Closed qq1176914912 closed 7 months ago
We will take a look to this problem & fix it for the next release (release 4.0.5)
We will take a look to this problem & fix it for the next release (release 4.0.5)
There is another question, I see that there is a registration process in the project, but I did not see the registration button. May I ask where to start it?
Unfortunately, there is a small bug in the administration website.
When the Validation Post Logout Redirect URL
is called by the Identity Server, the cookie is not removed by the administration website, and the user remains authenticated :(.
The problems you described in the ticket are related to this issue.
About your second question :
In SimpleIdServer, it is possible to configure one or more Manual Provisioning Workflows
. These workflows are used by anonymous users to create their local accounts and provision their credentials.
For example, the URL https://openid.simpleidserver.com/master/registration?workflowName=pwd
is used to create a local account with password authentication.
For more information about Manual Provisioning Workflow
, please read the documentation : https://simpleidserver.com/docs/iam/manualidentityprovisioning
If you do not wish to use a Manual Provisioning Workflow
, your website can call the Users
API to create a local account using the following steps:
users
scope.users
scopes.HTTP REQUEST
Target : https://openid.simpleidserver.com/master/users
Method : POST
Body :
{
"name": "user",
"firstname": "firstname",
"lastname": "lastname",
"email": "email",
"claims": { }
}
HTTP REQUEST
Target : https://openid.simpleidserver.com/master/users/{id}/credentials
Method : PUT
Body :
{
"type": "pwd",
"value": "PASSWORD"
}
About your second question :
In SimpleIdServer, it is possible to configure one or more
Manual Provisioning Workflows
. These workflows are used by anonymous users to create their local accounts and provision their credentials.For example, the URL
https://openid.simpleidserver.com/master/registration?workflowName=pwd
is used to create a local account with password authentication.For more information about
Manual Provisioning Workflow
, please read the documentation : https://simpleidserver.com/docs/iam/manualidentityprovisioningIf you do not wish to use a
Manual Provisioning Workflow
, your website can call theUsers
API to create a local account using the following steps:
- Configure your client to have access to the
users
scope.- Obtain an access token that is valid for the
users
scopes.- Execute an HTTP POST request to create a user. The technical identifier of the user must be returned.
HTTP REQUEST Target : https://openid.simpleidserver.com/master/users Method : POST Body : { "name": "user", "firstname": "firstname", "lastname": "lastname", "email": "email", "claims": { } }
- Use the technical identifier of the new user to update the credential as follows:
HTTP REQUEST Target : https://openid.simpleidserver.com/master/users/{id}/credentials Method : PUT Body : { "type": "pwd", "value": "PASSWORD" }
I understand. The meaning is that I can add a registration button on the login page, and the button's connection specifies the registration address, such as the one you mentioned https://openid.simpleidserver.com/master/registration?workflowName=pwd So I can add the registration function to the page, but has your project considered adding this feature, such as whether to enable the registration function on the client and specify the registration process?
At the moment, we haven't considered linking the registration workflow to a client (website or SPA). However, it is an interesting idea, and we can explore the possibility of implementing it
At the moment, we haven't considered linking the registration workflow to a client (website or SPA). However, it is an interesting idea, and we can explore the possibility of implementing it
Thank you for your patient response. Looking forward to the new version
This bug is fixed in the branch release/4.0.5
.
1.1.When I run the project 'SimpleIdServer.IdServer.Startup 'port: 5001 and' SimpleIdServer.IdServer.Website.Startup' port 5002, I opened the browser for the first time to access 5002 and logged in with the 'admin' account. After clicking Exit, I attempted to log in with the second account: test. When I clicked to log in, I reported an error:
{"error":"invalid_request","error_description":"subject contained in id_token_hint is invalid"}
I must close this browser and reopen it to log in to my second account test. Similarly, to switch accounts, I must close the browser and reopen it.