Author Topic: Problems with OpenID - WebEA  (Read 5971 times)

arquitecturakeralty

  • EA Novice
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Problems with OpenID - WebEA
« on: August 23, 2024, 03:37:25 am »
Hi everyone,

We've a problem when trying to use OpenId for authenticating users with our Azure AD. We've a loop when trying to authenticate.
First , we access WebEA, then we select the model to open, then we press the OpenId button to authenticate and the callback send me again to the login WebEA page.

The URL that we're using for callback is https://XXXXXXXXXXXXX.com/login_sso.php

Anyone can help us with this?

Thx!

BobM

  • EA User
  • **
  • Posts: 143
  • Karma: +9/-0
    • View Profile
Re: Problems with OpenID - WebEA
« Reply #1 on: August 23, 2024, 04:10:25 pm »
We need a lot more information on what set-up steps you did actually complete

- your open id group has members
- your open id group is connected to the user group
- the correct fields are matched  (given name, surname, email, login)
- etc

IIRC having to log in twice was necessary if the account isn't logged in on browser level

arquitecturakeralty

  • EA Novice
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Problems with OpenID - WebEA
« Reply #2 on: October 19, 2024, 03:48:58 am »
Hi!!!, Sorry for the delay. Iam not sure about the second point , we just have a group configured and that group has 2 members. The fields that we're using are : email , family name, given name and upn.

Thanks for your help!

BobM

  • EA User
  • **
  • Posts: 143
  • Karma: +9/-0
    • View Profile
Re: Problems with OpenID - WebEA
« Reply #3 on: October 21, 2024, 07:37:21 pm »
what is the setup you did on EA client security side?

blank the names and url where nececarry if you post a pic using [IMG ] tags

arquitecturakeralty

  • EA Novice
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Problems with OpenID - WebEA
« Reply #4 on: November 09, 2024, 08:20:19 am »
hi ,

For security reason I cant upload the image but the fields that we have configured are:

Open ID URL : XXXXXXX
callback url: http://localhost:8888/openid/callback -> this one ius set by default by EA
client_ID: XXXXXXXX
client_secret: XXXXXXXX
scope: openid profile offline_access
claim to match to local user: upn
claim to match to local groups: groups

and we've checked the use ID Token for claims  , we dont have checked the Use user info for claims .

Thanks!