How to get users to make an account on my Cloudron so that they can use SSO for their Group's apps?
-
Hello!
I'm getting Matrix/Element, Peertube, and possibly Nextcloud installed in order to demonstrate the apps, and Cloudron, to a group of coworkers. How have you gotten them signed up IN the Cloudron so that they can just login to the other SSO apps? It's important that this is seamless, and uncomplicated (or they will stick with O365).I just signed up a dummy account in Element, but the user doesn't appear in the Cloudron, so I realized that I need to get them in the Cloudron first. I don't want to manually add them, not invite them, because one reason for promoting Cloudron and Matrix/Element, etc., is that things are decentralized. I realized I am administering the Cloudron, of course, but they will ask, "if you have to get us in, what's the difference between Cloudron and O365?"
Is there an app in the App Store that adds a registered user to the Cloudron User List? Or is there a "sign up" form for my Cloudron that I've missed?
Much thanks.
-
@scooke said in How to get users to make an account on my Cloudron so that they can use SSO for their Group's apps?:
"if you have to get us in, what's the difference between Cloudron and O365?"
The main difference is that more apps integrate with Office 365, than there are that integrate with Cloudron (/s, of sorts).
The main problem is that the identity of a user always needs to be stored somewhere, e.g. with with your Cloudron, LDAP or externally at Microsoft/Facebook/Google/Apple. While there are protocols and concepts to federate access to identities, in the end these big external parties make it easy for externals to integrate against them, because they have a monetary interest of binding you and their identity to your business.
"if you have to get us in, what's the difference between Cloudron and O365?"
Another way to answer this is: For one option Microsoft controls their identity and what they can access, for the other options its you as the Cloudron admin.
@scooke said in How to get users to make an account on my Cloudron so that they can use SSO for their Group's apps?:
Is there an app in the App Store that adds a registered user to the Cloudron User List? Or is there a "sign up" form for my Cloudron that I've missed?
There has been previous discussion about this in https://forum.cloudron.io/topic/2902/automated-user-registration and a post linked from there.
Edit: Some more substance. Bits related to this discussion can be found in the "SSO" discussion topics here on the forum, but in the end it comes down to that applications need to support a form of external login such as OpenID Connect (modern token based, is used under the hood when logging into Microsoft & Co.) or SAML (older protocol, xml and certificate based, still very popular in enterprise environments; SAML is for example used to integrate an external identity provider with Google Apps).
-
@fbartels said in How to get users to make an account on my Cloudron so that they can use SSO for their Group's apps?:
There has been previous discussion about this in https://forum.cloudron.io/topic/2902/automated-user-registration and a post linked from there.
Yeah, plus the thread I started asking for this https://forum.cloudron.io/topic/2068/open-registration/1
(which is indeed linked from there).
I think @Sam_uk has been doing some work on this too, be interesting to here where he got with that?
I'd still really something like this! Basically I want anyone to be able to apply to join my Cloudron and then User Managers and Admin to be able to approve their request (or not).
-
@jdaviescoates And it would be cool if the sign up page could be customizable, with an appearance like the Element sign up page (customizable image background) rather than a bland rectangular box sign up. Something that tells them... You are about to enter an incredible place!
