Hello, Developers! .
Sorry for the translation in English.
I am developing a reactive web application. I want to use AzureAD for the reactive web login, and another batch application to run with Basic authentication using REST requests from outside.
So, is it possible to use different authentication methods for login for different applications?
I am using UsersEntity for both.
Hi,
You can customize the login / logout screen and actions in the CommonFlow.
If you want this to be effective for each new app you create, you should create a custom application template with that logic in it. On Creating a new app select the custom application template.
There is plenty of training material, blog articles, and Forge components available to help you with how to implement AzureAD for User authentication and authorization, and using Basic Authentication for REST APIs.
Regards,
Daniel
@Kani kun hallo ,
i think the key is clone user module and use your custom module as user provider , i hope this point help you
How will that help? apart from now have a copy of the UserProvider, and missing out on any platform updates of it. The UserProvider is still OutSystems built in solution. The question is how to use an external identity provider like Azure AD.
I agree with pointing out any platform updates. If there’s a more direct and effective solution available, that would definitely be better.
Of course, every solution will have its side effects, but in the end, only need is the real indicator is whether you’re willing to accept those side effects or not.
As I understand, your React web application allows users to log in using Azure AD (now Entra ID). Additionally, the application exposes a REST API, which will be consumed by a batch application using Basic Authentication. Is that correct?
If you want all applications to use Azure AD, you can configure it globally under User Portal -> Configure Authentication. Alternatively, if you want only specific applications to use Azure AD, you can use IdpReact or OIDC Client. This will take care of the application login from the browser..
Regarding the batch application consuming the REST API via Basic Authentication: First, you need to create a user in the User Portal (regardless of whether you're using Internal Authentication, Azure AD, or another mode) by accessing https://<your_server_name>/Users/Login.aspx. Then, create a user account that the batch application will use for authentication. Since the batch application will use Basic Authentication, it will send the username and password in the header. Upon receiving this information, OutSystems will automatically call User_Login to authenticate the user.
I want to do exactly what you say.
The application logs in using AzureAD.
Batches (public REST API) are launched using basic authentication.
I would like to implement these, but when using AzureAD, it seems that in order to log in using User_Login, the logged-in user must have the (user manager) role.
Is it possible to use the same user provider (Users) for both Azure AD and Basic authentication?
This is my current setup.
In Basic Authentication, you pass a username and password, but there's no option to authenticate directly with Azure AD. I recommend using an OAuth token for authentication when working with REST APIs. You can use the Microsoft Login Connector Core forge to obtain these tokens.
Even when Azure AD is configured, a user account is still created in OutSystems after a successful login. You can access the User Portal and manually set a password for that account to use with Basic Authentication. However, I do not recommend this approach, as I have not tested it myself, and I am unsure about the security of Basic Authentication.