Implement Single Sign-On (SSO) Authentication with Azure Active Directory, GitHub, and Google

[bulik0071]

What would you like to see?

I would like to suggest a new feature for the implementation of Single Sign-On (SSO) authentication using Azure Active Directory, GitHub, and Google. This feature would enhance security and streamline the login process by allowing users to authenticate through these widely-used platforms.

Why it would be useful:

• Enhanced Security: Leveraging the security features of Azure AD, GitHub, and Google can help secure the authentication process.
• User Convenience: Users can sign in with their existing accounts without needing to remember additional passwords.
• Increased Adoption: Easier access might encourage more users to try out and continue using the platform.

This feature could potentially lead to higher user satisfaction and streamline workflows by reducing the barriers to entry. I believe that integrating SSO with these services would make a significant positive impact on the user experience.

[cope]

This would be awesome!

[CultusMechanicus]

Could we also keep a generic "read user from an Auth header" on the radar, as that would open up using basically any third party auth system. For instance, I have Open WebUI header-authenticating via a Cloudflare Access worker tied to Discord and GitHub.

[IamTaoChen]

I use Keycloak. it's better to support generic OIDC.

[ozoromo]

+1 on this feature, would make adoption into pre-existing environments much easier and make it easier for companies to use

[derkoe]

I think using https://authjs.dev/getting-started/installation?framework=express might be the best solution since it supports multiple auth methods. The library used in #1326 only supports Google.

[vipr0105]

+1, at times majority of documents sit in O365 and SSO/AD integration shall make things more simpler. We could call those documents directly into LLM, by automating the complete process instead of manually feeding via GUI.

[bmkor]

+1 Could also include LDAP auth which is commonly used in company environment.

[SeaDude]

Has this enhancement been started yet? If so, where can I follow / maybe contribute to its progress?

[jlmatus]

There's a PR from May that started implementing this (at least using google), but it hasn't been reviewed yet: https://github.com/Mintplex-Labs/anything-llm/pull/1326

[sheneman]

I just wanted to add that integrating Single Sign-On (SSO) with third-party authentication providers and OpenID Connect (OIDC) would greatly facilitate deploying this tool across our enterprise. In our case, we use OAuth and Azure Active Directory for authentication, along with Duo for multi-factor authentication (MFA).

I would personally love to see this feature request given a very high priority.

[chkrause]

Are there any updates available? When will the integration with authorisation providers available?

[SeaDude]

It would be HUGE to also implement Azure EntraID login to the DESKTOP app too.

The requirement to add an API key to use Azure Open AI is a blocker for many orgs.

(Of course the Docker image can be deployed centrally, but that in-turn introduces complexity.)

Imagine a world where enterprise users download a pre-vetted version of the AnythingLLM desktop app from the org's download center, login with their credentials, and now have access to the orgs Azure OpenAI.

That would basically be Enterprise ChatGPT...

[scooter7]

Hi, I'm also curious about this feature. It is the only thing I need before being able to implement AnythingLLM across my organization. Thanks!