OpenID Connect Authentication

pglombardo / PasswordPusher

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

https://docs.pwpush.com

Apache License 2.0

2.05k stars 353 forks source link

OpenID Connect Authentication #410

Open Viajaz opened 2 years ago

Viajaz commented 2 years ago

It would be useful to support OpenID Connect for authentication, this would have a number of benefits:

Allows for Single Sign-On support against standards compliant OIDC Identity Providers.
Allows for outsourcing of user provisioning, authentication and authorization functionality to Identity Providers. This could allow for multi-factor authentication and improved and centralised authentication logging.

Viajaz commented 1 year ago

@pglombardo With the URL and File features only available with logins enabled, have you reviewed this issue in respect to those features? Is this on any roadmap?

We currently run it in anonymous mode but we use a reverse proxy to split the generation portal, and the password view code, onto separate domains and protect the first with an Azure Application Proxy.