Squidex.Identity and Squidex IdentityServer

Kasidit_Khamfoo · November 13, 2018, 1:45pm

Hi Sebastian,

We are trying to implement Single Sign On solution with IdentityServer and Squidex CMS.

I have been playing around with Squidex.Identity that connected to Identity-app in Squidex CMS.
From what I understand that the Identity-app works as another Identity Server which is not related to Squidex built-in IdentityServer.

I also went through the IdentityServer document and tutorial. But I still get confused in some subjects.

There is a list of my questions:

Is it possible to connect the Identity-app to share client and access with the Squidex built-in IdentityServer ?
Is there a way to connect the Individual IdentityServer with Entity Framework to share client and access with the Squidex built-in IdentityServer ?
Is it possible to sign-in to Squidex CMS through Open Id in Azure API Management ?

Regards,
Kasidit

Sebastian · November 13, 2018, 2:23pm

Hi Kasit,

thanks for your interest. Squidex Identity is built on top of Squidex CMS and does not share any other data such as clients and databases. Squidex Identity is a competitor project to auth0 and Keycloak. You can also not share clients because the app clients are managed as part of the apps to manage permissions and so on.

About the last question: Yes, it should be possible. You have to provide the url and client id and secret and the config: https://github.com/Squidex/squidex/blob/master/src/Squidex/appsettings.json#L277

Kasidit_Khamfoo · November 15, 2018, 8:10am

Hi Sebastian,

Thanks for the reply. So I have separate IdentityServer and User bases.
If I want them to get access to Squidex CMS API, I have to verify those users in my Identity server then call the Squidex API with Clients in Squidex Settings > Clients right ?
More question, If I connected to CMS with OpenId Connect, It will become CMS user but not the IdentityServer client.
And this user can’t get access token from Squidex IdentityServer Api. Is there anyway to logged user in throught API and get access token ?

Sebastian · November 15, 2018, 10:59am

The clients are only needed for other services. If you have a separate identity server and user base you can use the app settings above to give them access .It just works like Google or Microsoft login and the users will also be added to the Squidex database.