DokuWiki

It's better when it's simple

User Tools

Site Tools

Trace:
plugin:oauthazure

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
plugin:oauthazure [2022-10-11 15:56] andiplugin:oauthazure [2022-10-13 12:15] – [Configuration] LMS23
Line 29: Line 29:
 ===== Configuration ===== ===== Configuration =====
  
-Create a new Application in your Azure account, then configure the client ID, client secret and tenant.+Create a new Application in your Azure account, then configure
 +  * client ID (''Application (client) ID''de ''Anwendungs-ID (Client)''
 +  * client secret (''Value'' NOT ''Secret ID'', de ''Wert'' NICHT ''Geheime ID'')  
 +  * tenant (''Directory (tenant) ID'', de ''Verzeichnis-ID (Mandant)'')
  
 By default, the plugin will map roles found in the JWT auth token to groups. If you want to use the user's real groups in ACLs you need to enable the ''fetchgroups'' config. The plugin will request two additional permissions on top of the usual oAuth scopes: ''User.Read'' and ''GroupMember.Read.All''. By default, the plugin will map roles found in the JWT auth token to groups. If you want to use the user's real groups in ACLs you need to enable the ''fetchgroups'' config. The plugin will request two additional permissions on top of the usual oAuth scopes: ''User.Read'' and ''GroupMember.Read.All''.
Line 35: Line 38:
  
 {{ :plugin:oauthazure.png }} {{ :plugin:oauthazure.png }}
 +
 +Assign the group "azure" to the users, then you can log in directly with it.
  
 ===== Development ===== ===== Development =====
plugin/oauthazure.txt · Last modified: 2024-02-08 09:04 by LMS23
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki

Global DokuWiki Links