Show website in Universal gui and pass login credentials

Question

Hi,

I'm toying with the following. I have an Indicium and Universal GUI. In this universal I open a View, that displays another website. This website is also mine, connects with the same data database, but shows some things that cannot be done in Universal.

I have created a URL showsomething.companyname.com and open this in a view (iframe like). This works fine. BUT I do not want this data to be visible by anyone browsing the web. So, I (have) a login on this. Now the end user must login in the Universal gui, and again in the 'iframe’. This is not super user friendly and I think that we must be able to pass the user login cookie to this site as well.

If the user is logged in Universal, it shows data. If you browse the site outside of Universal; Access Denied. I have read this topic but we can't get it working.

Do we need to place the 'iframe’ in a subfolder in Indicium? Or next to it?
It would be very nice if this is possible. Any help in the right direction is very welcome!

Thanks!

Blommetje

icon

Best answer by Vincent Doppenberg 28 July 2023, 00:45

View original

Vincent Doppenberg · Accepted Answer

Hello Blommetje,What you are asking for is basically Single Sign On. This is possible and will in fact work automatically if set up Indicium as an OpenID provider and use OpenID / OAuth 2.0 as the authentication method for your other website, using Indicium as the authorization server. You can find some information on this here:2023.22023.1 and belowRoughly speaking, the steps that you will have to take are the following:Configure an OpenID Client / Client Application in IAM. This includes a client_secret that you can make up and a (login) redirect_url to your website. If you're on 2023.2, be sure to select Authorization code as the Grant type. You will also need to turn off Consent if you want this to work seamlessly.Restart Indicium.Configure your website to use the OpenID Connect / OAuth 2.0 Authorization code flow for authentication, using Indicium as the authorization server. I can't say much more on how to achieve this part, because it depends on the technology of your website. What I can say is that it will involve the following steps:Your website redirecting the user to Indicium's /connect/authorize endpoint.Receiving the Authorization code callback on the redirect_uri that was configured in IAM.Requesting an access token with this authorization code and, if successful, allowing access.Once configured, the flow will work like this:The ‘viewer’ which is embedded in the Universal GUI will request your website.Your website will respond with a redirect to Indicium's /connect/authorize endpointIndicium will detect that the user is already signed in because the browser will automatically include the cookie, because the cookie belongs to that Indicium on that domain.Indicium will redirect back to your website, including an authorization code.You validate the authorization code by requesting an access token with it.At this point you may consider the user signed in and you can return your page in the response, which will then be displayed in the viewer.If your website is interactive, rather than just displaying a page to the user, then a few more steps might be required to make the authentication a bit more efficient. I can elaborate on this if needed.I hope this helps.

Blommetje · Answer

Hi Vincent,Searching high and low, but I figured out that here;in the Universal version 23.1.18.0 you can’t add in grid? When I open a web/win gui, Ican.Is this correct?How do I add this then?Blommetje

Sign up

Login to the Thinkwise Software Community

Scanning file for viruses.

This file cannot be downloaded