Custom app login screen with identityserver4

I am new to IdentityServer4. We have an existing Web app and now we are planning to write an API. We want to use IdentityServer4 for the authentication. I have the server running but I want the user to be directed to our Web login page to login rather than the IdentityServer login. I can achieve this by setting the UserInteractionOptions.LoginUrl. After the login I redirect the user to the return Url that was passed in but the identity server redirects back to our web app and the keeps cycling. How can I tell the IdentityServer that the user has been uathenticated? So that the IdentityServer shows the consent screen

1 answer

  • answered 2018-11-08 23:10 mackie

    This will not work as the identity server needs to issue its own cookie once authentication has taken place. This cookie is what allows the authorise endpoint to know who is signed in.

    The intention of this model is that authentication takes place on the IDP or it’s negotiated with an external provider via a suitable protocol. Therefore the appropriate approach in this case is to move the login UI into your identity server application in my opinion.