Single sign-on (SSO) integration

Collapse
X
Collapse
 
  • Page of 2
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • Marvin P
    replied
    Hi there.

    I have a question.
    I’m currently working with EspoCRM 9.1.8 on my local environment.
    Is it possible to implement SSO with Outlook for regular users or portal users?

      Leave a comment:

    • yuri
      commented on 's reply
      No, unless you did customizations with authentication.
      • partomas
        replied
        Thank you yuri so much. What will need to be done when v7.4 version will come, just to avoid conflicts?

          Leave a comment:

        • yuri
          commented on 's reply
          Also enabling it on the login form will be needed:

          Login-handler framework · Issue #2446 · espocrm/espocrm
          https://github.com/espocrm/espocrm/issues/2446
          A framework providing the ability to call custom code on Sign-In button click on the login page. Metadata authenticationMethods > {MethodName}: { "login": { "handler": "my-module:handlers/login", "...

          espocrm/application/Espo/Resources/metadata/authenticationMethods/Oidc.json at master · espocrm/espocrm
          https://github.com/espocrm/espocrm/blob/master/application/Espo/Resources/metadata/authenticationMethods/Oidc.json#L4
          EspoCRM – Open Source CRM Application. Contribute to espocrm/espocrm development by creating an account on GitHub.
          • yuri
            replied
            This is the default one: https://github.com/espocrm/espocrm/b...erProvider.php. Bind a custom one with similar code but w/o the portal user restriction.

              Leave a comment:

            • yuri
              replied
              It's not supported as it indeed would have required more work to design it properly. There's too much to think out before implementing the solution that we are to support forever then. Currently there's the ability to provide a custom user-provider class so anybody can make portal users to work.

                Leave a comment:

              • partomas
                replied
                Anyway it would be big benefit if Portal users would support Single sign-on (SSO) in core, not as someone's extension. In this case external CRM users could use portal very easy on daily bases or easy get access if use time to time without "recover password" each time when try to connect.

                  Leave a comment:

                • esforim
                  commented on 's reply
                  I guess Portal User is not supported temporary (or permanent if there too much work).

                  Nothing stopping an coder to do a Pull Request though... but it might have been intentional to not support Portal so might have to be an extension instead.
                  • partomas
                    commented on 's reply
                    This feature very actual for portal users as well. Did I got correctly, that portal users will not be supported for now?
                    • yuri
                      replied
                      Coming in v7.3 https://github.com/espocrm/espocrm/issues/2455

                        Leave a comment:

                      • yuri
                        commented on 's reply
                        Please create a separate topic for questions like this. not in the feature request topic.
                        • jakplanasa
                          replied
                          Hi there,

                          1. Is it possible in Espo to have separate LDAP servers for each Espo portal? Does anyone has any experience?

                          2. Is it possible to configure Espo + Espo Portal to handle SSO in scenario with nginx preauth proxy + authentik/keycloak. E.g. User enters credentials on preauth proxy. Proxy checks in LDAP if credentials are valid then forwards request to Espo and user is logged in.

                          Currently we have to log in in preauth proxy and then user must enter credentials again. We’d like to avoid this effort for user. Can anyone help us with any piece of advice or clue where to start?

                            Leave a comment:

                          • alter
                            replied
                            Hi there, in case you want Google login or Microsoft login, I would recommend you integrate Auth0 (Auth0-PHP) within your EspoCRM instance - it's really helpful solution for achieving this type of authentication.

                              Leave a comment:

                            • partomas
                              replied
                              yuri how do you think is is possible to expect Single sign-on (SSO) integration of Google and Microsoft in nearest future?
                              Google and Microsoft is because it's most common used in business environment.

                                Leave a comment:

                              • emillod
                                replied
                                esforim thanks for mentioning me. There is an app keycloak which is open source and allow to manage identities. I thought about integrating this app with EspoCRM, but for now i can only add this to a queue of pending projects. Send ext is more like sharing solution which allow to share text and files. If we'll decide to create integration with sign-on, then for sure it'll NOT be part of this ext

                                Also i think that this feature should be added to EspoCRM, not through extension but by EspoCRM devs. It's great functionality.

                                  Leave a comment:

                                Previous 1 2 template Next
                                Working...