Comments (14)
As defined here: https://docs.directus.io/self-hosted/sso.html#single-sign-on-sso
from directus.
This is intended, the Data Studio only works with session
mode π
from directus.
This is intended, the Data Studio only works with
session
mode π
@paescuj
How can i then support SSO logins for my native apps?
I would have to choose either to support login on the Data Studio OR in my Native App?
from directus.
@paescuj and why is the other mode then listed in the docs if that does not work with the Data Studio? https://docs.directus.io/self-hosted/sso.html#single-sign-on-sso
Also please update the Doc then to say, that only "session" works.
from directus.
@paescuj Also now the Enpoint for the Auth Providers also does not show them anymore. So how do i know as a client that such a provider is supported?
from directus.
I would have to choose either to support login on the Data Studio OR in my Native App?
You could make that choice or update the native app to use the session token getting things back to the way you had them.
Also now the Enpoint for the Auth Providers also does not show them anymore. So how do i know as a client that such a provider is supported?
The auth providers endpoint still returns all sso providers unless you're using the ?sessionOnly
flag
from directus.
I would have to choose either to support login on the Data Studio OR in my Native App?
You could make that choice or update the native app to use the session token getting things back to the way you had them.
Also now the Enpoint for the Auth Providers also does not show them anymore. So how do i know as a client that such a provider is supported?
The auth providers endpoint still returns all sso providers unless you're using the
?sessionOnly
flag
Okay sorry to bother you, but i am having now multiple questions:
Just to make sure: Setting it to "cookie" will result, that the SSO provider will also not be visible in the Data Studio?
-
A client then can't decide if he wants to login with the mode "cookie" or "session" as this is decided by the server.
-
It seems not possible (and intended) to the a Refresh Token out of the Session Token? So my users would need to relogin every 15 minutes, since the session token is then outdated?
-
Can confirm: Auth provider is shown by the client, when using "cookie" mode. Can i somehow get the refresh_token (in the backend) from the user_id or the session_token?
from directus.
- the client cant decide because the App only supports
session
as security improvement over the legacycookie
mode. So they would be deciding between being able to log in or not. - "It seems not possible (and intended) to the a Refresh Token out of the Session Token?" wording is a bit awkward but a session token acts as both access token and refresh token so you can refresh them as desired (the only change is that you will need to refresh before it expires since it is a single token)
- In order to get a
cookie
mode refresh token you'll have to log in usingcookie
mode (you can't turn one type of token into another, without backend extensions)
from directus.
the client cant decide because the App only supports
session
as security improvement over the legacycookie
mode. So they would be deciding between being able to log in or not.
"It seems not possible (and intended) to the a Refresh Token out of the Session Token?" wording is a bit awkward but a session token acts as both access token and refresh token so you can refresh them as desired (the only change is that you will need to refresh before it expires since it is a single token)
In order to get a
cookie
mode refresh token you'll have to log in usingcookie
mode (you can't turn one type of token into another, without backend extensions)
So that is nice, that we only need the session_token now and not also a refresh_token extra. And it is also nice, that we can just refresh that token.
Uff, okay that means a bit of changes in our app. But thanks.
How is the refresh now done? https://docs.directus.io/reference/authentication.html#refresh
The docs still state only the old method (refresh and access token).
acts as both access token and refresh token
Or is it really both?
from directus.
Or is it really both?
It really is both so if you were using cookie mode before the refresh endpoint flow works the same, do a request with the cookie then the cookie is replaced and expiry time returned.
from directus.
Or is it really both?
It really is both so if you were using cookie mode before the refresh endpoint flow works the same, do a request with the cookie then the cookie is replaced and expiry time returned.
I have done using "json" before. So by using the directus_session_token
this should work?
//console.log("authenticate_with_access_token set refresh_token to directus_access_token")
await ServerAPI.simpleAuthentificationStorage?.set({
access_token: directus_access_token,
refresh_token: directus_access_token,
expires: null,
expires_at: null,
});
console.log("CALL NOW THE REFRESH");
const result = await client.request(refresh('json', directus_access_token));
from directus.
@br41nslug so why does the json refresh then not work with the session_token?
//console.log("authenticate_with_access_token set refresh_token to directus_access_token")
await ServerAPI.simpleAuthentificationStorage?.set({
access_token: directus_access_token,
refresh_token: directus_access_token,
expires: null,
expires_at: null,
});
console.log("CALL NOW THE REFRESH");
const result = await client.request(refresh('json', directus_access_token));
I am getting BAD REQUEST as error?
from directus.
because you arent using session
mode, the session token "behaves" like a refresh token it is not identical to one.
from directus.
because you arent using
session
mode, the session token "behaves" like a refresh token it is not identical to one.
Uff okay. So in need to call: client.refresh(βsessionβ, session_token) ?
from directus.
Related Issues (20)
- Possibility to deactivate marketplace HOT 3
- "Enable Create Button" and "Enable Select Button" not shown in Many-to-One relations HOT 6
- 10.11.1 breaks our SSO HOT 8
- I cant import csv file to directus in the dashboard HOT 2
- Strange behaviour when creating a related item from the details of an existing one
- Error when attempting to delete item from a m2a (builder) field HOT 6
- @directus/sdk registerUserVerify points to wrong endpont
- Write permissions to the directus_notifications table should be required by the app
- Provide a unique value (version identifier) when using the `Replace File` option on files/images. HOT 1
- Cockroach failing on fresh docker pull of latest Directus HOT 7
- Items not displaying in Calendar view HOT 2
- Public Permission without Id undeletable HOT 2
- Schema change based on user permissions HOT 2
- Error on instaling the extension using S3 storage HOT 7
- Document on changing system collection name in user frontend.
- Permissions Dublicate - Fix HOT 3
- ERROR: "DB_CLIENT" Environment Variable is missing HOT 3
- List in block editor generating hyperlink on the next line HOT 1
- [SDK] Custom Storage configuration sometimes causes errors
- Permission inconsitency HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from directus.