[midPoint] OIDC server choice

Yakov Revyakin yrevyakin at gmail.com
Fri May 12 15:43:37 CEST 2023


And also Keycloak supports both OIDC & SAML. Midpoint-Keycloak SAML
authentication works fine.

On Wed, 10 May 2023 at 12:51, Fabian Noll-Dukiewicz via midPoint <
midpoint at lists.evolveum.com> wrote:

> Hi,
>
>
>
> I think Keycloak is a good choice. It is also Open Source like midPoint
> and fulfills your requirements. It also gives a midPoint connector for
> Keycoak.
>
>
>
> Kind regards,
>
> Fabian
>
>
>
> --
>
> *Fabian Noll-Dukiewicz*
>
> *Spezialist Identity & Access Management | Geschäftsführer*
>
> Tel.: +49 152 244 63 211
>
> Email: fabian.noll-dukiewicz at veryfy.gmbh
>
> Web: https://veryfy.gmbh
>
>
>
>
>
> *Von: *midPoint <midpoint-bounces at lists.evolveum.com> im Auftrag von
> Mihaela Chahesku via midPoint <midpoint at lists.evolveum.com>
> *Datum: *Mittwoch, 10. Mai 2023 um 10:08
> *An: *midPoint General Discussion <midpoint at lists.evolveum.com>
> *Cc: *Mihaela Chahesku <j-mdp at odd.systems>
> *Betreff: *Re: [midPoint] OIDC server choice
>
> Hello.
>
> Our company uses custom web applications with their own user databases,
> but there are ongoing plans to rewrite them to support OIDC.
>
> At the same time, we want to implement a single IDM (presumably
> Midpoint) for mentioned apps, for VPNs (shell connector), mail (sql
> connector), onlyoffice (SSO/SAML, probably via the same OIDC server),
> and later jira, jitsi.
>
> The choice of AM/IDM components (particularly, OIDC server) is up to us.
>
> We would like to avoid LDAP (or even worse, AD), if possible.
>
> Cheers,
> MC
>
> On 5/10/23 09:40, Fabian Noll-Dukiewicz wrote:
> > Hi Mihaela,
> >
> > I think it depends on your architecture and what do you want to do. In
> > our scenario we have midPoint àActive Directory àKeycloak. midPoint
> > creates the users in Active Directory and via a synchronization between
> > AD and Keycloak the users are available in Keycloak. The Keycloak is
> > used by an Webapplication to authenticate the users.
> >
> > If you have a cloud application like Azure that supports OIDC your
> > solution will be another. So please let us know what is your goal and
> > then we can find the right server for you. Or at least a suggestion.
> > What are your requirements for the server?
> >
> > Kind regards,
> >
> > Fabian
> >
> > --
> >
> > *Fabian Noll-Dukiewicz*
> >
> > /Spezialist Identity & Access Management | Geschäftsführer/
> >
> > Tel.: +49 152 244 63 211
> >
> > Email: fabian.noll-dukiewicz at veryfy.gmbh
> >
> > Web: https://veryfy.gmbh <https://veryfy.gmbh>
> >
> > *Von: *midPoint <midpoint-bounces at lists.evolveum.com> im Auftrag von
> > Mihaela Chahesku via midPoint <midpoint at lists.evolveum.com>
> > *Datum: *Dienstag, 9. Mai 2023 um 19:36
> > *An: *midpoint at lists.evolveum.com <midpoint at lists.evolveum.com>
> > *Cc: *Mihaela Chahesku <j-mdp at odd.systems>
> > *Betreff: *[midPoint] OIDC server choice
> >
> > Hello.
> >
> > Which OIDC server is known to work with Midpoint using existing
> connectors?
> >
> > Cheers,
> > MC
> > _______________________________________________
> > midPoint mailing list
> > midPoint at lists.evolveum.com
> > https://lists.evolveum.com/mailman/listinfo/midpoint
> > <https://lists.evolveum.com/mailman/listinfo/midpoint>
> >
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230512/7064b46d/attachment.htm>


More information about the midPoint mailing list