I may have overlooked, but there does not seem to be a way to put the API behind a SSO authentication for end users.
We are trying to use Squidex for an internal bloglike system where the viewers have to log in with their Microsoft accounts to authenticate.
Is there any feature like this present or planned?
Thanks in advance.
There is an extension to Squidex: https://github.com/Squidex/squidex-identity
But it is a little bit on hold. The idea is to manage your end users in Squidex as well and to provide Identity Server that is connected to Squidex.
To clearify: We are looking for a way to authenticate using only a frontend application.
An ideal case would be: The end user visits our frontend and gets a login prompt for Microsoft SSO. After logging in, the frontend collects the API data from Squidex by sending the access token / id token.
Is that possible with Squidex Identity?
Squidex is like a database. You could just implement password authentication in your frontend ans store the users in Squidex. The same is true for Microsoft authentication.
How can I authenticate with the API after logging in with Microsoft SSO? Is there a way to approve/deny API access based on the token returned from Microsoft?
The Squidex identity seems to work fine and is used in production by enterprise users.