最近搜索


没有最近搜索

Alex Leventis's Avatar

Alex Leventis

已加入2024年2月07日

·

最后活动2024年2月07日

关注

0

关注者

0

活动总数

2

投票

0

订阅

1

活动概览

的最新活动 Alex Leventis

Alex Leventis 进行了评论,

评论Single sign-on

We are working through Enabling JWT single sign-on migration.

When a user is authenticated, they are successfully logged into the app via the "return_to" param which in our case is https://support.{domain}.com 

When we receive the /access/unauthenticated response, the browser auto-redirects back to our sign-on page. Which is essentially the same as clicking "sign-in", bringing the user back to our remote login URL. 

However, we have no way of knowing if the zendesk authentication failed upon rendering our sign-on page. 

Because we can only submit this POST request as form data, we cannot capture the returned url after the request is made.

As of now, this introduces a loop in our system. Here are network details

4. Auto fetch: https://bitly.com/jwt/authorize (our remote login url)
  - verify user is signed in to our platform via auth cookies, generate jwt token
loops back to 
... continues

Can you please prevent the automatic redirection from https://support.bitly.com/access/unauthenticated to our remote login url. But instead redirect to the return_url (a url query param on the unauthenticated response), or display an auth error, or provide insight on how to handle this situation? 

I've looked through the admin console's single sign on settings, but there are not configuration changes we can make on our end. 

查看评论 · 已于 2024年2月07日 编辑 · Alex Leventis

0

关注者

0

投票

0

评论