As I understand, user logged in to one application can log into other applications as a SSO, if the User Provider configured for each of these application is same or is configured as "Users" module.

With that as a background, can OutSystems act as an IDP(Identity Provider) itself and authenticate against the Users in OutSystems, for a SAML request/response from a Service Provider?

The Users that I referring to is the "Users" module, and the Service Provider that I am referring to can be any external website.

Use Case : A user who has valid OutSystems credentials, logs into the OutSystems application. On the web page of this application, there is a link to an external website. When user clicks on this link, he should not be asked for a credential again. He should be able to seamlessly log in to the external website using the credential that he already provided to log into OutSystems web application.

Hi Rajeev, 

Unless that external website is also built by you and you make it trust your outsystems application isn't possible. All those seamless authentications are based on trust and external websites will never trust that your outsystems app is a reliable source of authentication.

Regards,

Marcelo 

Thank you for your reply Marcelo. 

The external website is not in OutSystems and is not built by us. Let us assume that we can make the configuration at external website for them to trust OutSystems application, then how does this work?

Can OutSystems behave like an IDP and exchange SAML request/response for Authentication.

Solution

Hello Rajeev Jha,

Have you checked out the IdPServer component in the Forge?  https://www.outsystems.com/forge/component-overview/2906/idpserver

It is an implementation of a SAML 2.0 identity provider.

Thank you

Solution

Hi Rajeev , 

You found any solution to your requirement ?

Hi Craig ,

IDP component we can use to configure IDP provider settings . But What I am looking for is outsystems as IDP provider for other external application.  


Thanks

Prasad Kawte wrote:

Hi Rajeev , 

You found any solution to your requirement ?

Hi Craig ,

IDP component we can use to configure IDP provider settings . But What I am looking for is outsystems as IDP provider for other external application.  


Thanks


Yes the "IDp Server" forge component makes the OutSystems as IDP Server.

https://www.outsystems.com/forge/component-overview/2906/idpserver

We are using it and works fine for SSO case from external website as SP. We are facing some trouble with SLO though, for which we are trying o figure out a solution.

Rajeev Jha wrote:

Prasad Kawte wrote:

Hi Rajeev , 

You found any solution to your requirement ?

Hi Craig ,

IDP component we can use to configure IDP provider settings . But What I am looking for is outsystems as IDP provider for other external application.  


Thanks


Yes the "IDp Server" forge component makes the OutSystems as IDP Server.

https://www.outsystems.com/forge/component-overview/2906/idpserver

We are using it and works fine for SSO case from external website as SP. We are facing some trouble with SLO though, for which we are trying o figure out a solution.

Thanks Rajeev . Can you share some thoughts how you are using it ? Outsystems as IDP server to share identity with external applications.


 


Prasad Kawte wrote:

Rajeev Jha wrote:

Prasad Kawte wrote:

Hi Rajeev , 

You found any solution to your requirement ?

Hi Craig ,

IDP component we can use to configure IDP provider settings . But What I am looking for is outsystems as IDP provider for other external application.  


Thanks


Yes the "IDp Server" forge component makes the OutSystems as IDP Server.

https://www.outsystems.com/forge/component-overview/2906/idpserver

We are using it and works fine for SSO case from external website as SP. We are facing some trouble with SLO though, for which we are trying o figure out a solution.

Thanks Rajeev . Can you share some thoughts how you are using it ? Outsystems as IDP server to share identity with external applications.


 


Thanks Rajeev and Craig . I was looking at IDP component instead IDp Server.