Pete Davis Pete Davis - 1 year ago 100
AngularJS Question

Identity Server auth without requesting user permission

Is there a way to configure a client so that it is trusted and not require users approval for access to their details?

I am building an Angular client app, and using Identity Server 3 for issuing tokens for access to the backend API, but because it should appear that you are logging into the same environment as the API you are accessing, I dont want the client to be prompted for the request for permission for this client app / resource pair. Currently I have something similar to this example:
https://damienbod.com/2015/11/08/oauth2-implicit-flow-with-angular-and-asp-net-5-identity-server/

Is there a setting that bypasses the approval, or am I just using the incorrect flow?

I guess the example that I am looking at replicating is accessing the Auzure portal SPA. There you are redirected to login, then I am not prompted by Microsoft to give access to Microsoft account details.

Answer Source

You are talking about Consent.

For that specific client's configuration set its RequireConsent property to false.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download