March 17, 2016 at 11:22 pm #8680wshenParticipant
I had a similar question posted several weeks ago, and hadn’t got an elegant solution either. (https://forgerock.org/topic/auto-consent-with-oidc-client/), and voted on the JIRA ticket.
I agree with Tom that adding additional “auto-consent” field on client registration (OAuth2 client agent) to be set on per client basis will be ideal.
I’m not sure modifying openam source code is a good idea, since it will affect all realms/users managed by openam.
-WeiMarch 18, 2016 at 12:17 am #8681Tom KoffordParticipant
I just added a comment with our implementation details to the Jira issue referenced earlier in the thread. Would love feedback. Not sure if the Jira ticket or this forum is the best place for feedback. I guess I’ll see either one.August 4, 2016 at 4:20 pm #12448
Tom, we implemented exactly the solution you proposed in a project recently, build on OpenAM 12. The reason we didn’t adopt Bill’s solution of pre-populating the relevant attributes in the directory in this case was similar to yours – the directory is (largely) already provisioned with many entries, and while we could add the attributes to provisioning of new users, there were issues with updating the many existing users.
When I say we implemented exactly the solution you proposed, I do mean exactly – I lifted your code from the FR Jira ticket, and it’s working perfectly. Since I lifted your code, I thought it only appropriate to thank you on this thread!
AndyAugust 31, 2016 at 6:43 pm #12849Miguel FParticipant
I guys! You might know this already but just in case. This feature (“Skip user consent” for OAuth2) is supported officially in OpenAM 13.5+. :-)
Regards!September 2, 2016 at 1:16 am #12868Tom KoffordParticipant
That was a fast turn-around! We just updated our production OpenAM to 13.5 a couple of days ago. So far, so good.November 21, 2016 at 12:05 pm #14370
FYI, we’ve implemented the new auto Skip user consent feature in 13.5 in a project currently in test, go live Jan next year. Works flawlessly.April 17, 2019 at 11:36 am #25634sasidhar_bssrbgParticipant
I am working openam oauth flow, but i am not getting user consent page after user authentication
i have configured remote consent and created the agent profile for remote consent and enable remote consent in oauth provider, how to get consent page?
i am using AM6.5
SasidharMay 1, 2019 at 3:24 pm #25707
When you say you’ve enabled remote consent in oauth provider… requiring explicit consent is the default behaviour, you don’t have to do anything to get the consent page. If you’ve configured something different in the OAauth2 provider, check you haven’t actually configured ‘skip user consent’, and done the same in the OAuth2 profile. If you have, then suppressing the consent page is the expected behaviour.
You must be logged in to reply to this topic.