locked
Microsoft Account SSO across a Metro App and a Web Site

    Question

  • I have a Metro app that needs to call some functionality (mostly SignalR web sockets) of an ASP.NET web site. The web site allows logging in with your microsoft account.

    Since you are already logged in with your Microsoft Account in the Metro App, I would like SSO. I think of it like that:

    1) the user initiates an action in the Metro app

    2) I get his LiveSDK credentials

    3) I provide them (how ?) to the web authentication broker

    4) If it's the first time the user connects with this microsoft account to this web site, the Web Authentication Broker would need to ask the user for consent.

    5) The rest happens automatically.

    This is similar to this question: http://social.msdn.microsoft.com/Forums/en-US/a470ebcc-87df-401c-829a-42f60a9d19c3/automatically-login-to-webauthenticationbroker-using-current-logged-user?forum=winappswithcsharp but I hope there's a better answer or functionality since.

    If step 3 isn't possible, I could live with skipping 2 and 3, and going directly to the web authentication broker, but I would like this to be a one-off process (the site should act as a SSO provider). I am still a bit confused, though, because in this case the app is using the site as an SSO, which in turn is using Microsoft Account as an SSO :S.

    Most tutorials don't go that far (this would probably require some collaboration between the ASP.NET guys and the WinRT guys), and it's a pity, because having a companion site to an app and connecting to both with the same OAuth account is not rare at all. Help will be appreciated, and I suspect, not only by me.


    Goblin Dice Roller for your RPG games!

    Wednesday, May 21, 2014 11:43 AM

Answers

All replies