Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🚀 [Feature] Single Sign On - LDAP / SAML support #3200

Open
Tirokk opened this issue Oct 5, 2020 · 4 comments
Open

🚀 [Feature] Single Sign On - LDAP / SAML support #3200

Tirokk opened this issue Oct 5, 2020 · 4 comments
Assignees
@ulfgebhardt
Labels
feature Github Import
Milestone
🏃 The Sprint afte...

Comments

@Tirokk
Copy link
Member

Tirokk commented Oct 5, 2020

hermann-san Authored by hermann-san
Mar 4, 2020

🚀 Feature

in order to integrate with other applications like Synapse/ Matrix / Riot or Loomio consensations , it would required support for single sign on authentication or user directory like LDAP and / or SAML

User Problem

removing the need to create multiple accounts for apps that may be integrated in the future with Human Connection. Need to register several times with different web applications and sign in to multiple tools individually with separate log-in's,

Implementation

It should be implemented on the Human Connections server as an interface or API to other applications. External applications should be able to contact the HC server for user authentication.
Sample integration between Synapse and LDAP or SAML with Synnapse or Loomio
PAM SSO or Linux SSO for true single sign on (only one time login for multiple applications)

  • According to Robert, the Human Connections-interface is using JWT - JSON Web Tokens instead of SAML
  • Auth0 Open Source projects for Javascript (JWT and SAML) link
  • Differences between OAUTH 2.0 vs. SAML vs. Open Connect ID (JWT)
  • JWT and SAML work with authentication services like Auth0 (open source / commercial ) OneLogin or MS- Teams. Fairmove is also using SAML for SSO. They have offered NGO's help with solving technical problems. Maybe they can help with this integration.
  • Mattermost supports SAML 2.0 + oob integraiton with Okta, OneLogin, LDAP, ADopenid-connect-and-saml/)
  • Fairkom is offering an SSO services Fairlogin which may be used with third party applications. Potentially , Fairapps can also be used with this login. They plan to add Riot/Synapse to Fairapps

Design & Layout

SAML Info from UCS website (german)
Info on SSO with Rest vs. SOAP

Auswahl_039

Auswahl_001

Auswahl_003

Auswahl_004

Validation

log-in / log-out works

Additional context
@Tirokk Tirokk mentioned this issue Oct 6, 2020
Closed
@Tirokk
Copy link
Member Author

Tirokk commented Oct 7, 2020

Tirokk Authored by Tirokk
Mar 5, 2020

Wonderful @hermann-san that you opened this issue and gave all these informations.
Thanks a lot dear!!!

Our chat issue is #38 .

@Tirokk
Copy link
Member Author

Tirokk commented Oct 7, 2020

stale[bot] Authored by stale[bot]
Jun 2, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@Tirokk
Copy link
Member Author

Tirokk commented Oct 7, 2020

Tirokk Authored by Tirokk
Jun 3, 2020

Not stale

@Tirokk
Copy link
Member Author

Tirokk commented Mar 28, 2023

Kal El of helfa.org suggests:

@Tirokk Tirokk mentioned this issue Nov 20, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ulfgebhardt ulfgebhardt

Labels
feature Github Import
Projects
None yet
Milestone
🏃 The Sprint after that...
Development

No branches or pull requests
3 participants
@ulfgebhardt @Mogge @Tirokk