21
Views
6
Comments
Connect Outsystem authetication with other applications

We have developed a launcher with which all our users log in and see the OS applications to which their associated roles have access.

We want to join other company applications (in .NET) to that launcher and thus unify roles and permissions, so we come up with several options:

  • Create a new Outsystem application that contains the NET application in an iframe and that we send a token by parameter with the information of the logged in user and their roles
  • Create a new application that only has the redirection to the NET application and store the user and permissions through cookies
  • ...

Any recommendation or property of Outsystems that could help us with this?

In the NET application we can change what we need, in fact, there will be a previous role unification task

mvp_badge
MVP
Rank: #45

Hello,

I'm a little confused regarding the overall architecture. Is your launcher an OutSystems application or a .NET application? Are you planning for your OutSystems environment to be the main source of users and roles, and your other applications would contact it for authentication needs and permission checks, or would the controller be elsewhere?

Without understanding more of your plan, I can only recommend looking into webservices  in order to coordinate and validate authentication/permissions. Using an iframe could be the answer, but I find them very finicky most of the time.

Hi CrisSanz,

Would it not be an acceptable UX to have links with embedded tokens which point to the external applications. Clicking these links could navigate the user to a new tab? 

You could use the browsers tabs API's (such as Chromes: https://developer.chrome.com/docs/extensions/reference/tabs/) to close a tab on refresh and refresh the parent from which it were opened (if this would be required)? 

I am not familiar with any standard OS feature which would enable this. 

Thanks, 

Nicholas


And to your question around authentication (which I never really addressed..) 

@Afonso Carvalho makes a great suggestion with using webservices. You could expose an API from your OutSystems environment which could be used by the external application to authenticate the tokens passed through in the URL. 

The response of the API can be the details of the user currently logged in along with the duration of the session.

Your external application would require it's own logic to parse and manage this data on its own end. 

Hi Crissanz,

Good morning!

Please refer to this blog post, I think this may give you a bit of guidance in exposing an api.

https://www.outsystems.com/blog/posts/securing-outsystems-apis-oauth2/

Hope this helps,

Kind regards,

Chris

Rank: #4588

Thank you very much for the answers. 

Indeed, what we want is that the NET applications also appear on that launcher page. Either through an "empty" module that only contains a redirect to the NET application, but already with the details of the user who has logged into the launcher. 

We had thought about the iframe for not leaving Outsystems

I'm going to read the links provided...

Rank: #4588

Good,

Checking the links I see that it is too much for what I need.

Actually what I need is that Outsystem works as an identity provider and pass to other applications the identity of a logged in user (user + roles). Like a SSO.

And we have doubts about which is the safest option for it...