Feature Request : Unable to open Pop-ups / Full page redirect for MS Azure AD Authentication

Forge Forge UI Kit and Custom UI
, ,
1

Hi Everyone,

I have a requirement where I have to get e-signatures from users in my Jira App(Custom UI). When a user is trying to give e-signature, I need to force the user to login to Azure AD with his credentials (username, password and MFA auth).

Official website says:
Azure AD authentication for SPA can be done in two ways.

  1. Popup
  2. Redirect
    image
    image940×526 129 KB

But Forge Documentation prevents both

image
image940×454 110 KB

image
image940×883 188 KB

As expected, I tried both ways, but MSAL couldn’t open popup / redirect to authentication URL.

(Note: I created an iFrame element with allow-popups attribute with no luck)

Is there any workaround to solve this issue?

2

Do you specifically need to do it each time you’re collecting an e-signature? Or could each user do it the first time they interact with the app.

Just wondering whether Forge’s built-in outbound OAuth 2.0 would work for you?

3

Hi @AdamMoore, thanks for the reply.

Thank you for sharing the link to OAuth2.0, but we didn’t find it to be a suitable solution as per our requirement. The requirement is to force the user to login (with his credentials) each time the system is collecting an e-signature showing his IdP’s UI.

4

Hi @AdamMoore,
We are trying to make our app, built with Connect, compatible with the Confluence mobile app.
Our issue at the moment is with the MSAL.js that we are using.

Azure AD authentication for SPA can be done in two ways.

  1. Popup
  2. Redirect

The popup version works great in normal desktop and mobile browsers, but it is somehow restricted in the Atlassian web view that opens when the users try to load our app in the confluence mobile app.

The redirect method doesn’t work due to some restrictions imposed since Azure AD (further information → microsoft-authentication-library-for-js/lib/msal-browser/docs/iframe-usage.md at dev · AzureAD/microsoft-authentication-library-for-js · GitHub)

We thought about using a broker (like the MS authenticator app), but there is no official library from MS that allows brokers to authenticate web apps (and it gets even more tricky to authenticate a web app inside a mobile app).

Is there any workaround to solve this issue with Connect or do we have to use Forge?