堆栈内存溢出
  简体   繁体   English

Salesforce 作为 OpenId 身份验证提供商

[英]Salesforce as an OpenId authentication provider

 原文  2013-06-13 12:03:50       authentication/ salesforce/ openid

问题描述

Google Apps offers an OpenID API that allows end users to securely sign in to third party web sites using their Google Apps user account. Google Apps 提供了一个 OpenID API,允许最终用户使用他们的 Google Apps 用户帐户安全地登录第三方网站。

I want to offer similar functionality - ie I want the users of my web site to be able to authenticate using their Salesforce account using OpenID.我想提供类似的功能 - 即我希望我的网站的用户能够使用他们的 Salesforce 帐户使用 OpenID 进行身份验证。

Does Salesforce offer a similar API/functionality? Salesforce 是否提供类似的 API/功能? I've checked the documentation and seen mentions of OpenID Connect API, but this seems to be in its early stages of development.我检查了文档并看到了 OpenID Connect API 的提及,但这似乎处于开发的早期阶段。 I've also checked Salesforce's Identity Provider feature, but this seems more geared towards SSO scenarios (not quite sure though - please correct me if I am wrong).我还检查了 Salesforce 的身份提供商功能,但这似乎更适合 SSO 场景(虽然不太确定 - 如果我错了,请纠正我)。

2 个解决方案

解决方案1
 1  2013-09-07 05:56:00

(this is an old answer from before open id connect was supported) (这是支持 open id connect 之前的旧答案)

they don't support openid connect yet.他们还不支持 openid 连接。 in the meantime, take a look at the "web server" oauth 2.0 flow and use the "id" scope to get the user's id.同时,查看“Web 服务器”oauth 2.0 流程并使用“id”范围来获取用户的 id。

http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com

at the oauth protocol level, there's no guarantee that this id belongs to the user or that it's unique and non-changing, but people use this kind of id for authentication anyway.在 oauth 协议级别,无法保证此 id 属于用户或它是唯一且不变的,但人们无论如何都会使用这种 id 进行身份验证。 this is basically how openid connect works;这基本上就是 openid connect 的工作原理; openid connect just formalizes it and adds in some extra validation. openid connect 只是将它形式化并添加一些额外的验证。

解决方案2
 1  2020-04-28 06:07:10

Yes SalesForce supports OpenIdConnect, here is SalesForce developer guide .是的 SalesForce 支持 OpenIdConnect,这里是SalesForce 开发人员指南

You can find implementations for SalesForce authentication providers here .您可以在此处找到 SalesForce 身份验证提供程序的实现。

Just needs to install AspNet.Security.OAuth.Salesforcenuget package and add this code in Startup.cs只需要安装AspNet.Security.OAuth.Salesforcenuget 包并在Startup.cs添加此代码

services.AddAuthentication()
    .AddSalesforce(options =>
    {
        options.SignInScheme = "Salesforce";

        options.ClientId = "<insert here>";//client id on salesforce connected app
        options.ClientSecret = "<insert here>";//client secret on salesforce connected app
    });

I have it implemented using IdentityServer4 here在这里使用 IdentityServer4 实现了它

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 OpenID提供程序作为身份验证代理 - OpenID provider as authentication proxy 用于旧用户管理的 OpenID Connect 身份验证提供程序? - OpenID Connect authentication provider for legacy user management? OpenID注销。 我只需要身份验证而不登录OpenID Provider - OpenID Logout. I just need authentication not login to OpenID Provider 使用Google作为身份提供商使用Salesforce进行Api身份验证 - Api Authentication with Salesforce using Google as an Identity Provider 在ASP.net中“正确”实现OpenID - 成员身份或身份验证提供商? - Implementing OpenID in ASP.net “Properly” - Membership or Authentication Provider? OpenID提供程序可以使用Kerberos或其他“备用”身份验证机制吗? - Can an OpenID provider use Kerberos or other “alternate” authentication mechanisms? 服务器如何发现OpenId Provider的身份验证的终结点? - How does a server discover an OpenId Provider's authentication's endpoint? 如何使用外部 OpenID 提供程序 (OAuth2) 向 API 平台添加身份验证 - How to add authentication to API Platform with external OpenID provider (OAuth2) 获取openid提供程序的名称 - Get the name of the openid provider Facebook是OpenID提供商吗? - Is Facebook an OpenID provider?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM