It would be nice to have Single sign-on (SSO) integration of Google and Microsoft accounts to regular and portal users.
Announcement
Collapse
No announcement yet.
Single sign-on (SSO) integration
Collapse
X
-
Offtopic, I wonder if you can adopt this extension to your needs? https://devcrm.it/send
It can do expire date but I don't think it can do single sign-on yet, perhaps emillod can add to do list.
However it isn't a portal system though... it more of filesharing/message sharing.
-
esforim thanks for mentioning me. There is an app keycloak which is open source and allow to manage identities. I thought about integrating this app with EspoCRM, but for now i can only add this to a queue of pending projects. Send ext is more like sharing solution which allow to share text and files. If we'll decide to create integration with sign-on, then for sure it'll NOT be part of this ext
Also i think that this feature should be added to EspoCRM, not through extension but by EspoCRM devs. It's great functionality.
- Likes 1
Comment
-
Hi there,
1. Is it possible in Espo to have separate LDAP servers for each Espo portal? Does anyone has any experience?
2. Is it possible to configure Espo + Espo Portal to handle SSO in scenario with nginx preauth proxy + authentik/keycloak. E.g. User enters credentials on preauth proxy. Proxy checks in LDAP if credentials are valid then forwards request to Espo and user is logged in.
Currently we have to log in in preauth proxy and then user must enter credentials again. We’d like to avoid this effort for user. Can anyone help us with any piece of advice or clue where to start?
​
- Likes 1
Comment
-
Anyway it would be big benefit if Portal users would support Single sign-on (SSO) in core, not as someone's extension. In this case external CRM users could use portal very easy on daily bases or easy get access if use time to time without "recover password" each time when try to connect.
Comment
-
It's not supported as it indeed would have required more work to design it properly. There's too much to think out before implementing the solution that we are to support forever then. Currently there's the ability to provide a custom user-provider class so anybody can make portal users to work.
Comment
-
This is the default one: https://github.com/espocrm/espocrm/b...erProvider.php. Bind a custom one with similar code but w/o the portal user restriction.
- Likes 2
Comment
-
Also enabling it on the login form will be needed:
A framework providing the ability to call custom code on Sign-In button click on the login page. Metadata authenticationMethods > {MethodName}: { "login": { "handler": "my-module:handlers/login", "...
Comment