I've got some external users in another system that may/may not be using OWIN. (I've actually got this problem in a couple projects) I'm trying to solve this with IdentityServer4 and it's Authorize Endpoint but want to make sure I'm on the right path.
Our goal is to have users click a link in the external app and be redirected to IdentityServer4. I would like IdentityServer4 to authorize users coming in from this endpoint, add a particular role or claim, and allow them into the clients without presenting a login screen. Is this possible? I'm having trouble finding examples.
Identity Server 4 Authorization Code Flow example
This is the closest I could find, but we're looking for a framework agnostic solution that doesn't involve modifying the external apps, as I don't have access to their source code in all instances.
I'm looking for a flow like this: User goes to https://someexternalapp.com, clicks a published link like https://identityserver.myapp.com/authorize?requestSecret=asdf1234&username=bob and is redirected to https://identityserver.myapp.com/external?token=dasdfasdf where the claims are issued, and finally redirected to https://someclient.myapp.com with authorization.
Am I on the right track? I'd hate to waste much more time on this and end up at a dead end, could anybody point me in the right direction?
