By: Kartik Agarwal user 26 Mar 2021 at 5:46 a.m. CDT

2 Responses
Kartik Agarwal gravatar
We are using Gluu for authentication for multiple client applications. In this process we encountered a requirement of restricting Passport provider access to specific client. * Imagine a scenario where we registered 2 clients client A, client B in gluu openid clients. * And we registered 2 external providers in passport providers i.e. provider1 , provider2. * So the requirement is when user is accessing clientA application then he/she can use only provider 1 for authentication not provider 2. * Whereas same user when accessing client B can use both passport providers to authenticate. Does Gluu has any feature to support this type of scenario.

By Mohib Zico staff 03 Apr 2021 at 10:40 p.m. CDT

Mohib Zico gravatar
[User Pre-selection]( might be helpful to you.

By Kartik Agarwal user 05 Apr 2021 at 2:45 a.m. CDT

Kartik Agarwal gravatar
Hi Mohib, Thanks for your response. I am already using User pre-selection. But it only skip the gluu login page. If someone change the auth url and remove preselectedExternalProvider from it then he/she can see and use all available login options. So this User pre-selection method is not secure at all , its just for skipping one step and enhancing user experience.