Silent SSO login with Azure B2C and Open Id Connect in .NET Core MVC Application

Question

We would like to implement functionality where user should be logged silently over Single sign-on. The user go to the application A and log into. Now he goes to the application B, which is using the same tenant as application A. At this moment to log into the application B, it is necessary by user to click on Login button to start the Challenge which handle the whole OpenID Connect protocol exchange.

[HttpGet]
public IActionResult SignIn()
{
  var redirectUrl = Url.Action(nameof(HomeContrsioller.Index), "Home");
  return Challenge(new AuthenticationProperties { RedirectUri = redirectUrl },
                OpenIdConnectDefaults.AuthenticationScheme);
}

The idea here was to utilize Authorize attribute.

[Authorize]
public IActionResult Index()
{

    return View();
}

The problem with this attribute is that per default the attribute redirects to the login UI when the user isn't logged in. The desired behavior here is to try to silently authenticate user, when the authentication isn't possible, ignore it.

I tried to disable to automatic challenge like described here but without success.

Have you found a fix for this? I’m also in same situation. — Ajju, Jun 11 '22 at 07:11
What’s the best platform to get this addressed? Maybe Microsoft support? — Ajju, Jun 15 '22 at 20:29

score 0 · Answer 1 · answered Jun 24 '18 at 23:54

You can try embedding an iframe on an anonymous page that has the src set to the signin route. Make sure when your challenge fires you set prompt=none

You can squash any errors that come back from the signin request like interaction_required and acheive a silent single sign on when it works

Silent SSO login with Azure B2C and Open Id Connect in .NET Core MVC Application

1 Answers1