在服务器上的MSAL.NET中,是否可以为单点登录提供域提示? [英] In MSAL.NET on the server, is there a way to supply a domain hint for single sign-on?
问题描述
在网络上搜索,我发现如果网站使用的是MSAL. js ,则网站开发人员可以提供域提示,这样,当用户开始登录时,系统不会提示他们";选择一个帐户"在Microsoft的登录站点上,库将为其选择帐户,从而提供更好的单点登录体验. 在C#应用程序中使用MSAL.NET时,是否可以提供域提示(或避免使用提起帐户"提示)?
我正在使用MSAL.NET通过Open ID Connect对Azure AD进行身份验证.
找到了它.在ConfigureServices(IServiceCollection)
中,为OnRedirectToIdentityProvider添加一个事件处理程序.
var events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.DomainHint = "mydomain.com";
return Task.CompletedTask;
},
}
services.Configure<OpenIdConnectOptions>(
AzureADDefaults.OpenIdScheme,
options =>
{
// ...
options.Events = events;
}
);
Searching the web, I see that if a site is using MSAL.js, the site developer can supply domain hints so that when a user begins to sign on, they aren't prompted with "Pick an account" on Microsoft's login site, and instead the library chooses the account for them, enabling a better single sign-on experience. Is there any way to supply a domain hint (or otherwise avoid the need for the "pick an account" prompt) when using MSAL.NET in a C# application?
I am using MSAL.NET to authenticate against Azure AD via Open ID Connect.
Found it. In ConfigureServices(IServiceCollection)
, add an event handler for OnRedirectToIdentityProvider.
var events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.DomainHint = "mydomain.com";
return Task.CompletedTask;
},
}
services.Configure<OpenIdConnectOptions>(
AzureADDefaults.OpenIdScheme,
options =>
{
// ...
options.Events = events;
}
);
这篇关于在服务器上的MSAL.NET中,是否可以为单点登录提供域提示?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!