Mendix SSO using SAML - Authenticate multiple apps with single login page

0
Hi, I am configuring SSO for Mendix App using SAML module. As shown below Mendix App and an external app both are configured registered with same Idp. I need to automatically authenticate external app when user is authenticated with Mendix using SSO url. But in my case, it is throwing user is not authenticated error when I call any external app end points.  External App has a login service, I think I should call this service after mendix app authentication but SSO url is redirecting me to IdP login page and redirects me back to Mendix landing page after successful authentication. I tried calling the external app login service on a button action but its again redirecting me to Idp login page and asking user to enter credentials which I want to avoid. Any suggestion on how to authenticate multiple apps with mendix app authentication?
asked
3 answers
0

Hi Mohan,

I’m not 100% sure, but I don’t think what you want is possible. The external app needs to be authenticated separately. After all, it would be a huge security risk if one app could authenticate multiple other third-party apps using your provided permissions. You need to have the external app go through the same authentication process with your IdP.

answered
0

All depends on the external app. Because from the external app to the Mendix app it can be done with a URL like https://yoururl.mendixcloud.com/SSO/login?_idp_id=idpconfigname

From there it would redirect to the IdP login page and log the user in.

So if the external app also has such landing page it would work imho.

Regards,

Ronald

 

answered
0

@Marius van der Knaap,

As per my understanding of SSO, It should let user to connect to multiple Apps with single login (Ex: Google Apps) and also logout at one place should log you out from all apps. Refer below screenshot of SSO advantage

answered