Versions Compared

Old Version 15

changes.mady.by.user Suganya Rajendran

Saved on

compared with

New Version 16

changes.mady.by.user Jason Hoekstra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: draft save

DRAFT

Overview

Today, Admin App supports only forms-based authentication for using the application.  This design proposes adding another method of delegating user-authentication to trusted 3rd party-sources via OpenID Connect, to provide single-sign on like experiences to users of Ed-Fi tools.  If this design, implemented code and pattern is successful in Admin App, it will be considered for reuse in applications such as Data Import.

Table of Contents
minLevel2

Use Cases

This feature is targeted towards the IT administrator of an Ed-Fi Tech Suite and responsible for its secure operation.  The IT administrator would like to use a trusted, 3rd party source as the source of identity for their users, instead of the built-in forms authentication available today.

Technical Details

Registering client application with external authentication providers:

...

On development environment all these details can be stored on Authentication section on appsettings.json file or can be set as user-secrets.

ex: dotnetuser-secrets set "Authentication:Google:Client_Id""sampleapp"

For production environment, it is recommended to store Client_Id and Client_Secret on environment variables. 

...