ysfscream
commented
1 year ago Hi, sorry for my later reply. Do you mean that emqx supports ouath2?
Open EinarArnason opened 1 year ago
ysfscream
commented
1 year ago Hi, sorry for my later reply. Do you mean that emqx supports ouath2?
EinarArnason
commented
1 year ago Yes, I'm using keycloak for login and i would like to replace basic auth with oauth2.
ysfscream
commented
1 year ago Okay, maybe we can look into how to implement it. @zmstone
ounismohamed
commented
1 year ago Hello @ysfscream , I'm having the same problem as @EinarArnason , i can't disable login to the dashboard so i can use oauth2-proxy and a two step authentication is not pretty. Also i would be great to have some RBAC also on the dashboard (where we have roles from administrating emqx, for security, for development and for observability )
ysfscream
commented
1 year ago @ounismohamed Hi. Sorry about that. I record this issue. But for now, the dashboard is focusing on improving the user experience. This feature will be discussed and implemented after this optimization. For now, we can only continue to wait. Thank you for your patience.
stoetti
commented
4 months ago @ysfscream any updates on this issue? We really like EMQX but not having the possiblity to provide dashboard-access using our central Authorization Server starts creating overhead in the operations department.
zmstone
commented
4 months ago SSO is available in Enterprise edition. https://docs.emqx.com/en/enterprise/latest/dashboard/sso.html#single-sign-on-sso And RBAC with predefined roles: https://docs.emqx.com/en/enterprise/latest/dashboard/system.html#users
OIDC is not supported so far. Will bring it up in the next planning.
I really like to use emqx but what's missing for my setup is openid connect / oauth capability for the dashboard. I would otherwise use oauth2-proxy but there doesn't seem to be a way to disable login on emqx side, so it would end up as double login.