search

horilla-opensource / horilla

Horilla is a free and open source HR software.
https://www.horilla.com/
GNU Lesser General Public License v2.1
194 stars 134 forks source link

SAML Authentication #335

Open brendangibbs opened 1 month ago

brendangibbs commented 1 month ago

Feature Request

Description

SAML authentication capability, so that tools like Microsoft Entra can be leveraged to streamline user login and security

Use Case

Company members are required to perform MFA periodically, and their access to apps are also controlled via MS Entra. SAML would ensure that only authorized members can access sensitive data such as employee info etc.

VincentSC commented 3 days ago

Luckily there are more SAML-based identity providers than MS. :) Okta, Keycloak, Auth0, Google, OneLogin, etc.

I found that for Django there are several plugins available. https://www.google.com/search?q=Django+saml

What I saw in other HR-software, is that only manually created users are allowed to use SSO. But that makes is easier to implement than when user-creation is to be implemented. The unhappy flows (user in Horilla, but not in Id-provider - or the other way around) need some attention here, of course.

I don't know Django, but I can help with explanation about SAML, and later help with documentation.

justatechie commented 3 days ago

+1, especially for Okta integration!

horilla-opensource commented 2 days ago

Hi @VincentSC @justatechie Thanks for the suggestions. We are focusing on bringing these authentication methods in the next version of Horilla which is currently underway now.

With Regards, Team Horilla