Automatic Login for Externally Authenticated Users
-
Is there a way to present either a Cloudron username+password, username+temporary app password or web token in a GET or POST request
to allow a user to log into their Cloudron account (preferred) or individually to each app?I have a PHP application with 2FA required to authenticate users and once they are authenticated, I would like to give them the option of navigating to their Cloudron dashboard or individual apps without a login screen. A simple use case would be presenting a navigation menu item (Email), and when the user selected this option, a new window would open {SoGo, SnappyMail or Roundcube) with the user already logged into their email account.
Any suggestions?
Other Considerations: Main PHP application does not have LDAP. Application and Cloudron accounts will be linked by same username. Cloudron API App Passwords (https://docs.cloudron.io/api.html#tag/App-Passwords) seems helpful (if login could be automatic), but there is no time-based expiration on app passwords like JWTs.
-
I think to automatically login to SoGO/SnappyMail/Roundcube requires assistance from those apps. Currently, those apps use LDAP/IMAP authentication internally to auth a user. So, you have to implement an authentication scheme in those apps itself to let you login as the right user/mailbox .
I got a few hits for roundcube + jwt + sso , so maybe you can explore those.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login