2 results found

1. Support for Encrypted OIDC Authorization Tokens in PRTG SSO Login

   As an IT Infrastructure Manager, I would like to implement SSO integration with OIDC. Our IDP automatically generates an encrypted authorization token.
   PRTG does not support encrypted authorization tokens as a login mechanism; it only supports ID tokens (JWT) that are not encrypted.

   1 vote

   Vote Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   Under Review  ·  1 comment  ·  Delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Submit Rating

2. SSO Prompt Field for Entra ID

   As an IT Infrastructure Manager, I want to configure the SSO prompt behavior in PRTG's Entra ID integration (e.g., use cached session vs. show account picker) so that I can control the login experience for my users and support environments where multiple accounts need to be selectable.

   SSO with EntraID presently has the prompt field hard-coded into the Authorization URL as prompt=none. But what if the customer would like the account selector to come up, and not used a cached profile. I tried appending the authorization URL with ?prompt=select_account only to get the error stating prompt was duplicated in use.

   https://login.microsoftonline.com/{tentant ID}/oauth2/v2.0/authorize?prompt=selectaccount&responsetype=code&clientid={client ID}&redirecturi={Re-Direct URL}&scope=openid%20profile%20api%20offline_access&state={state ID}&prompt=none

   This is a big ask, but would it be too much in the code for SSO config to have a radio button that by default is set to "Use Cached Session", and another one that says "Show Account Picker"? Keeping the default would leave the prompt=none at the end of the URL, and selecting Show Account Picker would change it to prompt=select_account

   As an IT Infrastructure Manager, I want to configure the SSO prompt behavior in PRTG's Entra ID integration (e.g., use cached session vs. show account picker) so that I can control the login experience for my users and support environments where multiple accounts need to be selectable.

   SSO with EntraID presently has the prompt field hard-coded into the Authorization URL as prompt=none. But what if the customer would like the account selector to come up, and not used a cached profile. I tried appending the authorization URL with ?prompt=select_account only to get the error stating prompt was duplicated in use.

   … more

   •  

   1 vote

   Vote Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   Under Review  ·  0 comments  ·  Delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Submit Rating