Dear IBM Community members,

I hope this message finds you well. I am reaching out to seek assistance with integrating Daeja Viewer into a React JS application as part of our modernization efforts.

We currently use a legacy web application for indexing documents, with an ICN bookmark JSP URL in an iframe for viewing. We're transitioning to a microservice architecture with a React JS UI and Spring Boot backend services.

Our challenge lies in integrating the ICN bookmark JSP URL within the iframe, primarily due to SSO issues. Our application uses SAML SSO, while the React JS app uses OIDC OAuth SSO, resulting in double authentication.

We are keen on deploying Daeja Viewer separately to retrieve and display documents (with essential features like merge and split, annotations, and saving in FileNet). We're looking for ways to address the SSO challenge during this integration.

Could anyone share their experiences or provide insights on integrating Daeja Viewer with a React JS application, particularly concerning SSO issues?

Your guidance on potential pitfalls, best practices, or any resources would be invaluable as we navigate this process. Thank you in advance for your assistance!

Hi,

The cleanest path is usually not "React vs ICN," but "one Identity Provider, one user session."
Most enterprise IdPs can issue both SAML and OIDC for different relying parties. If you configure your legacy/ICN-facing apps as SAML SPs, and your new React app as an OIDC client,

you can often achieve a true single login because the IdP session is shared. In other words, the user authenticates once at the IdP, and both protocols benefit from that same session.

This is frequently the fastest way to remove the double-login experience without rewriting everything. If your enterprise constraint is that ICN must remain SAML while your new UI must be OIDC, check whether your IdP supports protocol bridging, or identity brokering / token exchange.

Dear IBM Community members,

I hope this message finds you well. I am reaching out to seek assistance with integrating Daeja Viewer into a React JS application as part of our modernization efforts.

We currently use a legacy web application for indexing documents, with an ICN bookmark JSP URL in an iframe for viewing. We're transitioning to a microservice architecture with a React JS UI and Spring Boot backend services.

Our challenge lies in integrating the ICN bookmark JSP URL within the iframe, primarily due to SSO issues. Our application uses SAML SSO, while the React JS app uses OIDC OAuth SSO, resulting in double authentication.

We are keen on deploying Daeja Viewer separately to retrieve and display documents (with essential features like merge and split, annotations, and saving in FileNet). We're looking for ways to address the SSO challenge during this integration.

Could anyone share their experiences or provide insights on integrating Daeja Viewer with a React JS application, particularly concerning SSO issues?

Your guidance on potential pitfalls, best practices, or any resources would be invaluable as we navigate this process. Thank you in advance for your assistance!

Hi Olivier,

Thank you for your response to my query. As per your response we are working with Okta team on protocol bridging or Identity brokering/token exchange possibilities or support. I will provide an update soon on our outcomes.

Regards

Naveen

Hi,

The cleanest path is usually not "React vs ICN," but "one Identity Provider, one user session."
Most enterprise IdPs can issue both SAML and OIDC for different relying parties. If you configure your legacy/ICN-facing apps as SAML SPs, and your new React app as an OIDC client,

you can often achieve a true single login because the IdP session is shared. In other words, the user authenticates once at the IdP, and both protocols benefit from that same session.

This is frequently the fastest way to remove the double-login experience without rewriting everything. If your enterprise constraint is that ICN must remain SAML while your new UI must be OIDC, check whether your IdP supports protocol bridging, or identity brokering / token exchange.

Dear IBM Community members,

I hope this message finds you well. I am reaching out to seek assistance with integrating Daeja Viewer into a React JS application as part of our modernization efforts.

We currently use a legacy web application for indexing documents, with an ICN bookmark JSP URL in an iframe for viewing. We're transitioning to a microservice architecture with a React JS UI and Spring Boot backend services.

Our challenge lies in integrating the ICN bookmark JSP URL within the iframe, primarily due to SSO issues. Our application uses SAML SSO, while the React JS app uses OIDC OAuth SSO, resulting in double authentication.

We are keen on deploying Daeja Viewer separately to retrieve and display documents (with essential features like merge and split, annotations, and saving in FileNet). We're looking for ways to address the SSO challenge during this integration.

Could anyone share their experiences or provide insights on integrating Daeja Viewer with a React JS application, particularly concerning SSO issues?

Your guidance on potential pitfalls, best practices, or any resources would be invaluable as we navigate this process. Thank you in advance for your assistance!