[pve-devel] SSO (OAuth2 / OpenID Connect) support in Proxmox 2020/2021?
Victor Hooi
victorhooi at yahoo.com
Thu Nov 12 18:55:21 CET 2020
Hi,
Is there any update on SSO support in Proxmox?
I know there was an earlier thread asking about OAuth2 from 2018:
https://lists.proxmox.com/pipermail/pve-devel/2018-March/031317.html
and they mentioned it might be possible to swap in a Perl OAuth2 module.
I don't know much about Perl or its ecosystem, but I just Googled and found
these two:
https://metacpan.org/changes/distribution/LWP-Authen-OAuth2
https://metacpan.org/pod/Net::OAuth2
Our use case is to use Google as the OAuth2 endpoint, so that users can
authenticate against their Google/Gmail account - in fact I saw there's
even a specific module for that:
https://metacpan.org/pod/LWP::Authen::OAuth2::ServiceProvider::Google
On the SAML front I saw this forum thread:
https://forum.proxmox.com/threads/http-authentication-saml-single-sign-on.33701/
https://bugzilla.proxmox.com/show_bug.cgi?id=1583
(SAML seems less in vogue these days, and OAuth2, OpenID-Connect are more
used - e.g.:
https://developers.google.com/identity/protocols/oauth2/openid-connect
Is support for something like this possible to add to Proxmox?
Thanks,
Victor
More information about the pve-devel
mailing list