GET requests
- OWIN / IdentityServer login stuck in endless loop
- IdenityServer in an enterprise environment - Resolve user information across multiple databases
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Scopes model resources, and then you can configure clients to be allowed to request access to those resources. So one reason you break APIs into different scopes is so you can configure which clients can access which APIs. So if you don't want your Finance apps to access the IT APIs, then yes, sounds like those would be two different scopes.
As for showing consent to the user, you can disable the entire consent screen per-client in the Client configuration. This makes sense when it's your client app accessing your APIs on behalf of your users (IOW everything is first-party).