[Koha-bugs] [Bug 28420] New: Allow login via AzureAD OpenID-Connect

Fri, 21 May 2021 08:50:05 -0700 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28420

            Bug ID: 28420
           Summary: Allow login via AzureAD OpenID-Connect
 Change sponsored?: ---
           Product: Koha
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: Authentication
          Assignee: [email protected]
          Reporter: [email protected]
        QA Contact: [email protected]
                CC: [email protected]

Hi,

At the World Health Organization our South-East Asian regional office uses Koha
for their regional library, with access by all WHO staff in the region and
selected staff worldwide.

Since local user databases can present a security risk we require that all
applications for staff be integrated with our identity provider which at the
moment is Microsoft's AzureAD. 

AzureAD uses OpenID-Connect and is mostly drop-in compatible with Google's
implementation, with the exception that in order to construct the URLs both for
redirection and for validation you need to know the organization's Azure tenant
ID.

Because our system integrator is not interested in pursuing this integration
I've taken it on myself, and so I've set up a development environment and have
started working on the code. My plan is to set up the configuration parameters
and to then use them in a very slightly altered copy of the current
googleopenidconnect file.

I think in the long run it would be better to have a generic OpenID-Connect
configuration to allow integrations with other providers like Okta and
OneLogin, but we don't need for the moment that so for now I'll just add the
AzureAD provider. I'll read up on the rest of the contribution procedure, and
I'll be back with a patch/PR in a few days.

Best,

Mark

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

Reply via email to