Hi All,
I've been working on a perspective application that has been growing in size (single site with multiple facilities). I'm at a point where it would be convenient to start splitting it out into multiple sub-projects using inheritance.
The problem:
- Users are authenticated against an ignition IDP from our site active directory user source.
- When a user moves from one project to another they are required to re-authenticate. Since the user has no concept of projects they are left wondering why they have to sign in so many times.
The desired fix:
- Have users sign in once from any project and propagate their authentication through every other project they click through.
- Since I cannot set up a new identity provider to use SSO I am looking for a way to accomplish this using the active directory source.
Is this possible in perspective?
1 Like
Disclaimer: I'm by no means an expert at IdP related stuff.
No, or at least not currently. At most you could have a 'sticky' session, where you would be redirected to login then immediately redirect back because the IdP "knows" you; this behavior is pretty fundamental to the way identity providers and federated identity works. Your login request is 'associated' with a particular resource, and once you succeed at authenticating, you are granted access to that one particular project.
Better tools around organization of project resources might be a more feasible option here than trying to change how IdPs work; even if we changed Ignition's IdP, it wouldn't help customers using third party IdPs.
Hi, I'm trying to solve the same problem as you.
I have several projects associated with the same gateway, but every time I switch projects, I have to log in again.
Were you able to resolve it?
Regards.