documentation publik oidc
This commit is contained in:
parent
84081d571c
commit
c3f26e31c1
BIN
doc/sources/admin/applications/logo-publik.png
Normal file
BIN
doc/sources/admin/applications/logo-publik.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 6.8 KiB |
53
doc/sources/admin/applications/publik.rst
Normal file
53
doc/sources/admin/applications/publik.rst
Normal file
|
@ -0,0 +1,53 @@
|
|||
Publik
|
||||
=======
|
||||
|
||||
|image0|
|
||||
|
||||
Presentation
|
||||
------------
|
||||
|
||||
Publik is an open-source citizen relationship management tool.
|
||||
|
||||
See `the official Publik website <https://publik.entrouvert.com/>`__ for a
|
||||
complete presentation.
|
||||
|
||||
It feature an OpenID Connect login that work with LemonLDAP::NG.
|
||||
|
||||
Configuring Publik
|
||||
-------------------
|
||||
|
||||
Connect to your publik instance authentic2 webui with an Admin user, in the admin panel, go to "Authentic2_Auth_Oidc" › "Oidc providers".
|
||||
|
||||
Click on "Add Oidc Provider".
|
||||
|
||||
* Nom : LemonLDAP SSO
|
||||
* Identifiant court : lemonldap
|
||||
* Émetteur : https://auth.example.com/
|
||||
* client id : clientid
|
||||
* client secret : secret
|
||||
* authorization endpoint : https://auth.example.com/oauth2/authorize
|
||||
* token endpoint : https://auth.example.com/oauth2/token
|
||||
* userinfo endpoint : https://auth.example.com/oauth2/userinfo
|
||||
* end session endpont : https://auth.example.com/oauth2/logout
|
||||
* WebKey JSON : Copy/Paste the content of https://auth.example.com/oauth2/jwks
|
||||
* Claims Enabled : yes
|
||||
* Show on connection page : yes
|
||||
|
||||
Strategy and Collectivity can be configured based to your needs.
|
||||
|
||||
OIDC Claim mappings can be configured based on your needs.
|
||||
|
||||
Configuring LemonLDAP
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
We now have to configure LemonLDAP::NG to recognize publik as a valid OIDC relying party.
|
||||
|
||||
Add a :doc:`new OpenID Connect relying party<..//idpopenidconnect>`
|
||||
with the following parameters (Options -> Basic) :
|
||||
|
||||
* **Client ID**: the same you set in Publik configuration.
|
||||
* **Client Secret**: the same you set in Publik configuration.
|
||||
* **Allowed redirection addresses for login**: The "Callback URL" for authentic2 : https://authentic2-instance/accounts/oidc/callback/
|
||||
|
||||
.. |image0| image:: /applications/logo-publik.png
|
||||
:class: align-center
|
Loading…
Reference in New Issue
Block a user