Spotfire Ideas Portal
When authenticating from the Spotfire client that uses OpenId for Authentication to Azure, a web page is left open that the user must close manually, degrading the user experience.
Ideally, the client should check for user session and if OK then AUTH and Open the client with no additional interaction. Only if no session was found, should it then prompt the user for credentials.
SSO is not really SSO when the user has to interact with the application to proceed.
Hi Miguel,
Spotfire client opens the users default browser app for the sign-in to the OpenId auth, in my case, Azure. Even if the sign in is not required as the user has a session, the web page remains.
Hi Jens,
I understand the explanation offered. Is there no a method to make the client session call the Auth in the background, and if no token found then launch the page?
The Spotfire Analyst needs to launch a browser in order for the user to authenticate (when using OpenID Connect and similar). If the user has a valid session with the provider in the default browser then there's no need for additional user interaction to perform the actual authentication (and the Spotfire Analyst acts automatically when it receives the response).
Closing the browser window after the authentication finishes is generally not possible since most browsers prevent that.
The user experience may be significantly improved for returning users by allowing users to save their login information (which in this case means saving a refresh token).
Hi Dave,
Thanks for the feedback.
When you say: "a web page is left open that the user must close manually", is that page from Spotfire / Azure / custom ?
Thanks