How can I enable single sign-on (SSO) with another Microsoft .net-based website?

Grant Pankonien — Thu, 18 Jul 2019 17:06:19 GMT

Current Revision posted to User Documentation by Grant Pankonien on 07/18/2019 17:06:19

Telligent Community can use an existing Microsoft .net-based web site utilizing .net's built-in forms authentication to enable remote authentication (single sign-on) and member auto-registration within Telligent Community. To configure shared .net forms authentication,

Navigate to Administration > Authentication > Authentication methods > Forms Authentication Single-Sign-On Client
Ensure the Enabled checkbox is checked.
Enter or select options from the following:
1. Forms authentication cookie name - The forms authentication cookie you're using.
2. Email cookie name - The name of the cookie you're using that contains the user's email address.
3. Use encrypted cookie - Select the check box if you are encrypting the email address cookie contents.
4. Cookie key name for email address value - In the authentication cookie value, the key containing the authenticated user email address to be used for auto-registration. Needed if you check "allow automatic registration for new users."
5. Allow automatic registration for new users - Select this check box to automatically create community accounts for new, authenticated users.
6. Profile refresh interval - The number of days to wait before checking for updated profile values.
7. The URL for login page - The URL to be used for the login page.
8. The URL for the logout page - The URL to be used for the logout page.
9. The URL for the page where a new user can create an account - The URL to be used for the account creation page.
10. URL for the page where a user can change their password - The URL to be used for the password change page.
11. The URL for the page where a user can request a password reset - The URL to be used for password reset.
12. The Name of the query string parameter for return URLs - Leave default if defaulting to ReturnUrl. If you have an established parameter name for return URLs that originate from the community, you can enter it here.
Click Save.

The web.config on the Telligent Community site will need to have the same machine key entry as the .NET application authenticating the user. The authentication element of the web.config should have the mode set to "Forms", and a forms sub-element with the name of the cookie coming from the authenticating .NET application and the matching domain.

<machineKey validationKey="<MachineKey>" 
   decryptionKey="<DecryptionKey>" /> 
<!-- <MachineKey> and <DescriptionKey> are unique values that have not been shown for clarity.  These values should be the same as in the web.config of the .NET authenticating application. -->
<authentication mode="Forms"> 
   <forms name="<CookieName>" cookieless="UseCookies" loginUrl="logon" protection="All" timeout="10080" slidingExpiration="false" domain="<Domain>"/> 
</authentication>
<!--<CookieName> is the name of the cookie generated by the .NET authenticating application.-->
<!--<Domain> is the root domain of the .NET autenticating application and the root domain of the Telligent Community site. example: .telligent.com-->

How can I enable single sign-on (SSO) with another Microsoft .net-based website?

Ben Tiedt — Tue, 04 Jun 2019 20:11:50 GMT

Revision 1 posted to User Documentation by Ben Tiedt on 06/04/2019 20:11:50

Navigate to Administration > Authentication > Authentication methods > Forms Authentication Single-Sign-On Client
Ensure the Enabled checkbox is checked.
Enter or select options from the following:
1. Forms authentication cookie name - The forms authentication cookie you're using.
2. Email cookie name - The name of the cookie you're using that contains the user's email address.
3. Use encrypted cookie - Select the check box if you are encrypting the email address cookie contents.
4. Cookie key name for email address value - In the authentication cookie value, the key containing the authenticated user email address to be used for auto-registration. Needed if you check "allow automatic registration for new users."
5. Allow automatic registration for new users - Select this check box to automatically create community accounts for new, authenticated users.
6. Profile refresh interval - The number of days to wait before checking for updated profile values.
7. The URL for login page - The URL to be used for the login page.
8. The URL for the logout page - The URL to be used for the logout page.
9. The URL for the page where a new user can create an account - The URL to be used for the account creation page.
10. URL for the page where a user can change their password - The URL to be used for the password change page.
11. The URL for the page where a user can request a password reset - The URL to be used for password reset.
12. The Name of the query string parameter for return URLs - Leave default if defaulting to ReturnUrl. If you have an established parameter name for return URLs that originate from the community, you can enter it here.
Click Save.

<machineKey validationKey="<MachineKey>" 
   decryptionKey="<DecryptionKey>" /> 
<!-- <MachineKey> and <DescriptionKey> are unique values that have not been shown for clarity.  These values should be the same as in the web.config of the .NET authenticating application. -->
<authentication mode="Forms"> 
   <forms name="<CookieName>" cookieless="UseCookies" loginUrl="logon" protection="All" timeout="10080" slidingExpiration="false" domain="<Domain>"/> 
</authentication>
<!--<CookieName> is the name of the cookie generated by the .NET authenticating application.-->
<!--<Domain> is the root domain of the .NET autenticating application and the root domain of the Telligent Community site. example: .telligent.com-->