You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Sep 18, 2021. It is now read-only.
Setup:
Currently, I have a working version of IdentityServer v3 ( using the RC version) and I have integrated, IdentityManager, MembershipReboot (Default Implementation) as the "UserService", and I also have a custom "ViewService" that currently only overrides the Login Task. And with that I am able to achieve a local login and external login flow with a configured Identity Provider.
In MembershipReboot I also have created two custom event handlers for sending email and sms for a given account.
I have also implemented some Account Management Features like Password Reset, Email Confirmation, etc. The way I accomplished this was I have the OWIN hosted IdentityServer inside an MVC project and I have extended MembershipReboot's UserAccountService using the CustomUser configuration and Autofac IOC container used by webAPI endpoints that allow me to use some custom web pages to interact with MembershipReboot.
Issue:
Using the above API, I successfully am able to configure users in MemebershipReboot for TwoFactor Authentication, supplying the TwoFactorMode.Mobile and MobilePhoneNumber, However, I am confused on how to tell IdentityServer to use TwoFactor Auth for a given user account request?
Right now, with TwoFactorAuthMode set to Mobile and TwoFactor enabled for a given local user account, My identityServer authenticates the user in successfully and proceeds to the protected resource.
Questions:
First off, I have found some articles discussing the flow of how TwoFactor should work:
Refer here: #134
That being said, is this feature available in version 3(RC)?
If that answer is yes, if I could get some guidance as to how I would wire up/configure that functionality.
I noticed the "AuthenicationMethods" available in the Constants.cs source file, but I don't see where that may apply?
public static class AuthenticationMethods
{
public const string Certificate = "certificate";
public const string Password = "password";
public const string TwoFactorAuthentication = "2fa";
public const string External = "external";
}
Is there a option that requires being set on my IdentityServer "Client" to "trigger" the two Factor Authentication? Or maybe an option to set in the IdentityServerOptions?
I will continue my research but any input would be very helpful.
Thank you for your time.
The text was updated successfully, but these errors were encountered:
IdentityServer doesn't know how to do 2fa. We do allow you to control the login workflow with a custom user service. This is what you'd implement to add 2fa to your deployment of IdSvr.
Okay, that makes sense, We currently are not using a custom user service, but now that you point it out, I see how the Partial login (with redirect) can prove useful in this scenario.
I see if I can work this out, since I have already done the CustomView service, i should be able to do something similar here.
No prob. And in a sense, you are using a custom user service -- that's the MembershipReboot user service. It can be derived from and has several virtuals to override so you can control the behavior. HTH.
Setup:
Currently, I have a working version of IdentityServer v3 ( using the RC version) and I have integrated, IdentityManager, MembershipReboot (Default Implementation) as the "UserService", and I also have a custom "ViewService" that currently only overrides the Login Task. And with that I am able to achieve a local login and external login flow with a configured Identity Provider.
In MembershipReboot I also have created two custom event handlers for sending email and sms for a given account.
I have also implemented some Account Management Features like Password Reset, Email Confirmation, etc. The way I accomplished this was I have the OWIN hosted IdentityServer inside an MVC project and I have extended MembershipReboot's UserAccountService using the CustomUser configuration and Autofac IOC container used by webAPI endpoints that allow me to use some custom web pages to interact with MembershipReboot.
Issue:
Using the above API, I successfully am able to configure users in MemebershipReboot for TwoFactor Authentication, supplying the TwoFactorMode.Mobile and MobilePhoneNumber, However, I am confused on how to tell IdentityServer to use TwoFactor Auth for a given user account request?
Right now, with TwoFactorAuthMode set to Mobile and TwoFactor enabled for a given local user account, My identityServer authenticates the user in successfully and proceeds to the protected resource.
Questions:
First off, I have found some articles discussing the flow of how TwoFactor should work:
Refer here: #134
That being said, is this feature available in version 3(RC)?
If that answer is yes, if I could get some guidance as to how I would wire up/configure that functionality.
I noticed the "AuthenicationMethods" available in the Constants.cs source file, but I don't see where that may apply?
public static class AuthenticationMethods
{
public const string Certificate = "certificate";
public const string Password = "password";
public const string TwoFactorAuthentication = "2fa";
public const string External = "external";
}
Is there a option that requires being set on my IdentityServer "Client" to "trigger" the two Factor Authentication? Or maybe an option to set in the IdentityServerOptions?
I will continue my research but any input would be very helpful.
Thank you for your time.
The text was updated successfully, but these errors were encountered: