Pete Davis Pete Davis - 1 year ago 74
AngularJS Question

Identity Server auth without requesting user permission

Is there a way to configure a client so that it is trusted and not require users approval for access to their details?

I am building an Angular client app, and using Identity Server 3 for issuing tokens for access to the backend API, but because it should appear that you are logging into the same environment as the API you are accessing, I dont want the client to be prompted for the request for permission for this client app / resource pair. Currently I have something similar to this example:

Is there a setting that bypasses the approval, or am I just using the incorrect flow?

I guess the example that I am looking at replicating is accessing the Auzure portal SPA. There you are redirected to login, then I am not prompted by Microsoft to give access to Microsoft account details.

Answer Source

You are talking about Consent.

For that specific client's configuration set its RequireConsent property to false.