[Koha-bugs] [Bug 28420] New: Allow login via AzureAD OpenID-Connect
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri May 21 17:49:56 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28420
Bug ID: 28420
Summary: Allow login via AzureAD OpenID-Connect
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: mark.jaroski at gmail.com
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
Hi,
At the World Health Organization our South-East Asian regional office uses Koha
for their regional library, with access by all WHO staff in the region and
selected staff worldwide.
Since local user databases can present a security risk we require that all
applications for staff be integrated with our identity provider which at the
moment is Microsoft's AzureAD.
AzureAD uses OpenID-Connect and is mostly drop-in compatible with Google's
implementation, with the exception that in order to construct the URLs both for
redirection and for validation you need to know the organization's Azure tenant
ID.
Because our system integrator is not interested in pursuing this integration
I've taken it on myself, and so I've set up a development environment and have
started working on the code. My plan is to set up the configuration parameters
and to then use them in a very slightly altered copy of the current
googleopenidconnect file.
I think in the long run it would be better to have a generic OpenID-Connect
configuration to allow integrations with other providers like Okta and
OneLogin, but we don't need for the moment that so for now I'll just add the
AzureAD provider. I'll read up on the rest of the contribution procedure, and
I'll be back with a patch/PR in a few days.
Best,
Mark
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list