yorek
commented
1 year ago We should also integrate with https://learn.microsoft.com/en-us/azure/active-directory-b2c/overview, in case it is not already working.
Open yorek opened 1 year ago
yorek
commented
1 year ago We should also integrate with https://learn.microsoft.com/en-us/azure/active-directory-b2c/overview, in case it is not already working.
seantleonard
commented
1 year ago @yorek, to clarify, this ask is for non-hosted scenario, yes? EasyAuth allows configuring generic OpenID Connect providers which should include the providers that you mention.
Update -> Ah, I see this clarified in the description. This is for on-prem scenarios.
olissao
commented
7 months ago Hi @yorek @seantleonard what is the status of Bring your own IDP i.e. using a generic ODIC provider?
Summary
Increase the number of Authentication providers supported
Motivation
Right now, only EasyAuth and Azure AD are supported. Common authentication providers like Auth0 and in general support for any provider compatible with the OAuth2 protocol should be provided. This would eneable also on-prem users to use custom or third party OAuth2 providers they trust.
Functional Specifications
Using the
jwtsection in the configuration file it will be possible to specify, like already implemented,issuerthat will be used to validate the token receivedaudiencethat will be used to determine the used/required scopethere will be also the ability to specify where the role claims can be found using a dedicated option
roles.pathwill allow to specify JSON path where roles are in the received JWT token.For example, for an Azure AD token the
roles.pathwould berolesPrior Work
A discuss arone the topic was started in #719