none
Can I use external APIs to authenticate users? RRS feed

  • Question

  • I have been asked to develop a lightswitch application either as desktop client or HTML client. Now I am confused about the authentication mechanism in LightSwitch, and it leads a question: Can I authenticate my users from an external website or application?  

    • For the HTML client, I have been thinking that whether I could use external APIs like Facebook Login API to authenticate my users? If I could, the code should be JavaScript, then where should I put it, and how can I configure my LS application?
    • For the desktop client, same question, if I could identify my users by pulling some user information from an external website, what kind of code/Programming Language shall I use? 
    Tuesday, February 4, 2014 4:34 AM

All replies

  • Hi,

    You can use SSL Encryption . Getting more information from:

    http://msdn.microsoft.com/en-us/magazine/hh456409.aspx

    Hope it helps.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, February 6, 2014 2:29 AM
    Moderator
  • Hey ConnorTx!

    This is not supported out of the box.

    For in-browser desktop applications, you can hack around this by setting up the social media credentials, then redirecting to your desktop application while passing the self-encrypted credentials.  I explained this workaround in this article.

    I don't have enough production experience with HTML apps yet.  However when you use Forms authentication, I suspect you can simply fill in the IPrincipal on the HttpContext.Current, then redirect to your HTML app, and the LightSwitch Forms Auth mechanism would pick up your principal as valid credentials.  I wish I had time to show you some code for this, would make a great blog post :/

    Keep rocking LS!

    Jan


    It's your story - time to switch on the innovation.||About me||LightSwitch blog

    • Proposed as answer by Yann Duran Sunday, March 22, 2015 10:29 AM
    Wednesday, February 19, 2014 2:01 PM
  • The question that has been marked as the answer here has nothing to do whatsoever with the original question!

    Jan's answer is far more appropriate.


    Regards, Xander. My Blog

    Friday, March 21, 2014 1:53 AM
  • Thanks Xander!

    Yann Duran
         - Co-Author of Pro Visual Studio LightSwitch 2011
         - Author of the A Reluctant Web Developer Blog

    Sunday, March 22, 2015 10:30 AM
  • By the way, after more experience I can confirm this it the correct way to go for HTML apps:

    - create a login page yourself

    - handle the authentication (Azure AD, social media credentials, whatever you want)

    - set the forms token

    - redirect to the HTML client

    Some additional remarks:

    - I created a 'subsite' in my azure website to handle the auth. It's a bit tricky only because the config.xml will inherit the LightSwitch config so you have to add some references to your sub-project :S

    - if your users time out due to inactivity, they will be redirected to the Login.aspx code. Use javascript in that page to further redirect them to your real login page.


    Keep rocking LS!
    Jan

    PS: have you seen app-stitch yet? It's a visually simple yet powerful way of designing business rules for Visual Studio LightSwitch apps.

    Sunday, March 22, 2015 6:18 PM