mdevaev
commented
3 years ago This is a good idea, but the current plugin interface does not yet allow you to do something like this. However, nothing prevents you from refining this interface. While I do not have time for this feature due to the release of v3 and H264, I will leave it for the future.
Is your feature request related to a problem? Please describe. Plain username/password authentication offers little in the way of security these days. Not easy to integrate Pi-KVM with existing multi-factor authentication platform such as Okta, Azure etc.
Describe the solution you'd like Fully customizable SAML 2.0/Open ID Connect Integration. I would drop a URL to my identity provider metadata somewhere in a YAML file that contains all the signing certificates, etc. Instead of showing a login page when I browse to the kvm it would redirect me to the Sign In URL from my data with a SAML request in tow. After logging in at my identity provider it would redirect me back to the KVM with an response. Once the response is validated I'd be taken right into the console without an authentication prompt.
Describe alternatives you've considered N/A
Additional context N/A